| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop mit Windows 8 64 bit - RegClean Pro entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.06.2013, 21:40
| #1 |
 |  Laptop mit Windows 8 64 bit - RegClean Pro entfernen Hi, habe ein Laptop mit Windows 8 64bit, welches RegClean Pro enthält hier. Benötige beim Entfernen Hilfe. Aufgrund des Threads "http://www.trojaner-board.de/69886-a...beachten.html" habe ich bereits Defogger, OTL und GMER auf dem betroffenen Gerät ausgeführt. Anhang 56381 |
|
13.06.2013, 22:16
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Laptop mit Windows 8 64 bit - RegClean Pro entfernen  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.06.2013, 15:58
| #3 |
| | Laptop mit Windows 8 64 bit - RegClean Pro entfernen Hi,
__________________ich hatte die Logfiles in den Code-Tags. Die Forensoftware hat mir beim Absenden des Beitrags angezeigt, dass er zuviele Zeichen hätte. |
|
14.06.2013, 16:02
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop mit Windows 8 64 bit - RegClean Pro entfernen Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten! Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.06.2013, 16:41
| #5 |
| | Laptop mit Windows 8 64 bit - RegClean Pro entfernen Ich hatte bevor ich den RegClean entdeckte (er zeigte sich nicht sofort) den bereits installierten AVIRA und danach zusätzlich noch den Malwarebytes laufen lassen. Die Logfiles hab ich leider vergessen hier mit anzuhängen. Der AVIRA hat 6 Funde. Malwarebytes hat danach auch noch 9 Funde gemeldet. Das hol ich mit diesem Beitrag nach. Code:
ATTFilter Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 13. Juni 2013 19:08
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 8
Windowsversion : (plain) [6.2.9200]
Boot Modus : Normal gebootet
Benutzername : Manz
Computername : HAUS
Versionsinformationen:
BUILD.DAT : 13.0.0.3640 54852 Bytes 18.04.2013 13:29:00
AVSCAN.EXE : 13.6.0.1262 636984 Bytes 06.05.2013 08:58:01
AVSCANRC.DLL : 13.4.0.360 64800 Bytes 27.03.2013 17:17:25
LUKE.DLL : 13.6.0.1262 65080 Bytes 06.05.2013 08:58:41
AVSCPLR.DLL : 13.6.0.1262 92216 Bytes 06.05.2013 08:58:01
AVREG.DLL : 13.6.0.1262 247864 Bytes 06.05.2013 08:57:59
avlode.dll : 13.6.2.1262 432184 Bytes 06.05.2013 08:57:57
avlode.rdf : 13.0.1.12 25921 Bytes 16.05.2013 17:19:23
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 17:14:31
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 16:28:47
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 17:12:35
VBASE003.VDF : 7.11.80.61 2048 Bytes 28.05.2013 17:12:35
VBASE004.VDF : 7.11.80.62 2048 Bytes 28.05.2013 17:12:36
VBASE005.VDF : 7.11.80.63 2048 Bytes 28.05.2013 17:12:36
VBASE006.VDF : 7.11.80.64 2048 Bytes 28.05.2013 17:12:37
VBASE007.VDF : 7.11.80.65 2048 Bytes 28.05.2013 17:12:37
VBASE008.VDF : 7.11.80.66 2048 Bytes 28.05.2013 17:12:37
VBASE009.VDF : 7.11.80.67 2048 Bytes 28.05.2013 17:12:37
VBASE010.VDF : 7.11.80.68 2048 Bytes 28.05.2013 17:12:37
VBASE011.VDF : 7.11.80.69 2048 Bytes 28.05.2013 17:12:37
VBASE012.VDF : 7.11.80.70 2048 Bytes 28.05.2013 17:12:37
VBASE013.VDF : 7.11.80.71 2048 Bytes 28.05.2013 17:12:37
VBASE014.VDF : 7.11.81.57 145408 Bytes 29.05.2013 17:12:41
VBASE015.VDF : 7.11.81.137 130048 Bytes 30.05.2013 17:12:42
VBASE016.VDF : 7.11.81.255 207360 Bytes 31.05.2013 11:16:01
VBASE017.VDF : 7.11.82.91 156160 Bytes 03.06.2013 17:35:45
VBASE018.VDF : 7.11.82.169 220160 Bytes 04.06.2013 08:57:07
VBASE019.VDF : 7.11.83.27 325632 Bytes 06.06.2013 11:38:34
VBASE020.VDF : 7.11.83.121 320512 Bytes 07.06.2013 19:18:05
VBASE021.VDF : 7.11.83.210 244736 Bytes 10.06.2013 18:45:15
VBASE022.VDF : 7.11.84.59 333824 Bytes 12.06.2013 17:07:24
VBASE023.VDF : 7.11.84.60 2048 Bytes 12.06.2013 17:07:24
VBASE024.VDF : 7.11.84.61 2048 Bytes 12.06.2013 17:07:24
VBASE025.VDF : 7.11.84.62 2048 Bytes 12.06.2013 17:07:24
VBASE026.VDF : 7.11.84.63 2048 Bytes 12.06.2013 17:07:24
VBASE027.VDF : 7.11.84.64 2048 Bytes 12.06.2013 17:07:24
VBASE028.VDF : 7.11.84.65 2048 Bytes 12.06.2013 17:07:24
VBASE029.VDF : 7.11.84.66 2048 Bytes 12.06.2013 17:07:25
VBASE030.VDF : 7.11.84.67 2048 Bytes 12.06.2013 17:07:25
VBASE031.VDF : 7.11.84.136 142848 Bytes 13.06.2013 17:07:25
Engineversion : 8.2.12.60
AEVDF.DLL : 8.1.3.4 102774 Bytes 13.06.2013 17:07:27
AESCRIPT.DLL : 8.1.4.122 487806 Bytes 13.06.2013 17:07:27
AESCN.DLL : 8.1.10.4 131446 Bytes 27.03.2013 17:17:04
AESBX.DLL : 8.2.5.12 606578 Bytes 27.03.2013 17:17:04
AERDL.DLL : 8.2.0.128 688504 Bytes 13.06.2013 17:07:26
AEPACK.DLL : 8.3.2.16 754041 Bytes 11.06.2013 16:53:29
AEOFFICE.DLL : 8.1.2.56 205180 Bytes 27.03.2013 17:17:03
AEHEUR.DLL : 8.1.4.412 5955962 Bytes 13.06.2013 17:07:26
AEHELP.DLL : 8.1.27.2 266617 Bytes 04.06.2013 17:31:25
AEGEN.DLL : 8.1.7.4 442741 Bytes 08.05.2013 08:38:34
AEEXP.DLL : 8.4.0.34 201079 Bytes 04.06.2013 17:31:46
AEEMU.DLL : 8.1.3.2 393587 Bytes 27.03.2013 17:17:00
AECORE.DLL : 8.1.31.2 201080 Bytes 27.03.2013 17:16:59
AEBB.DLL : 8.1.1.4 53619 Bytes 27.03.2013 17:16:59
AVWINLL.DLL : 13.6.0.480 26480 Bytes 27.03.2013 17:15:47
AVPREF.DLL : 13.6.0.480 51056 Bytes 27.03.2013 17:17:24
AVREP.DLL : 13.6.0.480 178544 Bytes 27.03.2013 17:17:59
AVARKT.DLL : 13.6.0.1262 258104 Bytes 06.05.2013 08:57:45
AVEVTLOG.DLL : 13.6.0.1262 164920 Bytes 06.05.2013 08:57:54
SQLITE3.DLL : 3.7.0.1 397704 Bytes 27.03.2013 17:17:50
AVSMTP.DLL : 13.6.0.480 62832 Bytes 27.03.2013 17:17:26
NETNT.DLL : 13.6.0.480 16240 Bytes 27.03.2013 17:17:43
RCIMAGE.DLL : 13.4.0.360 4780832 Bytes 27.03.2013 17:15:48
RCTEXT.DLL : 13.6.0.976 69344 Bytes 27.03.2013 17:15:48
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Manuelle Auswahl
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\folder.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Donnerstag, 13. Juni 2013 19:08
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '160' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'eSafeSvc.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'omigaplusSvc.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'adminservice.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCDMonitorService.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'dsiwmis.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDService.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'IScheduleSvc.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'RfBtnSvc64.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'Umbrella.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'ToolbarUpdaterService.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'Y2Desktop.Updater.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler64.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerSvc.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMutilps32.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrl.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '191' Modul(e) wurden durchsucht
Durchsuche Prozess 'LManager.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'MMDx64Fx.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveComm.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrlHelper.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtvStack.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'YontooDesktop.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'ActivateDesktop.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'update_checker.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'omigaplus.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerTray.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'Inbox.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.bin' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'DeviceDetector.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerEvent.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'iuBrowserIEAgent.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'iuEmailOutlookAgent.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '8' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
[WARNUNG] Die Datei konnte nicht geöffnet werden!
Die Registry wurde durchsucht ( '1453' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Acer>
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Users\Manz\AppData\Local\Temp\pricepeep_130001_0101.exe
[0] Archivtyp: NSIS
--> ProgramFilesDir/pricepeep.dll
[FUND] Enthält Erkennungsmuster der Adware ADWARE/PricePeep.K
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Manz\AppData\Local\Temp\Video Performer63862.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/InstallBrain.AK
C:\Users\Manz\AppData\Local\Temp\DM\2JqSnM2FzA3ttwD\installer.exe
[0] Archivtyp: NSIS
--> ProgramFilesDir/launcher.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/DomaIQ.GK
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\installer.exe
[0] Archivtyp: NSIS
--> ProgramFilesDir/launcher.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/DomaIQ.GK
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Manz\Downloads\FlashPlayer(1).exe
[0] Archivtyp: NSIS
--> ProgramFilesDir/launcher.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/DomaIQ.GK
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Manz\Downloads\FlashPlayer_V.PLNfTmV4b.exe
[0] Archivtyp: NSIS
--> ProgramFilesDir/exes.zip
[1] Archivtyp: ZIP
--> DomaIQ.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/DomaIQ.BN
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
Beginne mit der Desinfektion:
C:\Users\Manz\Downloads\FlashPlayer_V.PLNfTmV4b.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/DomaIQ.BN
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '57e0b282.qua' verschoben!
C:\Users\Manz\Downloads\FlashPlayer(1).exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/DomaIQ.GK
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4f779d25.qua' verschoben!
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\installer.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/DomaIQ.GK
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1d1ec7cf.qua' verschoben!
C:\Users\Manz\AppData\Local\Temp\DM\2JqSnM2FzA3ttwD\installer.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/DomaIQ.GK
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7b29880d.qua' verschoben!
C:\Users\Manz\AppData\Local\Temp\Video Performer63862.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/InstallBrain.AK
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3e9ea536.qua' verschoben!
C:\Users\Manz\AppData\Local\Temp\pricepeep_130001_0101.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/PricePeep.K
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '41b8975e.qua' verschoben!
Ende des Suchlaufs: Donnerstag, 13. Juni 2013 20:39
Benötigte Zeit: 1:17:07 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
37593 Verzeichnisse wurden überprüft
745887 Dateien wurden geprüft
6 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
6 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
3 Dateien konnten nicht durchsucht werden
745878 Dateien ohne Befall
7990 Archive wurden durchsucht
8 Warnungen
6 Hinweise
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.13.07 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16580 Manz :: HAUS [Administrator] 13.06.2013 21:14:04 mbam-log-2013-06-13 (21-14-04).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 233012 Laufzeit: 8 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 9 C:\Users\Manz\AppData\Local\Temp\TsiOdlaw.exe.part (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Manz\AppData\Local\Temp\DIQM\FlashPlayer_151\FlashPlayer_V.150698025c.exe (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Manz\AppData\Local\Temp\DIQM\FlashPlayer_151\FlashPlayer_V.PLNfTmV4b.exe (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Manz\AppData\Local\Temp\DM\2JqSnM2FzA3ttwD\DomaIQ.exe (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Manz\AppData\Local\Temp\DM\2JqSnM2FzA3ttwD\DomaIQ10.exe (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Manz\AppData\Local\Temp\DM\2JqSnM2FzA3ttwD\exes.zip (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\DomaIQ.exe (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\DomaIQ10.exe (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\exes.zip (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
14.06.2013, 18:16
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop mit Windows 8 64 bit - RegClean Pro entfernen Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Laptop mit Windows 8 64 bit - RegClean Pro entfernen |
|
14.06.2013, 20:23
| #7 |
| | Laptop mit Windows 8 64 bit - RegClean Pro entfernen Während des Scans mit GMER hat sich RegClean gestartet. Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-14 20:39:10
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000039 Hitachi_HTS545050A7E380 rev.GG2OA6C0 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Manz\AppData\Local\Temp\ugloipoc.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\system32\ntoskrnl.exe!KiCpuId + 988 fffff802da47341c 1 byte [31]
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\dwm.exe[488] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\dwm.exe[488] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\dwm.exe[488] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1116] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1116] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1116] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\nvvsvc.exe[1128] C:\Windows\system32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\nvvsvc.exe[1128] C:\Windows\system32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\nvvsvc.exe[1128] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\nvvsvc.exe[1128] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fb76ce177a 4 bytes [CE, 76, FB, 07]
.text C:\Windows\system32\nvvsvc.exe[1128] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fb76ce1782 4 bytes [CE, 76, FB, 07]
.text C:\Program Files\Elantech\ETDCtrl.exe[2612] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\Elantech\ETDCtrl.exe[2612] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\Elantech\ETDCtrl.exe[2612] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\taskhostex.exe[2620] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\taskhostex.exe[2620] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\taskhostex.exe[2620] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\taskeng.exe[2652] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\taskeng.exe[2652] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\taskeng.exe[2652] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\Explorer.EXE[2704] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Windows\Explorer.EXE[2704] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\Explorer.EXE[2704] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3564] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3564] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3564] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3612] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3612] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3612] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\igfxext.exe[3664] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\igfxext.exe[3664] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Windows\system32\igfxext.exe[3664] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4008] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4008] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4008] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4360] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4360] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4360] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4360] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007fb65b31b32 4 bytes [B3, 65, FB, 07]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4360] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007fb65b31b3a 4 bytes [B3, 65, FB, 07]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe[4636] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe[4636] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe[4636] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[2188] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fb76ce177a 4 bytes [CE, 76, FB, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[2188] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fb76ce1782 4 bytes [CE, 76, FB, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[732] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb70e11532 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[732] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb70e1153a 4 bytes [E1, 70, FB, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[732] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb70e1165a 4 bytes [E1, 70, FB, 07]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [588:2592] fffff960008995e8
Thread C:\Windows\SYSTEM32\ntdll.dll [2988:2992] 00000000013f33c2
Thread C:\Windows\SYSTEM32\ntdll.dll [2988:3748] 00000000013f15a4
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org
Database version: v2013.06.14.06
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16580
Manz :: HAUS [administrator]
14.06.2013 20:46:51
mbar-log-2013-06-14 (20-46-51).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 250943
Time elapsed: 27 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
14.06.2013, 20:34
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop mit Windows 8 64 bit - RegClean Pro entfernen aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.06.2013, 21:30
| #9 |
| | Laptop mit Windows 8 64 bit - RegClean Pro entfernenCode:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-14 21:58:41
-----------------------------
21:58:41.147 OS Version: Windows x64 6.2.9200
21:58:41.147 Number of processors: 4 586 0x3A09
21:58:41.150 ComputerName: HAUS UserName: Manz
21:58:41.238 Initialze error 1
21:59:32.513 AVAST engine defs: 13061300
22:00:17.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000039
22:00:17.738 Disk 0 Vendor: Hitachi_HTS545050A7E380 GG2OA6C0 Size: 476940MB BusType: 11
22:00:17.804 Disk 0 MBR read successfully
22:00:17.808 Disk 0 MBR scan
22:00:17.814 Disk 0 unknown MBR code
22:00:17.818 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
22:00:17.828 Disk 0 scanning C:\Windows\system32\drivers
22:00:17.832 Service scanning
22:00:18.854 Modules scanning
22:00:18.860 Disk 0 trace - called modules:
22:00:18.948 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
22:00:18.956 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006941740]
22:00:18.962 3 CLASSPNP.SYS[fffff88001313fea] -> nt!IofCallDriver -> \Device\00000039[0xfffffa8004f28060]
22:00:18.972 AVAST engine scan C:\Windows
22:00:18.986 AVAST engine scan C:\Windows\system32
22:00:18.996 AVAST engine scan C:\Windows\system32\drivers
22:00:19.006 AVAST engine scan C:\Users\Manz
22:00:19.016 AVAST engine scan C:\ProgramData
22:00:19.026 Scan finished successfully
22:01:00.837 Disk 0 MBR has been saved successfully to "C:\Users\Manz\Desktop\MBR.dat"
22:01:00.847 The log file has been saved successfully to "C:\Users\Manz\Desktop\aswMBR.txt"
22:01:15.620 Disk 0 MBR has been saved successfully to "E:\MBR.dat"
22:01:15.732 The log file has been saved successfully to "E:\aswMBR.txt"
Code:
ATTFilter 22:04:07.0626 4644 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:04:07.0626 4644 UEFI system
