| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Willkürliche Werbetabs in FirefoxWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.01.2017, 14:16
| #1 |
| |  Willkürliche Werbetabs in Firefox Hallo, mein Problem besteht darin, dass sich Firefox (ob von mir geöffnet oder nicht) alle paar Sekunden ein Tab mit Werbugn öffnet, sei es irgendeine Casinoseite, Elektrogeräteseite, etc. Zumal sich Firefox auch selbstständig schließt wir mir gerade passiert ist und ich den Text jetzt zum 4. mal schreibe... Hier mal 2 Beispiele von Seiten: 1. Outlet46.de - Markenschuhe und Markenkleidung zu günstigen Preisen 2. ExoClick | Leading Web & Mobile Ad Network Ich kenne mich leider überhaupt nicht mit PC's aus, trotz meiner 23 Jahre, daher hoffe ich das, wie ich hier des öfteren gelesen habe mir geholfen werden kann. Vielen Dank schonmal im voraus |
|
24.01.2017, 14:20
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Willkürliche Werbetabs in Firefox Hallo und
__________________ +++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden? Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
24.01.2017, 14:46
| #3 |
| | Willkürliche Werbetabs in Firefox Mit Malwarebytes habe ich vorhin schon einmal einen Scan durchgeführt und alles gelöscht was er gefunden hatte, geholfen hat leider noch nichts.
__________________Code:
ATTFilter # AdwCleaner v6.042 - Bericht erstellt am 24/01/2017 um 13:27:29
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-24.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Simone - SIMONE-PC
# Gestartet von : C:\Users\Simone\Downloads\adwcleaner_6.042.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Dienst Gefunden: zigipyro
Dienst Gefunden: zigipyro
***** [ Ordner ] *****
Ordner Gefunden: C:\Program Files (x86)\VK OK AdBlock
Ordner Gefunden: C:\Users\Simone\AppData\Local\39464E43-1485262613-3136-4E52-00269E57E885
Ordner Gefunden: C:\Program Files (x86)\VK OK AdBlock
Ordner Gefunden: C:\Users\Simone\AppData\Roaming\Note-up
Ordner Gefunden: C:\Users\Simone\AppData\Roaming\OpenCandy
Ordner Gefunden: C:\Users\Simone\AppData\Roaming\RHEng
Ordner Gefunden: C:\Users\Simone\AppData\Roaming\tlerauic
Ordner Gefunden: C:\ProgramData\smdmf
Ordner Gefunden: C:\ProgramData\Application Data\smdmf
Ordner Gefunden: C:\Program Files (x86)\Assets Manager
Ordner Gefunden: C:\Program Files (x86)\VK OK AdBlock
Ordner Gefunden: C:\Program Files (x86)\filter
Ordner Gefunden: C:\Program Files (x86)\CleanBrowser
Ordner Gefunden: C:\Program Files (x86)\DPower
Ordner Gefunden: C:\Program Files (x86)\BestCleaner
Ordner Gefunden: C:\Program Files (x86)\MyMemory
Ordner Gefunden: C:\Users\Simone\AppData\Local\Temp\OCS
Ordner Gefunden: C:\Program Files (x86)\DPower
Ordner Gefunden: C:\Program Files (x86)\Mozilla Firefox\browser\features\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
Ordner Gefunden: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\naweriweentcofise
***** [ Dateien ] *****
Datei Gefunden: C:\TOSTACK
Datei Gefunden: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Datei Gefunden: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\invalidprefs.js
Datei Gefunden: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\searchplugins\default-search.xml
Datei Gefunden: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
Datei Gefunden: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\searchplugins\smod.xml
Datei Gefunden: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
Datei Gefunden: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Verknüpfung infiziert: C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ( hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1b936806-1c67-bcb5-2657-eae8f3ea6765&searchtyp
***** [ Aufgabenplanung ] *****
Aufgabe Gefunden: Update Service for VK OK AdBlock
Aufgabe Gefunden: Update Service for VK OK AdBlock2
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock_is1
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock_is1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{73F208F0-628E-4E2C-A8E5-E7A06B71AB01}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
Schlüssel Gefunden: {764C8270-3798-46F1-8ECE-23F531AF8CEE}
Schlüssel Gefunden: {B11B5281-500D-4B5C-8B39-9240FD340085}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{9171FFD0-87C3-4FE0-9EBD-B89A131FD79B}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{F7AA3C0A-8CC3-4989-BF35-EF288214E737}
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\Interface\{9171FFD0-87C3