22:04:07.0770 4644 ============================================================
22:04:07.0770 4644 Current date / time: 2013/06/14 22:04:07.0770
22:04:07.0770 4644 SystemInfo:
22:04:07.0770 4644
22:04:07.0770 4644 OS Version: 6.2.9200 ServicePack: 0.0
22:04:07.0770 4644 Product type: Workstation
22:04:07.0770 4644 ComputerName: HAUS
22:04:07.0770 4644 UserName: Manz
22:04:07.0770 4644 Windows directory: C:\Windows
22:04:07.0770 4644 System windows directory: C:\Windows
22:04:07.0770 4644 Running under WOW64
22:04:07.0770 4644 Processor architecture: Intel x64
22:04:07.0770 4644 Number of processors: 4
22:04:07.0770 4644 Page size: 0x1000
22:04:07.0770 4644 Boot type: Normal boot
22:04:07.0770 4644 ============================================================
22:04:08.0882 4644 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:04:08.0890 4644 Drive \Device\Harddisk1\DR1 - Size: 0xF600000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:04:08.0898 4644 ============================================================
22:04:08.0898 4644 \Device\Harddisk0\DR0:
22:04:08.0898 4644 GPT partitions:
22:04:08.0900 4644 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CB58CA33-411A-46C9-B9C5-8C84AC4FE357}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
22:04:08.0900 4644 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5C8C8841-F63A-4339-85F4-006701DAE1CB}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
22:04:08.0900 4644 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FB1DFA94-32C4-4C91-803A-2C98158953FF}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
22:04:08.0900 4644 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7F58CD0E-6EB4-4DC3-A35C-6D91C00EF6D9}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x37762000
22:04:08.0900 4644 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F765CC11-8E5F-4FD6-A184-7355DF9EAF03}, Name: Basic data partition, StartLBA 0x37900800, BlocksNum 0x2A85800
22:04:08.0900 4644 MBR partitions:
22:04:08.0900 4644 \Device\Harddisk1\DR1:
22:04:08.0900 4644 MBR partitions:
22:04:08.0900 4644 ============================================================
22:04:08.0932 4644 C: <-> \Device\Harddisk0\DR0\Partition4
22:04:08.0932 4644 ============================================================
22:04:08.0932 4644 Initialize success
22:04:08.0932 4644 ============================================================
22:05:26.0828 4748 ============================================================
22:05:26.0828 4748 Scan started
22:05:26.0828 4748 Mode: Manual; SigCheck; TDLFS;
22:05:26.0828 4748 ============================================================
22:05:27.0318 4748 ================ Scan system memory ========================
22:05:27.0318 4748 System memory - ok
22:05:27.0320 4748 ================ Scan services =============================
22:05:27.0466 4748 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
22:05:27.0540 4748 1394ohci - ok
22:05:27.0548 4748 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\Windows\system32\drivers\3ware.sys
22:05:27.0580 4748 3ware - ok
22:05:27.0616 4748 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:05:27.0644 4748 ACPI - ok
22:05:27.0668 4748 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\Windows\system32\Drivers\acpiex.sys
22:05:27.0694 4748 acpiex - ok
22:05:27.0710 4748 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
22:05:27.0742 4748 acpipagr - ok
22:05:27.0748 4748 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
22:05:27.0780 4748 AcpiPmi - ok
22:05:27.0786 4748 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\Windows\System32\drivers\acpitime.sys
22:05:27.0824 4748 acpitime - ok
22:05:27.0932 4748 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:05:27.0950 4748 AdobeFlashPlayerUpdateSvc - ok
22:05:27.0990 4748 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:05:28.0032 4748 adp94xx - ok
22:05:28.0044 4748 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:05:28.0080 4748 adpahci - ok
22:05:28.0126 4748 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:05:28.0154 4748 adpu320 - ok
22:05:28.0192 4748 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:05:28.0232 4748 AeLookupSvc - ok
22:05:28.0290 4748 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\Windows\system32\drivers\afd.sys
22:05:28.0318 4748 AFD - ok
22:05:28.0348 4748 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:05:28.0372 4748 agp440 - ok
22:05:28.0404 4748 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\Windows\System32\alg.exe
22:05:28.0452 4748 ALG - ok
22:05:28.0488 4748 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
22:05:28.0530 4748 AllUserInstallAgent - ok
22:05:28.0562 4748 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
22:05:28.0594 4748 AmdK8 - ok
22:05:28.0618 4748 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
22:05:28.0660 4748 AmdPPM - ok
22:05:28.0682 4748 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:05:28.0706 4748 amdsata - ok
22:05:28.0720 4748 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:05:28.0752 4748 amdsbs - ok
22:05:28.0760 4748 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:05:28.0782 4748 amdxata - ok
22:05:28.0866 4748 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:05:28.0886 4748 AntiVirSchedulerService - ok
22:05:28.0920 4748 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:05:28.0942 4748 AntiVirService - ok
22:05:28.0966 4748 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\Windows\system32\drivers\appid.sys
22:05:29.0010 4748 AppID - ok
22:05:29.0040 4748 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:05:29.0078 4748 AppIDSvc - ok
22:05:29.0108 4748 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\Windows\System32\appinfo.dll
22:05:29.0152 4748 Appinfo - ok
22:05:29.0190 4748 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\Windows\system32\drivers\arc.sys
22:05:29.0216 4748 arc - ok
22:05:29.0224 4748 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:05:29.0250 4748 arcsas - ok
22:05:29.0256 4748 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:29.0302 4748 AsyncMac - ok
22:05:29.0308 4748 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\Windows\system32\drivers\atapi.sys
22:05:29.0332 4748 atapi - ok
22:05:29.0360 4748 [ 62A40F3DFF2B40915A1981285B14EFD4 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
22:05:29.0390 4748 AthBTPort - ok
22:05:29.0454 4748 [ 69BF08F9B599117694600021AE1D6A59 ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
22:05:29.0480 4748 AtherosSvc - ok
22:05:29.0570 4748 [ 667153FCB54CD80626A5AC5A2F49F068 ] athr C:\Windows\system32\DRIVERS\athw8x.sys
22:05:29.0712 4748 athr - ok
22:05:29.0740 4748 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:05:29.0768 4748 AudioEndpointBuilder - ok
22:05:29.0808 4748 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:05:29.0858 4748 Audiosrv - ok
22:05:29.0896 4748 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:05:29.0908 4748 avgntflt - ok
22:05:29.0930 4748 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:05:29.0946 4748 avipbb - ok
22:05:29.0966 4748 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:05:29.0976 4748 avkmgr - ok
22:05:30.0002 4748 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:05:30.0044 4748 AxInstSV - ok
22:05:30.0078 4748 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:05:30.0116 4748 b06bdrv - ok
22:05:30.0148 4748 [ 458AF8D6C7B837B3169750254E531095 ] b57xdbd C:\Windows\System32\drivers\b57xdbd.sys
22:05:30.0164 4748 b57xdbd - ok
22:05:30.0180 4748 [ B97D9ADFEB4F0AADD3DAC9F8D427AA7A ] b57xdmp C:\Windows\System32\drivers\b57xdmp.sys
22:05:30.0192 4748 b57xdmp - ok
22:05:30.0214 4748 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
22:05:30.0252 4748 BasicDisplay - ok
22:05:30.0258 4748 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
22:05:30.0280 4748 BasicRender - ok
22:05:30.0410 4748 [ 2FE2E0EBCDF1EF22A34B44CED1E59893 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl63a.sys
22:05:30.0630 4748 BCM43XX - ok
22:05:30.0656 4748 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\Windows\System32\bdesvc.dll
22:05:30.0696 4748 BDESVC - ok
22:05:30.0724 4748 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\Windows\system32\drivers\Beep.sys
22:05:30.0756 4748 Beep - ok
22:05:30.0790 4748 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\Windows\System32\bfe.dll
22:05:30.0848 4748 BFE - ok
22:05:30.0900 4748 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\Windows\System32\qmgr.dll
22:05:30.0962 4748 BITS - ok
22:05:30.0982 4748 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:05:31.0014 4748 bowser - ok
22:05:31.0048 4748 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:05:31.0082 4748 BrokerInfrastructure - ok
22:05:31.0120 4748 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\Windows\System32\browser.dll
22:05:31.0170 4748 Browser - ok
22:05:31.0290 4748 [ D9C8DC2D7EC28E3FF25C99EF17C8631A ] BrowserProtect C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
22:05:31.0292 4748 Suspicious file (NoAccess): C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe. md5: D9C8DC2D7EC28E3FF25C99EF17C8631A
22:05:31.0296 4748 BrowserProtect ( LockedFile.Multi.Generic ) - warning
22:05:31.0296 4748 BrowserProtect - detected LockedFile.Multi.Generic (1)
22:05:31.0330 4748 [ 0E9B28782D0E5DE7C25207432B791B33 ] bScsiMSa C:\Windows\System32\drivers\bScsiMSa.sys
22:05:31.0346 4748 bScsiMSa - ok
22:05:31.0354 4748 [ 8168FE3CA8C6C3F18137FF422F3C37DE ] bScsiSDa C:\Windows\System32\drivers\bScsiSDa.sys
22:05:31.0372 4748 bScsiSDa - ok
22:05:31.0408 4748 [ 6BF12F3F3A5D3F2866E69B8B463BC0CD ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
22:05:31.0436 4748 BTATH_A2DP - ok
22:05:31.0462 4748 [ DC7038090A369FE866B76DB18E356558 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
22:05:31.0480 4748 btath_avdt - ok
22:05:31.0506 4748 [ C6978F7EBA6F37D626482AC6B9390630 ] BTATH_BUS C:\Windows\System32\drivers\btath_bus.sys
22:05:31.0516 4748 BTATH_BUS - ok
22:05:31.0546 4748 [ 4AF7C20F94DAC343C01ED671C82DCB99 ] BTATH_HCRP C:\Windows\System32\drivers\btath_hcrp.sys
22:05:31.0568 4748 BTATH_HCRP - ok
22:05:31.0582 4748 [ 785C38070043BEEE9E9D591DE4067244 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
22:05:31.0600 4748 BTATH_LWFLT - ok
22:05:31.0618 4748 [ A6019537D6125099363F90D0C6D181F9 ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
22:05:31.0638 4748 BTATH_RCP - ok
22:05:31.0684 4748 [ 7A38787D2CF43FA2812E2BF86F636BB9 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
22:05:31.0708 4748 BtFilter - ok
22:05:31.0738 4748 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
22:05:31.0760 4748 BthAvrcpTg - ok
22:05:31.0794 4748 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
22:05:31.0838 4748 BthEnum - ok
22:05:31.0864 4748 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
22:05:31.0906 4748 BthHFEnum - ok
22:05:31.0924 4748 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
22:05:31.0960 4748 bthhfhid - ok
22:05:31.0982 4748 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
22:05:32.0050 4748 BthLEEnum - ok
22:05:32.0080 4748 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
22:05:32.0132 4748 BTHMODEM - ok
22:05:32.0158 4748 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:05:32.0176 4748 BthPan - ok
22:05:32.0228 4748 [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:05:32.0278 4748 BTHPORT - ok
22:05:32.0300 4748 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\Windows\system32\bthserv.dll
22:05:32.0338 4748 bthserv - ok
22:05:32.0364 4748 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:05:32.0396 4748 BTHUSB - ok
22:05:32.0524 4748 [ CFA963D67CF8791B2145ED9E2B89ED95 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
22:05:32.0598 4748 CCDMonitorService - ok
22:05:32.0632 4748 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:05:32.0656 4748 cdfs - ok
22:05:32.0676 4748 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\Windows\System32\drivers\cdrom.sys
22:05:32.0726 4748 cdrom - ok
22:05:32.0760 4748 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\Windows\System32\certprop.dll
22:05:32.0802 4748 CertPropSvc - ok
22:05:32.0824 4748 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\Windows\System32\drivers\circlass.sys
22:05:32.0876 4748 circlass - ok
22:05:32.0902 4748 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\Windows\system32\drivers\CLFS.sys
22:05:32.0938 4748 CLFS - ok
22:05:32.0982 4748 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
22:05:33.0010 4748 CmBatt - ok
22:05:33.0048 4748 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\Windows\system32\Drivers\cng.sys
22:05:33.0100 4748 CNG - ok
22:05:33.0126 4748 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
22:05:33.0178 4748 CompositeBus - ok
22:05:33.0184 4748 COMSysApp - ok
22:05:33.0206 4748 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\Windows\system32\drivers\condrv.sys
22:05:33.0224 4748 condrv - ok
22:05:33.0290 4748 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:05:33.0308 4748 cphs - ok
22:05:33.0344 4748 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:05:33.0384 4748 CryptSvc - ok
22:05:33.0416 4748 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\Windows\system32\drivers\dam.sys
22:05:33.0442 4748 dam - ok
22:05:33.0484 4748 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\Windows\system32\rpcss.dll
22:05:33.0526 4748 DcomLaunch - ok
22:05:33.0558 4748 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\Windows\System32\defragsvc.dll
22:05:33.0598 4748 defragsvc - ok
22:05:33.0616 4748 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
22:05:33.0662 4748 DeviceAssociationService - ok
22:05:33.0746 4748 [ 91E80E3783883DA59A065E16AC031C3B ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
22:05:33.0768 4748 DeviceFastLaneService - ok
22:05:33.0790 4748 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
22:05:33.0820 4748 DeviceInstall - ok
22:05:33.0854 4748 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
22:05:33.0896 4748 Dfsc - ok
22:05:33.0964 4748 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:05:34.0006 4748 Dhcp - ok
22:05:34.0026 4748 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\Windows\system32\drivers\discache.sys
22:05:34.0062 4748 discache - ok
22:05:34.0084 4748 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\Windows\system32\drivers\disk.sys
22:05:34.0112 4748 disk - ok
22:05:34.0140 4748 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
22:05:34.0162 4748 dmvsc - ok
22:05:34.0194 4748 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:05:34.0240 4748 Dnscache - ok
22:05:34.0272 4748 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\Windows\System32\dot3svc.dll
22:05:34.0326 4748 dot3svc - ok
22:05:34.0344 4748 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\Windows\system32\dps.dll
22:05:34.0376 4748 DPS - ok
22:05:34.0404 4748 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:05:34.0434 4748 drmkaud - ok
22:05:34.0478 4748 [ 4E2C9C48316B2156B45B58687C7435AC ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:05:34.0508 4748 DsiWMIService - ok
22:05:34.0546 4748 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
22:05:34.0592 4748 DsmSvc - ok
22:05:34.0638 4748 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:05:34.0714 4748 DXGKrnl - ok
22:05:34.0758 4748 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\Windows\System32\eapsvc.dll
22:05:34.0798 4748 Eaphost - ok
22:05:34.0878 4748 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:05:35.0102 4748 ebdrv - ok
22:05:35.0128 4748 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\Windows\System32\lsass.exe
22:05:35.0164 4748 EFS - ok
22:05:35.0224 4748 [ AD23FC5DB336CA89A6FC2DA1F70E421C ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
22:05:35.0236 4748 EgisTec Ticket Service - ok
22:05:35.0266 4748 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
22:05:35.0292 4748 EhStorClass - ok
22:05:35.0318 4748 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:05:35.0346 4748 EhStorTcgDrv - ok
22:05:35.0402 4748 [ 3D897AAAAC4BC8D6F069DA3BB65D136D ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
22:05:35.0442 4748 ePowerSvc - ok
22:05:35.0464 4748 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\Windows\System32\drivers\errdev.sys
22:05:35.0496 4748 ErrDev - ok
22:05:35.0556 4748 [ F31572C8035EEB5CFECFE406925EBADD ] eSafeSvc C:\ProgramData\eSafe\eSafeSvc.exe
22:05:35.0588 4748 eSafeSvc - ok
22:05:35.0624 4748 [ 4E8D5177B439872F7AE6DAB7B6859B6B ] ETD C:\Windows\system32\DRIVERS\ETD.sys
22:05:35.0652 4748 ETD - ok
22:05:35.0694 4748 [ 1C5DFB77CC4E637694CF269382BC55C0 ] ETDService C:\Program Files\Elantech\ETDService.exe
22:05:35.0716 4748 ETDService - ok
22:05:35.0766 4748 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\Windows\system32\es.dll
22:05:35.0816 4748 EventSystem - ok
22:05:35.0844 4748 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\Windows\system32\drivers\exfat.sys
22:05:35.0900 4748 exfat - ok
22:05:35.0918 4748 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:05:35.0950 4748 fastfat - ok
22:05:35.0994 4748 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\Windows\system32\fxssvc.exe
22:05:36.0034 4748 Fax - ok
22:05:36.0048 4748 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\Windows\System32\drivers\fdc.sys
22:05:36.0080 4748 fdc - ok
22:05:36.0110 4748 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\Windows\system32\fdPHost.dll
22:05:36.0150 4748 fdPHost - ok
22:05:36.0172 4748 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\Windows\system32\fdrespub.dll
22:05:36.0214 4748 FDResPub - ok
22:05:36.0248 4748 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\Windows\system32\fhsvc.dll
22:05:36.0286 4748 fhsvc - ok
22:05:36.0324 4748 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:05:36.0354 4748 FileInfo - ok
22:05:36.0372 4748 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:05:36.0416 4748 Filetrace - ok
22:05:36.0462 4748 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:05:36.0488 4748 FLEXnet Licensing Service - ok
22:05:36.0516 4748 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
22:05:36.0546 4748 flpydisk - ok
22:05:36.0570 4748 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:05:36.0610 4748 FltMgr - ok
22:05:36.0650 4748 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\Windows\system32\FntCache.dll
22:05:36.0700 4748 FontCache - ok
22:05:36.0758 4748 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:05:36.0774 4748 FontCache3.0.0.0 - ok
22:05:36.0812 4748 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:05:36.0838 4748 FsDepends - ok
22:05:36.0860 4748 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:05:36.0882 4748 Fs_Rec - ok
22:05:36.0916 4748 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:05:36.0946 4748 fvevol - ok
22:05:36.0986 4748 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
22:05:37.0018 4748 FxPPM - ok
22:05:37.0038 4748 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:05:37.0064 4748 gagp30kx - ok
22:05:37.0106 4748 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
22:05:37.0120 4748 GamesAppService - ok
22:05:37.0146 4748 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
22:05:37.0172 4748 gencounter - ok
22:05:37.0208 4748 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
22:05:37.0238 4748 GPIOClx0101 - ok
22:05:37.0296 4748 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\Windows\System32\gpsvc.dll
22:05:37.0374 4748 gpsvc - ok
22:05:37.0414 4748 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:37.0426 4748 gupdate - ok
22:05:37.0432 4748 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:37.0444 4748 gupdatem - ok
22:05:37.0482 4748 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:05:37.0522 4748 HdAudAddService - ok
22:05:37.0556 4748 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
22:05:37.0592 4748 HDAudBus - ok
22:05:37.0630 4748 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
22:05:37.0652 4748 HidBatt - ok
22:05:37.0660 4748 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\Windows\System32\drivers\hidbth.sys
22:05:37.0720 4748 HidBth - ok
22:05:37.0746 4748 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
22:05:37.0782 4748 hidi2c - ok
22:05:37.0812 4748 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\Windows\System32\drivers\hidir.sys
22:05:37.0862 4748 HidIr - ok
22:05:37.0890 4748 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\Windows\system32\hidserv.dll
22:05:37.0922 4748 hidserv - ok
22:05:37.0954 4748 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
22:05:37.0978 4748 HidUsb - ok
22:05:38.0008 4748 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:05:38.0040 4748 hkmsvc - ok
22:05:38.0102 4748 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:05:38.0148 4748 HomeGroupListener - ok
22:05:38.0190 4748 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:05:38.0224 4748 HomeGroupProvider - ok
22:05:38.0256 4748 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:05:38.0280 4748 HpSAMD - ok
22:05:38.0322 4748 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:05:38.0362 4748 HTTP - ok
22:05:38.0380 4748 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:05:38.0400 4748 hwpolicy - ok
22:05:38.0424 4748 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
22:05:38.0452 4748 hyperkbd - ok
22:05:38.0474 4748 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
22:05:38.0508 4748 HyperVideo - ok
22:05:38.0528 4748 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
22:05:38.0554 4748 i8042prt - ok
22:05:38.0598 4748 [ 0FE66A51D81A25AACEAAE4C26308121D ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
22:05:38.0624 4748 iaStorA - ok
22:05:38.0660 4748 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:05:38.0698 4748 iaStorV - ok
22:05:38.0824 4748 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:05:39.0044 4748 igfx - ok
22:05:39.0080 4748 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:05:39.0110 4748 iirsp - ok
22:05:39.0158 4748 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\Windows\System32\ikeext.dll
22:05:39.0218 4748 IKEEXT - ok
22:05:39.0318 4748 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:05:39.0500 4748 IntcAzAudAddService - ok
22:05:39.0528 4748 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:05:39.0564 4748 IntcDAud - ok
22:05:39.0610 4748 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:05:39.0646 4748 Intel(R) Capability Licensing Service Interface - ok
22:05:39.0668 4748 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\Windows\system32\drivers\intelide.sys
22:05:39.0690 4748 intelide - ok
22:05:39.0724 4748 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\Windows\System32\drivers\intelppm.sys
22:05:39.0740 4748 intelppm - ok
22:05:39.0772 4748 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:39.0818 4748 IpFilterDriver - ok
22:05:39.0872 4748 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:05:39.0906 4748 iphlpsvc - ok
22:05:39.0928 4748 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
22:05:39.0960 4748 IPMIDRV - ok
22:05:39.0970 4748 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:05:40.0008 4748 IPNAT - ok
22:05:40.0042 4748 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:05:40.0078 4748 IRENUM - ok
22:05:40.0086 4748 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:05:40.0112 4748 isapnp - ok
22:05:40.0158 4748 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
22:05:40.0198 4748 iScsiPrt - ok
22:05:40.0292 4748 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:05:40.0318 4748 jhi_service - ok
22:05:40.0342 4748 [ CB30BC4ECF8B96BC090EC5DA09E9B17D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
22:05:40.0384 4748 k57nd60a - ok
22:05:40.0406 4748 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
22:05:40.0428 4748 kbdclass - ok
22:05:40.0442 4748 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
22:05:40.0482 4748 kbdhid - ok
22:05:40.0496 4748 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
22:05:40.0516 4748 kdnic - ok
22:05:40.0528 4748 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\Windows\system32\lsass.exe
22:05:40.0550 4748 KeyIso - ok
22:05:40.0578 4748 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:05:40.0604 4748 KSecDD - ok
22:05:40.0636 4748 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:05:40.0666 4748 KSecPkg - ok
22:05:40.0700 4748 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:05:40.0734 4748 ksthunk - ok
22:05:40.0766 4748 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:05:40.0800 4748 KtmRm - ok
22:05:40.0830 4748 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\Windows\system32\srvsvc.dll
22:05:40.0866 4748 LanmanServer - ok
22:05:40.0906 4748 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:05:40.0938 4748 LanmanWorkstation - ok
22:05:40.0960 4748 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:05:40.0996 4748 lltdio - ok
22:05:41.0038 4748 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:05:41.0080 4748 lltdsvc - ok
22:05:41.0102 4748 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:05:41.0134 4748 lmhosts - ok
22:05:41.0164 4748 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:05:41.0180 4748 LMS - ok
22:05:41.0220 4748 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:05:41.0246 4748 LSI_SAS - ok
22:05:41.0256 4748 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:05:41.0280 4748 LSI_SAS2 - ok
22:05:41.0290 4748 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:05:41.0316 4748 LSI_SCSI - ok
22:05:41.0326 4748 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
22:05:41.0352 4748 LSI_SSS - ok
22:05:41.0388 4748 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\Windows\System32\lsm.dll
22:05:41.0414 4748 LSM - ok
22:05:41.0442 4748 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\Windows\system32\drivers\luafv.sys
22:05:41.0480 4748 luafv - ok
22:05:41.0496 4748 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\Windows\system32\drivers\megasas.sys
22:05:41.0522 4748 megasas - ok
22:05:41.0532 4748 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:05:41.0570 4748 MegaSR - ok
22:05:41.0598 4748 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
22:05:41.0618 4748 MEIx64 - ok
22:05:41.0650 4748 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\Windows\system32\mmcss.dll
22:05:41.0668 4748 MMCSS - ok
22:05:41.0692 4748 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\Windows\system32\drivers\modem.sys
22:05:41.0730 4748 Modem - ok
22:05:41.0766 4748 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\Windows\System32\drivers\monitor.sys
22:05:41.0796 4748 monitor - ok
22:05:41.0830 4748 [ 618446B98C79776654340CE27C73485E ] mouclass C:\Windows\System32\drivers\mouclass.sys
22:05:41.0854 4748 mouclass - ok
22:05:41.0868 4748 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\Windows\System32\drivers\mouhid.sys
22:05:41.0894 4748 mouhid - ok
22:05:41.0916 4748 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:05:41.0942 4748 mountmgr - ok
22:05:41.0980 4748 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:05:41.0994 4748 MozillaMaintenance - ok
22:05:42.0014 4748 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:05:42.0048 4748 mpsdrv - ok
22:05:42.0090 4748 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:05:42.0142 4748 MpsSvc - ok
22:05:42.0178 4748 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:05:42.0218 4748 MRxDAV - ok
22:05:42.0278 4748 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:42.0316 4748 mrxsmb - ok
22:05:42.0340 4748 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:42.0372 4748 mrxsmb10 - ok
22:05:42.0396 4748 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:05:42.0436 4748 mrxsmb20 - ok
22:05:42.0462 4748 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
22:05:42.0500 4748 MsBridge - ok
22:05:42.0538 4748 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\Windows\System32\msdtc.exe
22:05:42.0582 4748 MSDTC - ok
22:05:42.0606 4748 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:05:42.0636 4748 Msfs - ok
22:05:42.0666 4748 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
22:05:42.0686 4748 msgpiowin32 - ok
22:05:42.0722 4748 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:05:42.0742 4748 mshidkmdf - ok
22:05:42.0750 4748 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
22:05:42.0780 4748 mshidumdf - ok
22:05:42.0800 4748 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:05:42.0822 4748 msisadrv - ok
22:05:42.0854 4748 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:05:42.0896 4748 MSiSCSI - ok
22:05:42.0904 4748 msiserver - ok
22:05:42.0928 4748 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:05:42.0964 4748 MSKSSRV - ok
22:05:43.0002 4748 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
22:05:43.0040 4748 MsLldp - ok
22:05:43.0048 4748 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:43.0070 4748 MSPCLOCK - ok
22:05:43.0078 4748 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:05:43.0108 4748 MSPQM - ok
22:05:43.0162 4748 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:05:43.0200 4748 MsRPC - ok
22:05:43.0222 4748 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
22:05:43.0244 4748 mssmbios - ok
22:05:43.0260 4748 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:05:43.0288 4748 MSTEE - ok
22:05:43.0310 4748 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
22:05:43.0330 4748 MTConfig - ok
22:05:43.0346 4748 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\Windows\system32\Drivers\mup.sys
22:05:43.0370 4748 Mup - ok
22:05:43.0390 4748 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\Windows\system32\drivers\mvumis.sys
22:05:43.0416 4748 mvumis - ok
22:05:43.0440 4748 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:05:43.0454 4748 mwlPSDFilter - ok
22:05:43.0472 4748 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:05:43.0490 4748 mwlPSDNServ - ok
22:05:43.0506 4748 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:05:43.0522 4748 mwlPSDVDisk - ok
22:05:43.0580 4748 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\Windows\system32\qagentRT.dll
22:05:43.0618 4748 napagent - ok
22:05:43.0650 4748 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:05:43.0698 4748 NativeWifiP - ok
22:05:43.0734 4748 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\Windows\System32\ncasvc.dll
22:05:43.0758 4748 NcaSvc - ok
22:05:43.0784 4748 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
22:05:43.0812 4748 NcdAutoSetup - ok
22:05:43.0856 4748 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\Windows\system32\drivers\ndis.sys
22:05:43.0896 4748 NDIS - ok
22:05:43.0916 4748 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:43.0940 4748 NdisCap - ok
22:05:43.0966 4748 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
22:05:43.0998 4748 NdisImPlatform - ok
22:05:44.0030 4748 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:44.0048 4748 NdisTapi - ok
22:05:44.0068 4748 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:44.0098 4748 Ndisuio - ok
22:05:44.0136 4748 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:44.0162 4748 NdisWan - ok
22:05:44.0168 4748 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:44.0186 4748 NDISWANLEGACY - ok
22:05:44.0220 4748 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:05:44.0238 4748 NDProxy - ok
22:05:44.0252 4748 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\Windows\system32\drivers\Ndu.sys
22:05:44.0280 4748 Ndu - ok
22:05:44.0298 4748 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:05:44.0332 4748 NetBIOS - ok
22:05:44.0368 4748 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:05:44.0392 4748 NetBT - ok
22:05:44.0406 4748 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\Windows\system32\lsass.exe
22:05:44.0420 4748 Netlogon - ok
22:05:44.0442 4748 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\Windows\System32\netman.dll
22:05:44.0476 4748 Netman - ok
22:05:44.0512 4748 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\Windows\System32\netprofmsvc.dll
22:05:44.0556 4748 netprofm - ok
22:05:44.0610 4748 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:44.0656 4748 NetTcpPortSharing - ok
22:05:44.0672 4748 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:05:44.0690 4748 nfrd960 - ok
22:05:44.0738 4748 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:05:44.0768 4748 NlaSvc - ok
22:05:44.0784 4748 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:05:44.0808 4748 Npfs - ok
22:05:44.0838 4748 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
22:05:44.0870 4748 npsvctrig - ok
22:05:44.0898 4748 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\Windows\system32\nsisvc.dll
22:05:44.0936 4748 nsi - ok
22:05:44.0952 4748 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:05:44.0992 4748 nsiproxy - ok
22:05:45.0062 4748 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:05:45.0144 4748 Ntfs - ok
22:05:45.0194 4748 [ 24802A206925A340DBA52ABF83C21315 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
22:05:45.0224 4748 NTI IScheduleSvc - ok
22:05:45.0258 4748 [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
22:05:45.0272 4748 NTIDrvr - ok
22:05:45.0296 4748 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\Windows\system32\drivers\Null.sys
22:05:45.0330 4748 Null - ok
22:05:45.0612 4748 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:05:46.0202 4748 nvlddmkm - ok
22:05:46.0242 4748 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
22:05:46.0264 4748 nvpciflt - ok
22:05:46.0292 4748 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:05:46.0318 4748 nvraid - ok
22:05:46.0330 4748 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:05:46.0368 4748 nvstor - ok
22:05:46.0414 4748 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
22:05:46.0450 4748 nvsvc - ok
22:05:46.0528 4748 [ 249357999355A998AA94A3673C3367EB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:05:46.0570 4748 nvUpdatusService - ok
22:05:46.0596 4748 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:05:46.0628 4748 nv_agp - ok
22:05:46.0676 4748 [ B7B14723191CB9C319D450E4D0A298A8 ] omigaplussvc C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe
22:05:46.0714 4748 omigaplussvc - ok
22:05:46.0780 4748 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:46.0796 4748 ose - ok
22:05:46.0950 4748 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:05:47.0142 4748 osppsvc - ok
22:05:47.0180 4748 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:05:47.0204 4748 p2pimsvc - ok
22:05:47.0238 4748 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\Windows\system32\p2psvc.dll
22:05:47.0286 4748 p2psvc - ok
22:05:47.0316 4748 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\Windows\System32\drivers\parport.sys
22:05:47.0346 4748 Parport - ok
22:05:47.0386 4748 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:05:47.0412 4748 partmgr - ok
22:05:47.0444 4748 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:05:47.0490 4748 PcaSvc - ok
22:05:47.0524 4748 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\Windows\system32\drivers\pci.sys
22:05:47.0558 4748 pci - ok
22:05:47.0576 4748 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\Windows\system32\drivers\pciide.sys
22:05:47.0598 4748 pciide - ok
22:05:47.0624 4748 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:05:47.0658 4748 pcmcia - ok
22:05:47.0676 4748 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\Windows\system32\drivers\pcw.sys
22:05:47.0700 4748 pcw - ok
22:05:47.0728 4748 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\Windows\system32\drivers\pdc.sys
22:05:47.0752 4748 pdc - ok
22:05:47.0804 4748 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:05:47.0868 4748 PEAUTH - ok
22:05:47.0952 4748 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:05:47.0986 4748 PerfHost - ok
22:05:48.0074 4748 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\Windows\system32\pla.dll
22:05:48.0150 4748 pla - ok
22:05:48.0190 4748 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:05:48.0212 4748 PlugPlay - ok
22:05:48.0244 4748 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:05:48.0286 4748 PNRPAutoReg - ok
22:05:48.0314 4748 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:05:48.0338 4748 PNRPsvc - ok
22:05:48.0380 4748 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:05:48.0428 4748 PolicyAgent - ok
22:05:48.0472 4748 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\Windows\system32\umpo.dll
22:05:48.0500 4748 Power - ok
22:05:48.0536 4748 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:05:48.0572 4748 PptpMiniport - ok
22:05:48.0672 4748 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
22:05:48.0792 4748 PrintNotify - ok
22:05:48.0830 4748 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\Windows\System32\drivers\processr.sys
22:05:48.0854 4748 Processor - ok
22:05:48.0890 4748 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\Windows\system32\profsvc.dll
22:05:48.0940 4748 ProfSvc - ok
22:05:48.0974 4748 [ AF038FA3D3748B7595FE7096AD803696 ] Ps2Kb2Hid C:\Windows\System32\drivers\aPs2Kb2Hid.sys
22:05:48.0990 4748 Ps2Kb2Hid - ok
22:05:49.0010 4748 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:05:49.0050 4748 Psched - ok
22:05:49.0084 4748 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\Windows\system32\qwave.dll
22:05:49.0130 4748 QWAVE - ok
22:05:49.0166 4748 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:05:49.0190 4748 QWAVEdrv - ok
22:05:49.0200 4748 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:05:49.0224 4748 RasAcd - ok
22:05:49.0258 4748 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:49.0302 4748 RasAgileVpn - ok
22:05:49.0332 4748 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\Windows\System32\rasauto.dll
22:05:49.0378 4748 RasAuto - ok
22:05:49.0398 4748 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:49.0444 4748 Rasl2tp - ok
22:05:49.0496 4748 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\Windows\System32\rasmans.dll
22:05:49.0552 4748 RasMan - ok
22:05:49.0576 4748 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:49.0606 4748 RasPppoe - ok
22:05:49.0628 4748 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:05:49.0666 4748 RasSstp - ok
22:05:49.0690 4748 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:05:49.0738 4748 rdbss - ok
22:05:49.0780 4748 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
22:05:49.0800 4748 rdpbus - ok
22:05:49.0828 4748 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:05:49.0868 4748 RDPDR - ok
22:05:49.0912 4748 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:05:49.0932 4748 RdpVideoMiniport - ok
22:05:49.0954 4748 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:05:49.0998 4748 RDPWD - ok
22:05:50.0030 4748 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:05:50.0064 4748 rdyboost - ok
22:05:50.0116 4748 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:05:50.0164 4748 RemoteAccess - ok
22:05:50.0196 4748 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:05:50.0246 4748 RemoteRegistry - ok
22:05:50.0266 4748 [ CF59781FCB68F859EB6C835ED285211D ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
22:05:50.0286 4748 RfButtonDriverService - ok
22:05:50.0316 4748 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
22:05:50.0342 4748 RFCOMM - ok
22:05:50.0378 4748 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:05:50.0418 4748 RpcEptMapper - ok
22:05:50.0452 4748 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\Windows\system32\locator.exe
22:05:50.0474 4748 RpcLocator - ok
22:05:50.0518 4748 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\Windows\system32\rpcss.dll
22:05:50.0554 4748 RpcSs - ok
22:05:50.0590 4748 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:05:50.0620 4748 rspndr - ok
22:05:50.0636 4748 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\Windows\System32\drivers\vms3cap.sys
22:05:50.0654 4748 s3cap - ok
22:05:50.0684 4748 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\Windows\system32\lsass.exe
22:05:50.0702 4748 SamSs - ok
22:05:50.0726 4748 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:05:50.0752 4748 sbp2port - ok
22:05:50.0782 4748 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:05:50.0830 4748 SCardSvr - ok
22:05:50.0870 4748 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:05:50.0912 4748 scfilter - ok
22:05:50.0972 4748 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\Windows\system32\schedsvc.dll
22:05:51.0048 4748 Schedule - ok
22:05:51.0084 4748 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:05:51.0108 4748 SCPolicySvc - ok
22:05:51.0138 4748 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\Windows\System32\drivers\sdbus.sys
22:05:51.0168 4748 sdbus - ok
22:05:51.0208 4748 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:05:51.0250 4748 SDRSVC - ok
22:05:51.0286 4748 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\Windows\System32\drivers\sdstor.sys
22:05:51.0308 4748 sdstor - ok
22:05:51.0342 4748 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:05:51.0378 4748 secdrv - ok
22:05:51.0400 4748 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\Windows\system32\seclogon.dll
22:05:51.0424 4748 seclogon - ok
22:05:51.0446 4748 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\Windows\System32\sens.dll
22:05:51.0490 4748 SENS - ok
22:05:51.0516 4748 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:05:51.0544 4748 SensrSvc - ok
22:05:51.0578 4748 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\Windows\system32\drivers\SerCx.sys
22:05:51.0604 4748 SerCx - ok
22:05:51.0614 4748 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\Windows\System32\drivers\serenum.sys
22:05:51.0636 4748 Serenum - ok
22:05:51.0648 4748 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\Windows\System32\drivers\serial.sys
22:05:51.0678 4748 Serial - ok
22:05:51.0688 4748 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\Windows\System32\drivers\sermouse.sys
22:05:51.0714 4748 sermouse - ok
22:05:51.0782 4748 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\Windows\system32\sessenv.dll
22:05:51.0822 4748 SessionEnv - ok
22:05:51.0858 4748 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
22:05:51.0878 4748 sfloppy - ok
22:05:51.0924 4748 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:05:51.0968 4748 SharedAccess - ok
22:05:52.0004 4748 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:05:52.0062 4748 ShellHWDetection - ok
22:05:52.0082 4748 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:05:52.0106 4748 SiSRaid2 - ok
22:05:52.0134 4748 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:05:52.0158 4748 SiSRaid4 - ok
22:05:52.0198 4748 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:05:52.0234 4748 SNMPTRAP - ok
22:05:52.0268 4748 [ 739A739DCC5D02FE30EDEADEBD7B9898 ] spaceport C:\Windows\system32\drivers\spaceport.sys
22:05:52.0302 4748 spaceport - ok
22:05:52.0334 4748 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
22:05:52.0360 4748 SpbCx - ok
22:05:52.0406 4748 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\Windows\System32\spoolsv.exe
22:05:52.0468 4748 Spooler - ok
22:05:52.0588 4748 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\Windows\system32\sppsvc.exe
22:05:52.0748 4748 sppsvc - ok
22:05:52.0868 4748 [ 4EDA91FF8EEE2196229AACCCC9F6952C ] SProtection C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
22:05:52.0954 4748 SProtection - ok
22:05:52.0984 4748 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:05:53.0020 4748 srv - ok
22:05:53.0064 4748 [ 9912FDF63EC78E1977083E20DEAE4889 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:05:53.0102 4748 srv2 - ok
22:05:53.0130 4748 [ FD8B4F201B681C555A4AF41922C52557 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:05:53.0168 4748 srvnet - ok
22:05:53.0222 4748 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:05:53.0260 4748 SSDPSRV - ok
22:05:53.0279 4748 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:05:53.0304 4748 SstpSvc - ok
22:05:53.0347 4748 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:05:53.0368 4748 stexstor - ok
22:05:53.0419 4748 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\Windows\System32\wiaservc.dll
22:05:53.0457 4748 stisvc - ok
22:05:53.0483 4748 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\Windows\system32\drivers\storahci.sys
22:05:53.0509 4748 storahci - ok
22:05:53.0527 4748 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
22:05:53.0553 4748 storflt - ok
22:05:53.0589 4748 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\Windows\system32\storsvc.dll
22:05:53.0623 4748 StorSvc - ok
22:05:53.0651 4748 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:05:53.0673 4748 storvsc - ok
22:05:53.0715 4748 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\Windows\system32\svsvc.dll
22:05:53.0759 4748 svsvc - ok
22:05:53.0777 4748 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\Windows\System32\drivers\swenum.sys
22:05:53.0799 4748 swenum - ok
22:05:53.0833 4748 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\Windows\System32\swprv.dll
22:05:53.0881 4748 swprv - ok
22:05:53.0935 4748 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\Windows\system32\sysmain.dll
22:05:53.0997 4748 SysMain - ok
22:05:54.0055 4748 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:05:54.0075 4748 SystemEventsBroker - ok
22:05:54.0109 4748 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
22:05:54.0137 4748 TabletInputService - ok
22:05:54.0163 4748 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\Windows\System32\tapisrv.dll
22:05:54.0199 4748 TapiSrv - ok
22:05:54.0275 4748 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:05:54.0369 4748 Tcpip - ok
22:05:54.0409 4748 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:05:54.0497 4748 TCPIP6 - ok
22:05:54.0533 4748 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:05:54.0571 4748 tcpipreg - ok
22:05:54.0603 4748 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:05:54.0629 4748 tdx - ok
22:05:54.0653 4748 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\Windows\System32\drivers\terminpt.sys
22:05:54.0675 4748 terminpt - ok
22:05:54.0721 4748 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\Windows\System32\termsrv.dll
22:05:54.0769 4748 TermService - ok
22:05:54.0793 4748 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\Windows\system32\themeservice.dll
22:05:54.0841 4748 Themes - ok
22:05:54.0863 4748 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\Windows\system32\mmcss.dll
22:05:54.0881 4748 THREADORDER - ok
22:05:54.0917 4748 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
22:05:54.0939 4748 TimeBroker - ok
22:05:54.0963 4748 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\Windows\system32\drivers\tpm.sys
22:05:54.0991 4748 TPM - ok
22:05:55.0019 4748 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\Windows\System32\trkwks.dll
22:05:55.0061 4748 TrkWks - ok
22:05:55.0111 4748 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:05:55.0141 4748 TrustedInstaller - ok
22:05:55.0181 4748 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:05:55.0203 4748 TsUsbFlt - ok
22:05:55.0215 4748 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
22:05:55.0237 4748 TsUsbGD - ok
22:05:55.0261 4748 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:05:55.0311 4748 tunnel - ok
22:05:55.0323 4748 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:05:55.0351 4748 uagp35 - ok
22:05:55.0375 4748 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
22:05:55.0401 4748 UASPStor - ok
22:05:55.0429 4748 [ 69CC6087483FCE6AEBF1DF5AE791044F ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
22:05:55.0443 4748 UBHelper - ok
22:05:55.0485 4748 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
22:05:55.0517 4748 UCX01000 - ok
22:05:55.0541 4748 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:05:55.0597 4748 udfs - ok
22:05:55.0645 4748 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:05:55.0685 4748 UI0Detect - ok
22:05:55.0723 4748 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:05:55.0747 4748 uliagpkx - ok
22:05:55.0775 4748 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\Windows\System32\drivers\umbus.sys
22:05:55.0811 4748 umbus - ok
22:05:55.0829 4748 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\Windows\System32\drivers\umpass.sys
22:05:55.0863 4748 UmPass - ok
22:05:55.0891 4748 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\Windows\System32\umrdp.dll
22:05:55.0935 4748 UmRdpService - ok
22:05:56.0027 4748 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:05:56.0045 4748 UNS - ok
22:05:56.0133 4748 [ 6E30C47050124B12D55ECF7F516F28E2 ] Updater Service for AMZN C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
22:05:56.0163 4748 Updater Service for AMZN - ok
22:05:56.0215 4748 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\Windows\System32\upnphost.dll
22:05:56.0261 4748 upnphost - ok
22:05:56.0299 4748 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
22:05:56.0323 4748 usbccgp - ok
22:05:56.0347 4748 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\Windows\System32\drivers\usbcir.sys
22:05:56.0393 4748 usbcir - ok
22:05:56.0435 4748 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\Windows\System32\drivers\usbehci.sys
22:05:56.0457 4748 usbehci - ok
22:05:56.0501 4748 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\Windows\System32\drivers\usbhub.sys
22:05:56.0541 4748 usbhub - ok
22:05:56.0567 4748 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
22:05:56.0613 4748 USBHUB3 - ok
22:05:56.0649 4748 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\Windows\System32\drivers\usbohci.sys
22:05:56.0667 4748 usbohci - ok
22:05:56.0697 4748 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\Windows\System32\drivers\usbprint.sys
22:05:56.0711 4748 usbprint - ok
22:05:56.0747 4748 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:05:56.0777 4748 usbscan - ok
22:05:56.0789 4748 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
22:05:56.0813 4748 USBSTOR - ok
22:05:56.0837 4748 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
22:05:56.0857 4748 usbuhci - ok
22:05:56.0887 4748 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:05:56.0909 4748 usbvideo - ok
22:05:56.0939 4748 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
22:05:56.0969 4748 USBXHCI - ok
22:05:56.0985 4748 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\Windows\system32\lsass.exe
22:05:57.0001 4748 VaultSvc - ok
22:05:57.0029 4748 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:05:57.0047 4748 vdrvroot - ok
22:05:57.0105 4748 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\Windows\System32\vds.exe
22:05:57.0143 4748 vds - ok
22:05:57.0167 4748 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
22:05:57.0185 4748 VerifierExt - ok
22:05:57.0219 4748 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
22:05:57.0257 4748 vhdmp - ok
22:05:57.0289 4748 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\Windows\system32\drivers\viaide.sys
22:05:57.0305 4748 viaide - ok
22:05:57.0315 4748 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:05:57.0343 4748 vmbus - ok
22:05:57.0351 4748 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
22:05:57.0377 4748 VMBusHID - ok
22:05:57.0415 4748 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
22:05:57.0453 4748 vmicheartbeat - ok
22:05:57.0463 4748 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:05:57.0481 4748 vmickvpexchange - ok
22:05:57.0491 4748 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\Windows\System32\ICSvc.dll
22:05:57.0509 4748 vmicrdv - ok
22:05:57.0517 4748 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\Windows\System32\ICSvc.dll
22:05:57.0533 4748 vmicshutdown - ok
22:05:57.0543 4748 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\Windows\System32\ICSvc.dll
22:05:57.0559 4748 vmictimesync - ok
22:05:57.0569 4748 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\Windows\System32\ICSvc.dll
22:05:57.0585 4748 vmicvss - ok
22:05:57.0613 4748 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:05:57.0631 4748 volmgr - ok
22:05:57.0651 4748 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:05:57.0675 4748 volmgrx - ok
22:05:57.0703 4748 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:05:57.0741 4748 volsnap - ok
22:05:57.0765 4748 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\Windows\System32\drivers\vpci.sys
22:05:57.0789 4748 vpci - ok
22:05:57.0815 4748 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:05:57.0849 4748 vsmraid - ok
22:05:57.0899 4748 [ EA658570314042C914964FC72AB50E6B ] VSS C:\Windows\system32\vssvc.exe
22:05:57.0969 4748 VSS - ok
22:05:57.0999 4748 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
22:05:58.0035 4748 VSTXRAID - ok
22:05:58.0061 4748 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:05:58.0081 4748 vwifibus - ok
22:05:58.0109 4748 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:05:58.0141 4748 vwififlt - ok
22:05:58.0163 4748 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:05:58.0183 4748 vwifimp - ok
22:05:58.0243 4748 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\Windows\system32\w32time.dll
22:05:58.0275 4748 W32Time - ok
22:05:58.0297 4748 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
22:05:58.0335 4748 WacomPen - ok
22:05:58.0369 4748 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:05:58.0403 4748 Wanarp - ok
22:05:58.0415 4748 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:05:58.0433 4748 Wanarpv6 - ok
22:05:58.0493 4748 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\Windows\system32\wbengine.exe
22:05:58.0555 4748 wbengine - ok
22:05:58.0603 4748 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:05:58.0639 4748 WbioSrvc - ok
22:05:58.0665 4748 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
22:05:58.0697 4748 Wcmsvc - ok
22:05:58.0745 4748 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:05:58.0773 4748 wcncsvc - ok
22:05:58.0819 4748 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:05:58.0857 4748 WcsPlugInService - ok
22:05:58.0889 4748 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\Windows\system32\drivers\wd.sys
22:05:58.0911 4748 Wd - ok
22:05:58.0949 4748 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
22:05:58.0973 4748 WdBoot - ok
22:05:59.0027 4748 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:05:59.0089 4748 Wdf01000 - ok
22:05:59.0119 4748 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
22:05:59.0153 4748 WdFilter - ok
22:05:59.0195 4748 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:05:59.0251 4748 WdiServiceHost - ok
22:05:59.0261 4748 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:05:59.0309 4748 WdiSystemHost - ok
22:05:59.0337 4748 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\Windows\System32\webclnt.dll
22:05:59.0393 4748 WebClient - ok
22:05:59.0425 4748 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:05:59.0473 4748 Wecsvc - ok
22:05:59.0507 4748 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:05:59.0565 4748 wercplsupport - ok
22:05:59.0597 4748 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\Windows\System32\WerSvc.dll
22:05:59.0631 4748 WerSvc - ok
22:05:59.0671 4748 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
22:05:59.0695 4748 WFPLWFS - ok
22:05:59.0713 4748 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\Windows\System32\wiarpc.dll
22:05:59.0737 4748 WiaRpc - ok
22:05:59.0761 4748 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:05:59.0779 4748 WIMMount - ok
22:05:59.0817 4748 WinDefend - ok
22:05:59.0879 4748 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:05:59.0935 4748 WinHttpAutoProxySvc - ok
22:05:59.0993 4748 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:06:00.0021 4748 Winmgmt - ok
22:06:00.0107 4748 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\Windows\system32\WsmSvc.dll
22:06:00.0191 4748 WinRM - ok
22:06:00.0281 4748 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\Windows\System32\wlansvc.dll
22:06:00.0327 4748 WlanSvc - ok
22:06:00.0393 4748 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\Windows\system32\wlidsvc.dll
22:06:00.0443 4748 wlidsvc - ok
22:06:00.0479 4748 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
22:06:00.0491 4748 WmiAcpi - ok
22:06:00.0539 4748 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:06:00.0563 4748 wmiApSrv - ok
22:06:00.0595 4748 WMPNetworkSvc - ok
22:06:00.0629 4748 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
22:06:00.0663 4748 wpcfltr - ok
22:06:00.0689 4748 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:06:00.0711 4748 WPCSvc - ok
22:06:00.0753 4748 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:06:00.0793 4748 WPDBusEnum - ok
22:06:00.0819 4748 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
22:06:00.0841 4748 WpdUpFltr - ok
22:06:00.0871 4748 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:06:00.0891 4748 ws2ifsl - ok
22:06:00.0921 4748 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\Windows\System32\wscsvc.dll
22:06:00.0951 4748 wscsvc - ok
22:06:00.0961 4748 WSearch - ok
22:06:01.0047 4748 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\Windows\System32\WSService.dll
22:06:01.0157 4748 WSService - ok
22:06:01.0247 4748 [ 79F95469604B77296346DE7DB463EA2A ] wuauserv C:\Windows\system32\wuaueng.dll
22:06:01.0389 4748 wuauserv - ok
22:06:01.0421 4748 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:06:01.0439 4748 WudfPf - ok
22:06:01.0469 4748 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
22:06:01.0489 4748 WUDFRd - ok
22:06:01.0527 4748 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:06:01.0559 4748 wudfsvc - ok
22:06:01.0575 4748 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:01.0603 4748 WUDFWpdFs - ok
22:06:01.0651 4748 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:06:01.0695 4748 WwanSvc - ok
22:06:01.0755 4748 [ 24FB8DB6D1D55E2C5D0A53DFE48E6AF8 ] Yontoo Desktop Updater C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
22:06:01.0779 4748 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - warning
22:06:01.0779 4748 Yontoo Desktop Updater - detected UnsignedFile.Multi.Generic (1)
22:06:01.0829 4748 ================ Scan global ===============================
22:06:01.0867 4748 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
22:06:01.0901 4748 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
22:06:01.0947 4748 [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
22:06:01.0989 4748 [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
22:06:01.0997 4748 [Global] - ok
22:06:01.0997 4748 ================ Scan MBR ==================================
22:06:02.0011 4748 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:06:02.0105 4748 \Device\Harddisk0\DR0 - ok
22:06:02.0143 4748 [ 1854D7C6A61FEC2412A0E5A09E517F51 ] \Device\Harddisk1\DR1
22:18:39.0003 4748 \Device\Harddisk1\DR1 - ok
22:18:39.0003 4748 ================ Scan VBR ==================================
22:18:39.0027 4748 [ D2A3D28B278F1464EF95A5A07DC2B46D ] \Device\Harddisk0\DR0\Partition1
22:18:39.0029 4748 \Device\Harddisk0\DR0\Partition1 - ok
22:18:39.0043 4748 [ B0147FF579CF3ED354855231CC065218 ] \Device\Harddisk0\DR0\Partition2
22:18:39.0045 4748 \Device\Harddisk0\DR0\Partition2 - ok
22:18:39.0055 4748 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
22:18:39.0055 4748 \Device\Harddisk0\DR0\Partition3 - ok
22:18:39.0067 4748 [ 43B879AF4788B2C0701D90332207BAC5 ] \Device\Harddisk0\DR0\Partition4
22:18:39.0069 4748 \Device\Harddisk0\DR0\Partition4 - ok
22:18:39.0105 4748 [ 494CFC3AF7BF6D01F81301A5866658BC ] \Device\Harddisk0\DR0\Partition5
22:18:39.0107 4748 \Device\Harddisk0\DR0\Partition5 - ok
22:18:39.0107 4748 ============================================================
22:18:39.0107 4748 Scan finished
22:18:39.0107 4748 ============================================================
22:18:39.0167 4696 Detected object count: 2
22:18:39.0167 4696 Actual detected object count: 2
22:19:34.0327 4696 BrowserProtect ( LockedFile.Multi.Generic ) - skipped by user
22:19:34.0327 4696 BrowserProtect ( LockedFile.Multi.Generic ) - User select action: Skip
22:19:34.0327 4696 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - skipped by user
22:19:34.0327 4696 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:19:56.0089 5068 Deinitialize success
rcpsetup_marim_marm.exe Wenn ich die Maus auf das Icon schiebe (keine Taste gedrückt) werden mir folgende Infos angezeigt: Dateibeschreibung: RegClean Pro Firma: Systweak Inc Dateiversion: 6.21.0.0 Erstelldatum: 10.05.2013 21:06 Größe: 4,25 MB Das Icon sieht aus wie das Logo des RegClean Pro. |
|
15.06.2013, 00:16
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop mit Windows 8 64 bit - RegClean Pro entfernen JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.06.2013, 20:49
| #11 |
| | Laptop mit Windows 8 64 bit - RegClean Pro entfernenCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by Manz on 15.06.2013 at 20:55:40,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] browserprotect
Successfully deleted: [Service] browserprotect
Successfully stopped: [Service] sprotection
Successfully deleted: [Service] sprotection
Successfully stopped: [Service] yontoo desktop updater
Successfully deleted: [Service] yontoo desktop updater
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iminent
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iminentmessenger
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\inboxtoolbar
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\optimizer pro
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\yontoo desktop
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealply
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealply
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\inbox toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\inbox toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mixidj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mixidj
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Umbrella
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxssb.alxtbssb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxssb.alxtbssb.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxtb2.toolbarproxy
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxtb2.toolbarproxy.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\iminent.webbooster.internetexplorer.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltadskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltadskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.downloadargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.linktopromoteargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.rawdataargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.tinyurlargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.virallinkargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.clientcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.contractbase
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.addtousercontentcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.checkloginstatuscommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.cleancachecommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.gameovercallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getcreditcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getinstallationcontextcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getloginstatuscommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getloginstatusresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getvariablecommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getvariableresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.installationcontextresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loadcontentcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loadcontentcommandresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.logincommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loginstatuschangedcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.logoutcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.mergeidentitycommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.myaccountcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.playcontentcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.postcontentcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.recycleviewscommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.setvariablecommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showbrowserwindowcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showcontrolcentercommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showpluginwindowcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.testcontentcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.usercontentchangedcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.variablechangedcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.warmupcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.welcomecommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.servercommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.serverresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.lightcontent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.lighturi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.mediatorserviceproxy
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.activecontenthandle.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.activecontenthandler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.browserhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.browserhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.scriptextender
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.scriptextender.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.tinyurlhandler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.tinyurlhandler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\inbox.appserver
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\inbox.ibx404
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\inbox.jsserver
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\inbox.toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\482aa67ad25e6e74e9f48bd5fbe8533c
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\482aa67ad25e6e74e9f48bd5fbe8533c
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\inbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sim-packages
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\app paths\sweetim.exe
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB01620.IEToolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB01620.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB01620.TBSB01620
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB01620
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB01620.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\TBSB01620.IEToolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\TBSB01620.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\TBSB01620.TBSB01620
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\TBSB01620.TBSB01620.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar3.TBSB01620
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar3.TBSB01620.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{57D550D4-CF08-3D6B-DBD6-2F3B7D8BC282}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{7A7AD0A1-A21B-1970-3F5D-26EC11088F50}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
~~~ Files
Successfully deleted: [File] C:\Windows\prefetch\DELTA BABYLON.EXE-7224C52F.pf
Successfully deleted: [File] C:\Windows\prefetch\MYBABYLONTB.EXE-08895BA4.pf
Successfully deleted: [File] C:\Windows\prefetch\MYBABYLONTB.EXE-55CA40F9.pf
Successfully deleted: [File] C:\Windows\prefetch\MYBABYLONTB.EXE-9A69A73B.pf
Successfully deleted: [File] C:\Windows\prefetch\APNSTUB.EXE-24AE7C2B.pf
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\iminent"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\delta"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\iminent"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\mixidj"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\optimizer pro"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Users\Manz\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\Manz\appdata\locallow\inbox toolbar"
Successfully deleted: [Folder] "C:\Users\Manz\appdata\locallow\mixidj"
Successfully deleted: [Folder] "C:\Users\Manz\appdata\locallow\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\dealply"
Successfully deleted: [Folder] "C:\Program Files (x86)\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\filesfrog update checker"
Successfully deleted: [Folder] "C:\Program Files (x86)\happylyrics"
Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"
Successfully deleted: [Folder] "C:\Program Files (x86)\iminent toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\inbox toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\mixidj"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\regclean pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\umbrella"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\inbox toolbar"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\microsoft\windows\start menu\programs\BrowserProtect"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\microsoft\windows\start menu\programs\dealply"
Successfully deleted: [Folder] "C:\Users\Manz\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
~~~ FireFox
Successfully deleted: [File] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\user.js
Successfully deleted: [File] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\searchplugins\browserprotect.xml
Successfully deleted: [File] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\searchplugins\delta.xml
Successfully deleted: [Folder] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\extensions\ffxtlbr@delta.com
Successfully deleted: [Folder] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\extensions\ffxtlbr@mixidj.com
Successfully deleted: [Folder] C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\extensions\plugin@yontoo.com
Successfully deleted the following from C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\prefs.js
user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119556&tt=190313_wo2&babsrc=HP_ss&mntrId=9C3A1A94231E82C3");
user_pref("avg.install.userSPSettings", "Delta Search");
user_pref("browser.newtab.url", "hxxp://mixidj.delta-search.com/?affID=121139&tl=214148526&tt=gc_&babsrc=NT_ss&mntrId=9C3A1A94231E82C3");
user_pref("extensions.AMAZONNEW_NS_PH.searchconf", "{\n \"google\" : {\n \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n \"rankometer\
user_pref("extensions.crossrider.bic", "13ecbe2788d20346f250d3cde6b8f0f1");
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.bbDpng", "15");
user_pref("extensions.delta.cntry", "DE");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.hdrMd5", "7EBADF1785BDFCCDF0118B77BF42AEAF");
user_pref("extensions.delta.id", "9c3a6b290000000000001a94231e82c3");
user_pref("extensions.delta.instlDay", "15838");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.lastVrsnTs", "1.8.16.1616:50:23");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.sg", "azb");
user_pref("extensions.delta.smplGrp", "azb");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.1616:50:23");
user_pref("extensions.delta.vrsni", "1.8.16.16");
Emptied folder: C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\minidumps [7 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Manz\appdata\local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.06.2013 at 21:00:56,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
15.06.2013, 20:55
| #12 |
| | Laptop mit Windows 8 64 bit - RegClean Pro entfernenCode:
ATTFilter # AdwCleaner v2.303 - Datei am 15/06/2013 um 21:09:10 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzer : Manz - HAUS
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Manz\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : eSafeSvc
Gestoppt & Gelöscht : Updater Service for AMZN
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Manz\AppData\Local\mysearchdial.crx
Datei Gelöscht : C:\Users\Manz\AppData\Roaming\Mozilla\Firefox\Profiles\4hexzx5o.default\searchplugins\mixidj.xml
Datei Gelöscht : C:\Users\Manz\AppData\Roaming\Mozilla\Firefox\Profiles\4hexzx5o.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\tasks\LyricsPal Update.job
Datei Gelöscht : C:\Windows\Tasks\MySearchDial.job
Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Ordner Gelöscht : C:\Program Files (x86)\Amazon Browser Bar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Program Files (x86)\Desk 365
Ordner Gelöscht : C:\Program Files (x86)\LyricStar
Ordner Gelöscht : C:\Program Files (x86)\Mysearchdial
Ordner Gelöscht : C:\Program Files (x86)\XingHaoLyrics
Ordner Gelöscht : C:\Program Files\DomaIQ Uninstaller
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelöscht : C:\Users\Manz\AppData\Local\Amazon Browser Bar
Ordner Gelöscht : C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Ordner Gelöscht : C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Ordner Gelöscht : C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gelöscht : C:\Users\Manz\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Manz\AppData\LocalLow\Mysearchdial
Ordner Gelöscht : C:\Users\Manz\AppData\Roaming\337
Ordner Gelöscht : C:\Users\Manz\AppData\Roaming\Desk 365
Ordner Gelöscht : C:\Users\Manz\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Manz\AppData\Roaming\Mozilla\Firefox\Profiles\4hexzx5o.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Ordner Gelöscht : C:\Users\Manz\AppData\Roaming\Mozilla\Firefox\Profiles\4hexzx5o.default\extensions\amo@dealplyshopping.com
Ordner Gelöscht : C:\Users\Manz\AppData\Roaming\Mozilla\Firefox\Profiles\4hexzx5o.default\extensions\ffxtlbr@mysearchdial.com
Ordner Gelöscht : C:\Users\Manz\AppData\Roaming\Mysearchdial
Ordner Gelöscht : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Ordner Gelöscht : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Alexa Internet
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\XingHaoLyrics
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6492E171-2427-4932-B414-33574A089F5E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{94B541D6-E74E-4436-A601-324694E83C6B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6492E171-2427-4932-B414-33574A089F5E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{94B541D6-E74E-4436-A601-324694E83C6B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\V9
Schlüssel Gelöscht : HKCU\Software\5255dd88b26eee48
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\Software\mysearchdial
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5255dd88b26eee48
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94B541D6-E74E-4436-A601-324694E83C6B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F443A627-5009-4323-9C1D-7FD598D0D712}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94B541D6-E74E-4436-A601-324694E83C6B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\lrcspal@xinghao.net
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mixidj
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\extensions [lrcspal@xinghao.net]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.mysearchdial.com/?f=2&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtD0BtByByDyC0BtBzytN0D0Tzu0CyDtDzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=223379816&ir= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtD0BtByByDyC0BtBzytN0D0Tzu0CyDtDzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=223379816&ir= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtD0BtByByDyC0BtBzytN0D0Tzu0CyDtDzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=223379816&ir= --> hxxp://www.google.com
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\Manz\AppData\Roaming\Mozilla\Firefox\Profiles\4hexzx5o.default\prefs.js
Gelöscht : user_pref("browser.search.defaultenginename", "Mysearchdial");
Gelöscht : user_pref("browser.search.order.1", "Mysearchdial");
Gelöscht : user_pref("extensions.enabledAddons", "amo%40dealplyshopping.com:2.0,%7Bad9a41d2-9a49-4fa6-a79e-71a0[...]
Gelöscht : user_pref("extensions.mysearchdial.aflt", "tugumsd");
Gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Gelöscht : user_pref("extensions.mysearchdial.cntry", "DE");
Gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
Gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
Gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
Gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,6[...]
Gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
Gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "CE6D69B80C7ADB85DA262782AA21E6AE");
Gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
Gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyE[...]
Gelöscht : user_pref("extensions.mysearchdial.id", "B888E3A0B2756B29");
Gelöscht : user_pref("extensions.mysearchdial.instlDay", "15847");
Gelöscht : user_pref("extensions.mysearchdial.instlRef", "");
Gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN[...]
Gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", "12:55:45");
Gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=tugumsd&cd=2Xzu[...]
Gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"22\",\"lastVrsn\":\"22\",\"vrsnLoad\":[...]
Gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Gelöscht : user_pref("extensions.mysearchdial.sg", "none");
Gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
Gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=tugumsd&cd=2X[...]
Gelöscht : user_pref("extensions.mysearchdial.vrsn", "");
Gelöscht : user_pref("extensions.mysearchdial.vrsni", "");
Gelöscht : user_pref("extensions.mysearchdial_i.hmpg", true);
Gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
Gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "12:55:45");
Gelöscht : user_pref("extentions.y2layers.installId", "E1656F6B-D786-240A-204D-01E3834A91CC");
Gelöscht : user_pref("extentions.y2layers.installId_backup", "E1656F6B-D786-240A-204D-01E3834A91CC");
-\\ Google Chrome v27.0.1453.110
Datei : C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.25] : keyword = "mysearchdial.com",
Gelöscht [l.240] : search_url = "hxxp://toolbar.inbox.com/search/results.aspx?q=%query%&tbid=%tbid%&tp=[...]
*************************
AdwCleaner[R1].txt - [54044 octets] - [15/06/2013 21:06:04]
AdwCleaner[S1].txt - [53846 octets] - [15/06/2013 21:09:10]
########## EOF - C:\AdwCleaner[S1].txt - [53907 octets] ##########
Code:
ATTFilter OTL logfile created on: 15.06.2013 21:21:53 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Manz\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16580) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,82 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 69,62% Memory free 4,51 Gb Paging File | 3,17 Gb Available in Paging File | 70,40% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 443,69 Gb Total Space | 391,93 Gb Free Space | 88,33% Space Free | Partition Type: NTFS Computer Name: HAUS | User Name: Manz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Manz\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Omiga Plus\omigaplus.exe (Taiwan Shui Mu Chih Ching Technology Limited.) PRC - C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe (Taiwan Shui Mu Chih Ching Technology Limited.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated) PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) PRC - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe () PRC - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Omiga Plus\edeskcmn.dll () MOD - C:\Program Files (x86)\Omiga Plus\libpng.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5cb0754debdf19b9f0d63d4d8721f532\System.Windows.Forms.ni.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll () MOD - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe () MOD - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () ========== Services (SafeList) ========== SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (omigaplussvc) -- C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe (Taiwan Shui Mu Chih Ching Technology Limited.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (ETDService) -- C:\Programme\Elantech\ETDService.exe (ELAN Microelectronics Corp.) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (AtherosSvc) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (Qualcomm Atheros Commnucations) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (RfButtonDriverService) -- C:\Windows\RfBtnSvc64.exe (Dritek System INC.) SRV - (CCDMonitorService) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) SRV - (DeviceFastLaneService) -- C:\Programme\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe (Acer Incorporated) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. ) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\Drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\Drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\Drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros) DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (Ps2Kb2Hid) -- C:\Windows\SysNative\Drivers\aPs2Kb2Hid.sys (Dritek System Inc.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\Drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\Drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\Drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\Drivers\bScsiSDa.sys (Broadcom Corporation) DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\Drivers\bScsiMSa.sys (Broadcom Corporation) DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\Drivers\b57xdbd.sys (Broadcom Corporation) DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\Drivers\b57xdmp.sys (Broadcom Corporation) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\Drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\Drivers\BCMWL63A.SYS (Broadcom Corporation) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\Drivers\UBHelper.sys (NTI Corporation) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NTI Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{57D550D4-CF08-3D6B-DBD6-2F3B7D8BC282}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS IE:64bit: - HKLM\..\SearchScopes\{B1AEE09D-45BC-480C-A2DF-7253EBC7E1F2}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtD0BtByByDyC0BtBzytN0D0Tzu0CyDtDzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=223379816&ir= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{B1AEE09D-45BC-480C-A2DF-7253EBC7E1F2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2229505580-413648313-3343944023-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2229505580-413648313-3343944023-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2229505580-413648313-3343944023-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com IE - HKU\S-1-5-21-2229505580-413648313-3343944023-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_764498b21eb64b19a39035495da64690_39_1006_20130611_DE_ie_sp_ IE - HKU\S-1-5-21-2229505580-413648313-3343944023-1002\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2229505580-413648313-3343944023-1002\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_764498b21eb64b19a39035495da64690_39_1006_20130611_DE_ie_ds_&query={searchTerms} IE - HKU\S-1-5-21-2229505580-413648313-3343944023-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Amazon " FF - prefs.js..browser.startup.homepage: "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_764498b21eb64b19a39035495da64690_39_1006_20130611_DE_ff_sp_" FF - prefs.js..extensions.enabledAddons: abb%40amazon.com:3.0.20121130 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..keyword.URL: "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_764498b21eb64b19a39035495da64690_39_1006_20130611_DE_ff_ab_&query=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.15 19:10:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\LyricStar@KSYngsoft.net: C:\Program Files (x86)\LyricStar\FF\ FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.15 19:10:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.12.28 21:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manz\AppData\Roaming\mozilla\Extensions [2013.06.15 21:09:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manz\AppData\Roaming\mozilla\Firefox\Profiles\4hexzx5o.default\extensions [2013.06.11 10:16:12 | 000,000,000 | ---D | M] ("Amazon Browser Bar") -- C:\Users\Manz\AppData\Roaming\mozilla\Firefox\Profiles\4hexzx5o.default\extensions\abb@amazon.com [2013.06.11 10:17:15 | 000,002,301 | ---- | M] () -- C:\Users\Manz\AppData\Roaming\mozilla\firefox\profiles\4hexzx5o.default\searchplugins\amazon.xml [2013.05.30 19:46:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.30 19:46:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Amazon (Enabled) CHR - default_search_provider: search_url = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_764498b21eb64b19a39035495da64690_39_1006_20130611_DE_cr_ds_&query={searchTerms} CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}&output=chrome CHR - homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_764498b21eb64b19a39035495da64690_39_1006_20130611_DE_cr_sp_ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - Extension: Inbox Toolbar = C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgjagobplilmcdfelodhgefiidomnfl\1.0.0.9_0\ CHR - Extension: Lyric Star = C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhdkohbepelnfckgjinfddmecpngnpb\1.111_0\ CHR - Extension: Lyric Star = C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhdkohbepelnfckgjinfddmecpngnpb\1.114_0\ CHR - Extension: LyricsPal = C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.111_0\ CHR - Extension: MySearchDial = C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\8.0.1_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" File not found O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [LManager] File not found O4 - HKU\S-1-5-21-2229505580-413648313-3343944023-1002..\Run: [Omiga Plus] C:\Program Files (x86)\Omiga Plus\omigaplus.exe (Taiwan Shui Mu Chih Ching Technology Limited.) O4 - Startup: C:\Users\Manz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Atheros Communications) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKU\S-1-5-21-2229505580-413648313-3343944023-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Mit Mipony herunterladen - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Mit Mipony herunterladen - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32DA37AE-A04D-4044-B015-2EB1CB8AE9E5}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A10F49CF-5495-47E9-9E07-DCA82E339E8D}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.15 20:55:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.15 20:55:14 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.15 20:54:38 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Manz\Desktop\JRT.exe [2013.06.14 20:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable) [2013.06.14 20:44:30 | 000,000,000 | ---D | C] -- C:\Users\Manz\Desktop\mbar-1.06.0.1003 [2013.06.13 21:51:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Manz\Desktop\OTL.exe [2013.06.13 21:08:44 | 000,000,000 | ---D | C] -- C:\Users\Manz\AppData\Roaming\Malwarebytes [2013.06.13 21:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.06.13 21:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.13 21:08:32 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.06.13 21:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.06.11 20:36:34 | 000,000,000 | ---D | C] -- C:\Users\Manz\AppData\Roaming\337 Wallpaper [2013.06.11 10:16:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon [2013.06.11 10:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Omiga Plus [2013.06.11 10:11:47 | 000,000,000 | ---D | C] -- C:\Users\Manz\AppData\Roaming\Omiga Plus [2013.06.11 10:11:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Omiga Plus [2013.05.31 10:31:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2013.05.31 10:31:50 | 000,000,000 | ---D | C] -- C:\Users\Manz\AppData\Roaming\Atheros [2013.05.30 21:37:01 | 000,136,424 | ---- | C] (Qualcomm Atheros) -- C:\Windows\SysNative\drivers\btath_rcp.sys [2013.05.30 21:37:00 | 000,077,464 | ---- | C] (Qualcomm Atheros) -- C:\Windows\SysNative\drivers\btath_lwflt.sys [2013.05.30 21:36:59 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdfcoinstaller01009.dll [2013.05.30 21:36:59 | 000,179,432 | ---- | C] (Qualcomm Atheros) -- C:\Windows\SysNative\drivers\btath_hcrp.sys [2013.05.30 21:36:57 | 000,346,192 | ---- | C] (Qualcomm Atheros) -- C:\Windows\SysNative\drivers\btath_a2dp.sys [2013.05.30 21:36:57 | 000,115,280 | ---- | C] (Qualcomm Atheros) -- C:\Windows\SysNative\drivers\btath_avdt.sys [2013.05.30 21:36:57 | 000,089,168 | ---- | C] (Qualcomm Atheros) -- C:\Windows\SysNative\drivers\btath_flt.sys [2013.05.30 21:36:55 | 000,581,200 | ---- | C] (Qualcomm Atheros) -- C:\Windows\SysNative\drivers\btfilter.sys [2013.05.30 21:36:54 | 000,034,384 | ---- | C] (Qualcomm Atheros) -- C:\Windows\SysNative\drivers\btath_bus.sys [2013.05.30 21:36:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\QCA_Bluetooth [2013.05.30 21:34:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.05.30 19:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.22 13:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller [2013.05.20 21:42:56 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.20 21:42:52 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.20 21:42:51 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013.05.20 21:42:51 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.20 21:42:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.20 21:42:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.20 21:41:35 | 006,987,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.15 21:11:40 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.15 21:11:31 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\Lyric Star Update.job [2013.06.15 21:11:24 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2013.06.15 21:11:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.06.15 21:11:06 | 3281,010,688 | -HS- | M] () -- C:\hiberfil.sys [2013.06.15 21:04:44 | 000,648,201 | ---- | M] () -- C:\Users\Manz\Desktop\adwcleaner.exe [2013.06.15 21:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.15 21:00:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.15 20:54:40 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Manz\Desktop\JRT.exe [2013.06.15 20:51:18 | 000,001,426 | ---- | M] () -- C:\Users\Manz\Desktop\Registry kostenlos entrümpeln!.lnk [2013.06.14 22:01:00 | 000,000,512 | ---- | M] () -- C:\Users\Manz\Desktop\MBR.dat [2013.06.14 20:43:00 | 013,169,742 | ---- | M] () -- C:\Users\Manz\Desktop\mbar-1.06.0.1003.zip [2013.06.13 22:06:08 | 000,377,856 | ---- | M] () -- C:\Users\Manz\Desktop\gmer_2.1.19163.exe [2013.06.13 22:02:51 | 000,071,852 | ---- | M] () -- C:\Users\Manz\Desktop\Extras1 [2013.06.13 22:01:12 | 000,147,822 | ---- | M] () -- C:\Users\Manz\Desktop\OTL1 [2013.06.13 21:51:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Manz\Desktop\OTL.exe [2013.06.13 21:50:03 | 000,000,000 | ---- | M] () -- C:\Users\Manz\defogger_reenable [2013.06.13 21:49:27 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.13 21:49:27 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.13 21:49:27 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.13 21:49:27 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.13 21:49:27 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.13 18:58:42 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job [2013.06.11 10:14:36 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk [5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.15 21:04:44 | 000,648,201 | ---- | C] () -- C:\Users\Manz\Desktop\adwcleaner.exe [2013.06.14 22:01:00 | 000,000,512 | ---- | C] () -- C:\Users\Manz\Desktop\MBR.dat [2013.06.14 20:44:17 | 013,169,742 | ---- | C] () -- C:\Users\Manz\Desktop\mbar-1.06.0.1003.zip [2013.06.13 22:07:07 | 000,377,856 | ---- | C] () -- C:\Users\Manz\Desktop\gmer_2.1.19163.exe [2013.06.13 22:02:51 | 000,071,852 | ---- | C] () -- C:\Users\Manz\Desktop\Extras1 [2013.06.13 22:01:12 | 000,147,822 | ---- | C] () -- C:\Users\Manz\Desktop\OTL1 [2013.06.13 21:50:03 | 000,000,000 | ---- | C] () -- C:\Users\Manz\defogger_reenable [2013.06.11 10:14:47 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job [2013.06.11 10:14:39 | 000,001,426 | ---- | C] () -- C:\Users\Manz\Desktop\Registry kostenlos entrümpeln!.lnk [2013.06.11 10:14:36 | 000,001,054 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk [2013.04.12 20:09:55 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.02.23 22:42:46 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2013.02.23 22:42:32 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013.02.23 22:42:31 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012.12.29 15:38:27 | 000,000,017 | ---- | C] () -- C:\Users\Manz\AppData\Local\resmon.resmoncfg [2012.11.24 23:34:58 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2012.09.11 13:57:14 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2012.08.13 11:11:02 | 141,421,187 | ---- | C] () -- C:\Users\Manz\openofficeorg1.cab [2012.08.13 11:09:30 | 003,166,208 | ---- | C] () -- C:\Users\Manz\openofficeorg341.msi [2012.08.13 11:09:30 | 000,473,600 | ---- | C] () -- C:\Users\Manz\setup.exe [2012.08.13 11:09:30 | 000,000,294 | ---- | C] () -- C:\Users\Manz\setup.ini [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2012.11.27 10:54:50 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:373E1720 < End of report > |
|
15.06.2013, 20:56
| #13 |
| | Laptop mit Windows 8 64 bit - RegClean Pro entfernenCode:
ATTFilter OTL Extras logfile created on: 15.06.2013 21:21:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Manz\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,82 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 69,62% Memory free
4,51 Gb Paging File | 3,17 Gb Available in Paging File | 70,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,69 Gb Total Space | 391,93 Gb Free Space | 88,33% Space Free | Partition Type: NTFS
Computer Name: HAUS | User Name: Manz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2229505580-413648313-3343944023-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{518CF9B8-9B8C-463D-A22E-4B4E40B8DFD3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EA5227-1B42-4B15-BD0E-42235EF56224}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{06A5472F-FBB4-483A-A873-DF72110300C2}" = dir=in | name=skype |
"{06F05ED7-BBC7-4E3E-9624-7E46454414F6}" = dir=out | name=microsoft solitaire collection |
"{0A725071-67F3-4AFE-9852-C9F26B033581}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{0AFC80C3-3FD9-4B7B-B6C4-6EBD82938816}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{0F1CE4CE-7CBD-48AB-AE91-1B52A48D94CC}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{10BA7FB5-D71F-4220-9A74-78DA028D6434}" = dir=out | name=ebay |
"{14324EDF-26D1-4926-ACD8-BFE1EF10832B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{14B868FF-F818-41ED-9356-8BEA2E65DC4F}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{17DB2339-D9EF-463A-981F-ABE07E771E18}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{20B219D5-CAF2-45AF-90C0-9C85AAAFB16D}" = dir=out | name=acer explorer |
"{258C03BE-1BAB-4936-9604-D4F06F0FEAA5}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{2972567B-E83A-4133-8A7E-78D040E5D7CF}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{2ECF8EDF-1B01-4EB5-B67B-3AE3276666B4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{31E1693E-3390-40B6-B695-117F62340D1E}" = dir=out | name=evernote |
"{3283C695-DF2B-4984-B59E-BCCA2168EDEE}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{440A53AF-148C-4148-B46A-A68C70D563A1}" = dir=out | name=skype |
"{44C6AADC-2F2F-4C23-A7F7-BF98FA385742}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4A5ECC7A-AEDD-4722-A1BD-441D1A2D4033}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{4D78C571-1FA0-4CCB-A6B3-03CE6A4AA360}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{5037252E-DC27-4E96-BC2E-5254EB621CF3}" = dir=out | name=windows_ie_ac_001 |
"{57EBD0A4-B5B2-4806-8C1E-90019A66BAD1}" = protocol=6 | dir=out | app=c:\program files (x86)\bluetooth suite\win7ui.exe |
"{5940DE15-62B5-481F-B202-CDB1C344B23D}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5E1CE66E-8003-4DB8-9A94-B650DBF19F10}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{5FB90EED-6EA2-497B-9F48-CF522045E4B8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{657C6BCA-DA65-4280-95C6-1B7C60D6EA40}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{6CEB3713-7992-4340-B67F-EF967526E6D4}" = dir=out | name=newsxpresso metro |
"{6EB8A522-9CC5-4061-818D-3946EAC244A8}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{6FEA3802-38DC-43EC-B0A9-4BC3DB03B529}" = dir=out | name=social jogger |
"{724758D0-19F5-47C2-8D5F-CABE7F8FA3EC}" = dir=out | name=cut the rope |
"{748F520C-E467-49F2-A7D1-E9351C7E1DFB}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{774B5997-E19D-4D17-8929-0C411063A67E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7A409C9A-D501-46C2-BC0F-8E0B64636FA9}" = dir=out | name=microsoft mahjong |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8506E338-CE72-47F6-8CC5-5D0A9A37DAED}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{85EC3273-915D-4FBC-A467-62563DD1A770}" = dir=in | name=evernote |
"{88EE0B3E-5570-48A8-90E8-667670B90D43}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{8C605DAB-EA3A-432B-A0AB-F4C692A7B695}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\movie\playmovie.exe |
"{8E7F8627-FDBB-4D81-8E94-E829795DA551}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{90D2BF30-C3F7-4987-BDD3-763DC69B44F7}" = protocol=6 | dir=out | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"{92D4EB48-EF5E-4121-81FD-8F4290040FF0}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe |
"{9684BDD4-BFED-4C80-87B5-39DDB57F43A3}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{97E743FC-5540-48EA-BE73-C49F4DFB0D72}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{A48A07FE-8D5C-43CC-A42E-D0BD028E29F9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{A5EAEB0B-951F-4102-861A-3609EF67676D}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{ACABB8B6-159B-4CA6-910D-056EEE26EBCD}" = dir=in | name=ebay |
"{AE25DCB8-3455-4147-861D-4967A665BC0C}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B536C492-9E28-4F4F-93BA-7ED8D1B78CCD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{B54C9F53-63CE-4AA0-919B-9C75EEF8A37A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{B93D31F2-6372-4E32-B082-039DFF1BF558}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{BFACDD30-5A14-45F2-BA8D-66CE9F479A0A}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{C493EAE8-ACF7-4D44-AF9D-38E92861C275}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\backupmanager.exe |
"{C5DB5AB6-2398-4079-B6C1-E96E888276B2}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{CBB9D488-5091-4A30-85F7-04141650EC78}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{D072D69F-BB06-41C6-8939-C75C07F915E7}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\fileexplorer.exe |
"{D266C892-5C89-435D-8715-D013A51A4B2F}" = dir=out | name=fresh paint |
"{D2E2BDC4-799D-4C50-850B-5A88DE8C5E26}" = dir=out | name=taptiles |
"{D37E09C7-4CF4-49DD-8F8C-4E3752668960}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\btvstack.exe |
"{D53FD004-455A-4EC7-BDBA-83BD19BD1EDB}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{E0DAD86D-4426-46ED-A7B4-BBB56A9656EB}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{E1407F99-448C-4761-B7DF-82549664A82B}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{E25824F6-8487-44A9-9BC5-F07EB6D65059}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{E2D96A1F-47F8-4D36-BCAA-D8331589AC80}" = dir=out | name=microsoft minesweeper |
"{E312580E-16C5-4CD4-B1E0-B86FBABD017A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E3F2C5CA-5BF3-45A8-A009-EB793BE95A86}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\musicplayer.exe |
"{E41E5EC6-E2CA-4D76-AEC8-DF168C012B7D}" = dir=out | name=7digital music store |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EA0EE272-10D5-4B5F-8D9D-EAB974441E26}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{EBADDA77-0F4E-45A6-89B4-002B4649318D}" = dir=out | name=skitch |
"{EE10E863-7C49-463A-92E8-80E7B49283D5}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{F2E19E40-C05F-4894-93CA-85637787D000}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"{F6A32B9D-DF2E-4398-B9D4-27882AA49A2A}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{F91830D4-5793-4CEB-A8E2-260B9473FCC4}" = dir=out | name=txtr reader |
"TCP Query User{923BAB1D-8FA7-42D7-8201-06ED7274A9CA}C:\program files (x86)\bluetooth suite\bttray.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"TCP Query User{BA3457D0-8E8F-4513-9C63-B7F13940A196}C:\program files (x86)\bluetooth suite\btvstack.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\btvstack.exe |
"UDP Query User{650D2081-26D0-4138-B333-BEEE976008D8}C:\program files (x86)\bluetooth suite\btvstack.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bluetooth suite\btvstack.exe |
"UDP Query User{BFAE5C32-3C95-4696-9FAC-69A8B0989929}C:\program files (x86)\bluetooth suite\bttray.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bluetooth suite\bttray.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0613
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F6100F13-F183-47A2-94A8-9AAC4976E228}" = Acer Instant Update Service
"Elantech" = ETDWare PS/2-X64 11.6.11.002_WHQL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A694AF57-9891-4D62-824C-7E55A1361A14}" = eBay Worldwide
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{BC8BD878-91A4-4EDD-898F-68E0573468B4}" = Iminent
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"DMUninstaller" = DMUninstaller
"Google Chrome" = Google Chrome
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"LManager" = Launch Manager
"LyricStar@KSYngsoft.net" = Lyric Star
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"MixiDJ chrome Toolbar" = MixiDJ chrome Toolbar
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"Omiga Plus" = Omiga Plus
"RegClean Pro_is1" = RegClean Pro
"Spotify" = Spotify
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-127529ac-60be-498e-af93-b984ca7a0af5" = John Deere Drive Green
"WTA-1b1634cb-5311-4495-a0d1-00849723a792" = Governor of Poker 2 Premium Edition
"WTA-2a6a43b9-36fd-49cb-b430-d411fa3dd533" = Aloha TriPeaks
"WTA-3e86179a-465a-45e1-a5bf-f0b527074592" = Jewel Match 3
"WTA-3fc0e76e-05b7-4579-951d-82df1b7b3eb6" = Bejeweled 3
"WTA-6a4a2392-3c88-4266-864e-4a255b046ec6" = Polar Bowler
"WTA-8652405a-f4e3-4997-848a-44267a6dafed" = Penguins!
"WTA-a327c1dc-9bd3-4896-806a-b0e64dc90f38" = Delicious: Emily's True Love Premium Edition
"WTA-a873993f-f8d7-48c9-b4f8-e9333937746e" = Agatha Christie - Death on the Nile
"WTA-b43e747e-dbae-4abf-92c4-20165cb60117" = Final Drive: Nitro
"WTA-c9ea7a05-11db-459b-b825-dc0d18f4542d" = Island Tribe
"WTA-d5cffe25-5727-483e-92ad-ff475512b870" = Tales of Lagoona
"WTA-db475b9f-2a71-420d-a5d5-5093e9fb9451" = Zuma's Revenge
"WTA-e286b031-7e1d-4c6c-974e-51fc7ffc5689" = Magic Academy
"WTA-ed937619-3422-4ab2-853f-87d6c87a3eb6" = Plants vs. Zombies - Game of the Year
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2229505580-413648313-3343944023-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DSite" = Update for Mipony Download Manager
< End of report >
|
|
17.06.2013, 10:07
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop mit Windows 8 64 bit - RegClean Pro entfernen Scan mit SystemLook (x64) Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.06.2013, 19:07
| #15 |
| | Laptop mit Windows 8 64 bit - RegClean Pro entfernenCode:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 19:58 on 17/06/2013 by Manz
Administrator - Elevation successful
========== filefind ==========
Searching for "*conduit*"
No files found.
Searching for "*softonic*"
No files found.
Searching for "*quickstore*"
No files found.
Searching for "*yontoo*"
C:\Users\Manz\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\YontooDesktop.exe.log --a---- 388 bytes [17:14 27/03/2013] [18:51 15/06/2013] 692CA5AC795DCD6777ECEB689F235FD7
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\yontoo.css --a---- 9417 bytes [13:52 23/11/2012] [13:52 23/11/2012] D845FAB3043732F592D161052D051209
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\yontoo-banner.png --a---- 2862 bytes [15:08 11/06/2012] [15:08 11/06/2012] 83532EF017143D446FE8A138C253881B
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\yontoo-buzzdock.png --a---- 3686 bytes [15:07 11/06/2012] [15:07 11/06/2012] B8F211CFEDDB5806DBA0D58FA6AA1C77
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\yontoo-ddd-gris.png --a---- 6875 bytes [10:45 01/08/2012] [10:45 01/08/2012] E36E442D6AB041D6E0B487BFA0CB5DBE
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\yontoo-ddd.png --a---- 7502 bytes [14:49 14/08/2012] [14:49 14/08/2012] 52AE01B379D2A63C97308608ACAF0EC9
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\yontoo-ddda.png --a---- 5058 bytes [06:42 03/08/2012] [06:42 03/08/2012] 1F94431ED0EC02BCA0C74A3B625437EF
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\yontoo-ezlogo.png --a---- 2762 bytes [15:22 07/06/2012] [15:22 07/06/2012] 10A29399667C3068E08CDCEE2C90EFE7
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\yontoo-pagerage.png --a---- 3118 bytes [15:24 07/06/2012] [15:24 07/06/2012] A53E2E822584ECF23E4A330947A84E64
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\yontoo.png --a---- 1555 bytes [14:19 07/06/2012] [14:19 07/06/2012] 5B1408F109FAA8E2AF311A5BCD4B3BD6
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\temp\Yontooinfo.dfe --a---- 34264 bytes [09:18 25/11/2012] [09:18 25/11/2012] 004F2309B4CA8B90F531757ADF57A108
C:\Users\Manz\AppData\Local\Temp\scoped_dir_1380_7859\YontooLayers.crx --a---- 5757 bytes [18:29 07/04/2013] [17:13 27/03/2013] 9C0347D08941C96717078853E929B941
C:\Windows\Prefetch\YONTOODESKTOP.EXE-3548F377.pf --a---- 83272 bytes [17:13 27/03/2013] [18:51 15/06/2013] AEF2CBB611F2FEEB4E31920213439388
Searching for "*FunMood*"
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\funmoods.css --a---- 8566 bytes [15:43 08/11/2012] [15:43 08/11/2012] CA85869FEC7EDFD49653156EACEF7B48
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\funmoods-icon.png --a---- 3950 bytes [16:14 02/08/2012] [16:14 02/08/2012] 07AA33A7DF29FA36F25A24434EC37C73
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\funmoods-img.png --a---- 72202 bytes [10:25 04/07/2012] [10:25 04/07/2012] 159C1A06E97EE79AE44DB9C8F729285F
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\funmoods-logo.png --a---- 6011 bytes [06:42 03/08/2012] [06:42 03/08/2012] AB0ECF0577C8E5EF2CFE6854A44A019F
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\funmoods-toolbar-gris.png --a---- 3961 bytes [10:14 05/11/2012] [10:14 05/11/2012] 3C7FE813BD04A5393FC5281D23A4EAD3
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\funmoods-toolbar.png --a---- 5650 bytes [10:14 05/11/2012] [10:14 05/11/2012] 3473E17B43BC704A9FACE6C564510971
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\OLDfunmoods-toolbar-gris.jpg --a---- 19581 bytes [06:46 03/10/2012] [06:46 03/10/2012] 01BBF88ECB279829E31277B7864AD16E
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\OLDfunmoods-toolbar.jpg --a---- 8266 bytes [15:06 24/09/2012] [15:06 24/09/2012] A2A37354B7844E16D504A25BD0F30275
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\temp\FunMoodsV2.2info.dfe --a---- 111366 bytes [09:17 25/11/2012] [09:18 25/11/2012] 20758D53D6672EA3711FFCAAB583F952
Searching for "*tarma*"
No files found.
Searching for "*asktool*"
No files found.
Searching for "*RegClean*"
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2W9P5O8O\RegCleanPro_DE_FC_300x250_DC-wereccomend_fc[1].jpg --a---- 42384 bytes [17:34 07/05/2013] [17:34 07/05/2013] BFE153907212376BB2A3125A3C1FEAAE
C:\Users\Manz\AppData\Roaming\Omiga Plus\icons\RegCleanPro_1ee2d7be9ea10689144115c460926740.ico --a---- 26694 bytes [08:14 11/06/2013] [08:14 11/06/2013] EFFAE1579591CAA244FEA8406D10F5EC
C:\Users\Manz\AppData\Roaming\Omiga Plus\icons\RegCleanPro_1ee2d7be9ea10689144115c460926740_16_16.png --a---- 646 bytes [16:49 11/06/2013] [16:49 11/06/2013] C40ABC1DA24C947499F7357457529661
C:\Users\Manz\AppData\Roaming\Omiga Plus\icons\RegCleanPro_1ee2d7be9ea10689144115c460926740_48_48.png --a---- 3098 bytes [08:14 11/06/2013] [08:14 11/06/2013] 1A8E710AD204A0330EB65949DFBBE934
C:\Users\Public\Desktop\RegClean Pro.lnk --a---- 1054 bytes [08:14 11/06/2013] [08:14 11/06/2013] 19342D1B096CBBCB14C6B887D80A3948
C:\Windows\Prefetch\REGCLEANPRO.EXE-F0AFF227.pf --a---- 191568 bytes [17:18 06/05/2013] [08:14 12/06/2013] 7766EE4EA4210B2E25E0A3D5348B0A09
C:\Windows\System32\Tasks\RegClean Pro --a---- 3108 bytes [08:14 11/06/2013] [18:53 15/06/2013] D8113471914AF22112C7EF7C7837A406
C:\Windows\System32\Tasks\RegClean Pro_UPDATES --a---- 3004 bytes [08:14 11/06/2013] [08:14 11/06/2013] 3E21E2DE4BCA524EF00A41332C5D750F
C:\Windows\Tasks\RegClean Pro_UPDATES.job --a---- 292 bytes [08:14 11/06/2013] [16:58 13/06/2013] 796F4F299DB6F2AD5D3C0AB489CD0A2E
Searching for "*delta*"
C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage --a---- 149504 bytes [08:17 18/04/2013] [08:22 18/04/2013] A5573DBAAEE2DAD3A97328419032A424
C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage-journal --a---- 3608 bytes [08:17 18/04/2013] [08:22 18/04/2013] 313FE740ABEF7259A2A5081D6E0DA87D
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2W9P5O8O\bab138.deltatb_dmn[1].zpb --a---- 254 bytes [14:49 13/05/2013] [14:49 13/05/2013] 951FC8A77BE82D63DAEED0E03BBE7DFB
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2W9P5O8O\DeltaChromeTB_1001[2].zpb --a---- 651122 bytes [14:50 13/05/2013] [14:50 13/05/2013] 0D169FBFBEA6B5EB1CF7CC6214051AC4
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2W9P5O8O\delta[1].xml --a---- 1709 bytes [18:50 22/05/2013] [18:50 22/05/2013] 560076A54988517A6E19D4A031BBD55C
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH8E4A4G\Setup-deltatb[1].zpb --a---- 1755878 bytes [14:49 13/05/2013] [14:50 13/05/2013] 4C165B8EE1AA760E86ABF633A4975696
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TSF2R8YS\delta-toolbar[1].jpg --a---- 7052 bytes [17:12 27/03/2013] [17:12 27/03/2013] F7FD7489BA39EABB144BE4471408D84B
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TSF2R8YS\sprite-delta[1].jpg --a---- 17377 bytes [17:12 27/03/2013] [17:12 27/03/2013] BA020B0B99550F1BC0B8795C8AF5CD40
C:\Users\Manz\AppData\Local\Temp\540915A7-BAB0-7891-B243-9389C845AB4B\Latest\delta.crx --a---- 376427 bytes [12:51 25/02/2013] [12:51 25/02/2013] 97C477F0EA061B586CA9234F46C8F61D
C:\Users\Manz\AppData\Local\Temp\540915A7-BAB0-7891-B243-9389C845AB4B\Latest\Delta.ico --a---- 22382 bytes [15:19 24/02/2013] [15:19 24/02/2013] E9AF4E3DC9D5E6D0961637B704EAEC48
C:\Users\Manz\AppData\Local\Temp\540915A7-BAB0-7891-B243-9389C845AB4B\Latest\DeltaChromeTB_1001.zpb --a---- 746093 bytes [17:13 27/03/2013] [17:13 27/03/2013] 2720F3C4CCF9727BB79F4EE7C15ADC17
C:\Users\Manz\AppData\Local\Temp\540915A7-BAB0-7891-B243-9389C845AB4B\Latest\Setup-deltatb.zpb --a---- 1751825 bytes [17:13 27/03/2013] [17:13 27/03/2013] E97C4DBA120C796F57BE51751DFEFEC0
C:\Users\Manz\AppData\Local\Temp\825374A6-BAB0-7891-A6B2-F51CC1FD332E\bab138.deltatb_dmn.dat --a---- 223 bytes [11:00 18/04/2013] [11:00 18/04/2013] 36A34B46B83F95A7C32D5CFB57F9775C
C:\Users\Manz\AppData\Local\Temp\825374A6-BAB0-7891-A6B2-F51CC1FD332E\bab138.deltatb_dmn.zpb --a---- 254 bytes [14:49 13/05/2013] [14:49 13/05/2013] 951FC8A77BE82D63DAEED0E03BBE7DFB
C:\Users\Manz\AppData\Local\Temp\825374A6-BAB0-7891-A6B2-F51CC1FD332E\delta1.crx --a---- 390077 bytes [10:17 12/05/2013] [10:17 12/05/2013] 591A05C4D202D8EB94FD5B60F8E0D34B
C:\Users\Manz\AppData\Local\Temp\825374A6-BAB0-7891-A6B2-F51CC1FD332E\Delta2.ico --a---- 5430 bytes [15:25 23/04/2013] [15:25 23/04/2013] 97EE720DD3678F23D02D166E522402AC
C:\Users\Manz\AppData\Local\Temp\825374A6-BAB0-7891-A6B2-F51CC1FD332E\DeltaChromeTB_1001.zpb --a---- 651122 bytes [14:50 13/05/2013] [14:50 13/05/2013] 0D169FBFBEA6B5EB1CF7CC6214051AC4
C:\Users\Manz\AppData\Local\Temp\825374A6-BAB0-7891-A6B2-F51CC1FD332E\Setup-deltatb.zpb --a---- 1755878 bytes [14:50 13/05/2013] [14:50 13/05/2013] 4C165B8EE1AA760E86ABF633A4975696
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\bin\css\delta.css --a---- 2444 bytes [10:08 30/01/2013] [10:08 30/01/2013] 6D4355E4B2B8C4356B225109E2232228
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\software\Delta Babylon.exe --a---- 785904 bytes [14:49 13/05/2013] [14:49 13/05/2013] EB2764885565B6C01CB32E5F51F213B3
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\temp\Delta Babyloninfo.dfe --a---- 921 bytes [14:49 13/05/2013] [14:49 13/05/2013] 4052F9D43D19F706AADF8ADCD390D03C
C:\Users\Manz\AppData\Local\Temp\scoped_dir_1380_12940\Delta.crx --a---- 376427 bytes [18:29 07/04/2013] [12:51 25/02/2013] 97C477F0EA061B586CA9234F46C8F61D
C:\Users\Manz\AppData\Local\Temp\scoped_dir_1380_12940\CRX_INSTALL\Delta --a---- 0 bytes [18:29 07/04/2013] [18:29 07/04/2013] D41D8CD98F00B204E9800998ECF8427E
C:\Users\Manz\AppData\Local\Temp\scoped_dir_1380_12940\CRX_INSTALL\delta128.png --a---- 12964 bytes [18:29 07/04/2013] [18:29 07/04/2013] 39A23E2D0BFDC78572B3BC8E729782F1
C:\Users\Manz\AppData\Local\Temp\scoped_dir_1380_12940\CRX_INSTALL\delta48.png --a---- 3435 bytes [18:29 07/04/2013] [18:29 07/04/2013] AEED08E8BC1C1C1373C5727503E4545D
C:\Users\Manz\AppData\Local\Temp\scoped_dir_1380_12940\CRX_INSTALL\DeltaChromeToolbar.dll --a---- 93184 bytes [18:29 07/04/2013] [18:29 07/04/2013] CBDFC6D0FDAC4F44DF80636DFE7330BB
C:\Windows\Prefetch\DELTA BABYLON.EXE-7224C52F.pf --a---- 39358 bytes [14:49 13/05/2013] [14:49 13/05/2013] E844974A4AECE4DC30E986E7F172F2A1
C:\Windows\Prefetch\DELTA4FFX.EXE-7CEEB40F.pf --a---- 59482 bytes [17:13 27/03/2013] [17:13 27/03/2013] 38D5C8A409AA7093F67AA26279C90EFE
C:\Windows\Prefetch\DELTA4FFX.EXE-A25946F0.pf --a---- 58860 bytes [14:50 13/05/2013] [14:50 13/05/2013] CA89BC321B4B53DA0BD875CBEBBF17F2
C:\Windows\Prefetch\DELTA4IE.EXE-9E9F25AA.pf --a---- 51148 bytes [14:50 13/05/2013] [14:50 13/05/2013] 46C3C35A5A5E4E2F0F55D79D2B9C8418
C:\Windows\Prefetch\DELTA4IE.EXE-EDB1C4E1.pf --a---- 51618 bytes [17:13 27/03/2013] [17:13 27/03/2013] 1BEFDE2D0C8C159C3B3E0E951FC785AF
C:\Windows\Prefetch\DELTASRV.EXE-4C1778A4.pf --a---- 18898 bytes [17:13 27/03/2013] [17:13 27/03/2013] B24EDD92DD396F0DAA62A0A6D7A4EFDD
C:\Windows\Prefetch\DELTASRV.EXE-A19C1FBD.pf --a---- 17978 bytes [14:50 13/05/2013] [14:50 13/05/2013] C4A847C1C9A138F6AC4E261E9410E001
C:\Windows\Prefetch\DELTATB_2501-C733154B.EXE-7DD0477C.pf --a---- 35194 bytes [17:13 27/03/2013] [17:13 27/03/2013] 5043ADF2366BBC78C295E101DB1A69E4
C:\Windows\System32\msdelta.dll --a---- 413696 bytes [00:01 26/07/2012] [03:06 26/07/2012] 89E7F62F3FA627CCD134BBD21ED6A614
C:\Windows\SysWOW64\msdelta.dll --a---- 309248 bytes [00:01 26/07/2012] [03:19 26/07/2012] 279CB3D6BCF7FFB34B931A74D8DF96B3
C:\Windows\WinSxS\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.2.9200.16384_none_98f60f7d0f834fb9\msdelta.dll --a---- 413696 bytes [00:01 26/07/2012] [03:06 26/07/2012] 89E7F62F3FA627CCD134BBD21ED6A614
C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\msdelta.dll --a---- 414208 bytes [05:28 26/07/2012] [05:28 26/07/2012] 2B56FCBA4A9450F415D9DEF94A14823D
C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16455_none_624a7aa150f57306\msdelta.dll --a---- 414208 bytes [20:07 27/12/2012] [04:22 10/11/2012] 3AB475A0CEFFB767C56ED3B15A1F78F3
C:\Windows\WinSxS\FileMaps\$$_media_delta_0f36d7d9b4f7293c.cdf-ms --a---- 580 bytes [08:13 26/07/2012] [08:11 26/07/2012] 5557D49BB1F087CE5D5748E031D7E385
C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.2.9200.16384_none_98f60f7d0f834fb9.manifest --a---- 3676 bytes [05:09 26/07/2012] [05:09 26/07/2012] A8167F84D1C9F62FFFAA262D65C96E01
C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.2.9200.16384_none_c2a83d93becc1142.manifest --a---- 2500 bytes [05:10 26/07/2012] [05:10 26/07/2012] 984EC399823081B60BA46C88EB0EA3C1
C:\Windows\WinSxS\Manifests\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.2.9200.16384_none_3cd773f95725de83.manifest --a---- 3674 bytes [03:56 26/07/2012] [03:56 26/07/2012] 4F5D2317A8FCA5B27258863B1FED07CC
C:\Windows\WinSxS\Manifests\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.2.9200.16384_none_6689a210066ea00c.manifest --a---- 2498 bytes [03:57 26/07/2012] [03:57 26/07/2012] 5E1229A72686C6166762F1BE3E43DCB9
C:\Windows\WinSxS\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.2.9200.16384_none_3cd773f95725de83\msdelta.dll --a---- 309248 bytes [00:01 26/07/2012] [03:19 26/07/2012] 279CB3D6BCF7FFB34B931A74D8DF96B3
C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_060a6d2998b13f25\msdelta.dll --a---- 310784 bytes [05:28 26/07/2012] [05:28 26/07/2012] 8356476987DA8F747EF2B8BC3FB2E9CD
C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16455_none_062bdf1d989801d0\msdelta.dll --a---- 310784 bytes [20:07 27/12/2012] [04:22 10/11/2012] 3076396DA4764FE1FDD03AAB80F6C6A0
Searching for "*babylon*"
C:\Users\Manz\AppData\Local\Temp\540915A7-BAB0-7891-B243-9389C845AB4B\Latest\MyBabylonTB.exe --a---- 2028384 bytes [13:15 23/01/2013] [13:15 23/01/2013] 42D8EBB6DCB232E81F93CD4F280058DC
C:\Users\Manz\AppData\Local\Temp\825374A6-BAB0-7891-A6B2-F51CC1FD332E\MyBabylonTB.exe --a---- 1953504 bytes [12:56 08/04/2013] [12:56 08/04/2013] 8579A1F1CA46DAAD932A147F7AFCED5C
C:\Users\Manz\AppData\Local\Temp\C8C400D2-BAB0-7891-9487-999C4643DBE8\Latest\Babylon.dat --a---- 12384 bytes [12:17 19/02/2013] [12:17 19/02/2013] 825E5733974586A0A1229A53361ED13E
C:\Users\Manz\AppData\Local\Temp\C8C400D2-BAB0-7891-9487-999C4643DBE8\Latest\MyBabylonTB.exe --a---- 2445608 bytes [09:22 30/04/2013] [09:22 30/04/2013] B17558F96A6B4051768DBA3C41CDB9F8
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\Babylon.css --a---- 8433 bytes [08:51 06/11/2012] [08:51 06/11/2012] ABCD8F658C037040CAC1EAEA231166D2
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\babylon-logo.png --a---- 4899 bytes [06:36 02/08/2012] [06:36 02/08/2012] 66F002C22C25C656E7E0D48134EC2D96
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\babylon-toolbar-big.png --a---- 3990 bytes [15:30 02/08/2012] [15:30 02/08/2012] E20E8C9CE6D95C05A26837FC5B0D786F
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\babylon-toolbar-gris.png --a---- 5979 bytes [06:46 03/10/2012] [06:46 03/10/2012] 8278749D50B3AFF2F62AA49A78FB0ACF
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\css\images\babylon-toolbar.png --a---- 6975 bytes [06:36 02/08/2012] [06:36 02/08/2012] FE75C8A44AEEEE1BD981A6C1F3C53880
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\temp\Babylon115038info.dfe --a---- 23695 bytes [09:17 25/11/2012] [09:18 25/11/2012] 4849815EB530740511C30400E7C20762
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\software\Delta Babylon.exe --a---- 785904 bytes [14:49 13/05/2013] [14:49 13/05/2013] EB2764885565B6C01CB32E5F51F213B3
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\temp\Delta Babyloninfo.dfe --a---- 921 bytes [14:49 13/05/2013] [14:49 13/05/2013] 4052F9D43D19F706AADF8ADCD390D03C
C:\Windows\Prefetch\DELTA BABYLON.EXE-7224C52F.pf --a---- 39358 bytes [14:49 13/05/2013] [14:49 13/05/2013] E844974A4AECE4DC30E986E7F172F2A1
Searching for "*iminent*"
C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.iminent.com_0.localstorage --a---- 152576 bytes [12:07 17/03/2013] [10:53 22/05/2013] 262C311C4CAF10406C69FB514A7CF0AE
C:\Users\Manz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.iminent.com_0.localstorage-journal --a---- 8768 bytes [12:07 17/03/2013] [10:53 22/05/2013] B489E3694A1442199296ECAA2CF416AB
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2W9P5O8O\IMinentToolbar[1].msi --a---- 1025536 bytes [08:56 27/11/2012] [08:56 27/11/2012] A25D73A4A45222261189F86AA392EAEB
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH8E4A4G\geoloc_iminent_com[1].js --a---- 61 bytes [08:55 27/11/2012] [08:55 27/11/2012] 09289F246306460748888BD9937C5820
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH8E4A4G\Iminent-5.48.42.0[1].MSI --a---- 10543104 bytes [08:55 27/11/2012] [08:56 27/11/2012] 571DC77B42EA4B9313BD829B904A6E8C
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH8E4A4G\Iminent[1].js --a---- 3431 bytes [08:55 27/11/2012] [08:55 27/11/2012] B959AEBD986EC65CFEA796437452CA09
C:\Users\Manz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TSF2R8YS\setup2_iminent_com[1].htm --a---- 0 bytes [08:55 27/11/2012] [08:55 27/11/2012] D41D8CD98F00B204E9800998ECF8427E
C:\Users\Manz\AppData\Local\Temp\nsu3A16.tmp\IminentSetup_0711-8bae1e11.exe --a---- 831880 bytes [08:55 27/11/2012] [08:55 27/11/2012] DA824109369836BBD119AB499189C884
C:\Users\Manz\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\EQ3307AN\search.iminent[1].xml --a---- 84 bytes [16:57 27/03/2013] [17:10 27/03/2013] 0CA5C363AF9C99D560C811FEE2746487
C:\Windows\Prefetch\IMINENT.MESSENGERS.EXE-71459735.pf --a---- 125460 bytes [08:56 27/11/2012] [16:19 26/01/2013] AE5217798D8987AE452E433FFD245853
C:\Windows\Prefetch\IMINENTSETUP_0711-8BAE1E11.EX-EED415DF.pf --a---- 34052 bytes [08:55 27/11/2012] [08:55 27/11/2012] BB9959A2D7C4FB401C10AB43F6E37386
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\IMinent_Toolbar.crc --a---- 0 bytes [08:56 27/11/2012] [08:48 02/07/2010] D41D8CD98F00B204E9800998ECF8427E
========== folderfind ==========
Searching for "*conduit*"
No folders found.
Searching for "*softonic*"
No folders found.
Searching for "*quickstore*"
No folders found.
Searching for "*yontoo*"
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\Yontoo d------ [09:18 25/11/2012]
Searching for "*FunMood*"
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\FunMoodsV2.2 d------ [09:18 25/11/2012]
Searching for "*tarma*"
No folders found.
Searching for "*asktool*"
No folders found.
Searching for "*RegClean*"
No folders found.
Searching for "*delta*"
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\bin\Delta Babylon d------ [14:49 13/05/2013]
C:\Users\Manz\AppData\Local\Temp\mt_ffx\Delta d------ [17:13 27/03/2013]
C:\Users\Manz\AppData\Local\Temp\mt_ffx\Delta\delta d------ [17:13 27/03/2013]
C:\Windows\Media\Delta dr--s-- [08:12 26/07/2012]
C:\Windows\WinSxS\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.2.9200.16384_none_98f60f7d0f834fb9 d------ [08:04 26/07/2012]
C:\Windows\WinSxS\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.2.9200.16384_none_c2a83d93becc1142 d------ [08:04 26/07/2012]
C:\Windows\WinSxS\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.2.9200.16384_none_3cd773f95725de83 d------ [08:04 26/07/2012]
C:\Windows\WinSxS\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.2.9200.16384_none_6689a210066ea00c d------ [08:04 26/07/2012]
Searching for "*babylon*"
C:\Users\Manz\AppData\Local\Temp\DM\avira-premium-security-suite_046\bin\Babylon115038 d------ [09:17 25/11/2012]
C:\Users\Manz\AppData\Local\Temp\DM\y4dwI0oGBal7yPW\bin\Delta Babylon d------ [14:49 13/05/2013]
Searching for "*iminent*"
No folders found.
========== regfind ==========
Searching for "*conduit*"
No data found.
Searching for "*softonic*"
No data found.
Searching for "*quickstore*"
No data found.
Searching for "*yontoo*"
No data found.
Searching for "*FunMood*"
No data found.
Searching for "*tarma*"
No data found.
Searching for "*asktool*"
No data found.
Searching for "*RegClean*"
No data found.
Searching for "*delta*"
No data found.
Searching for "*babylon*"
No data found.
Searching for "*iminent*"
No data found.
-= EOF =-
|
|
| Themen zu Laptop mit Windows 8 64 bit - RegClean Pro entfernen |
| 64 bit, adware.domaiq, adware/domaiq.bn, adware/domaiq.gk, adware/installbrain.ak, adware/pricepeep.k, bereits, defogger, entferne, entfernen, programfilesdir/exes.zip, programfilesdir/launcher.exe, programfilesdir/pricepeep.dll, regclean, regclean pro, regclean pro entfernen, threads, windows, windows 8, windows 8 64, windows 8 64 bit |
Linear-Darstellung
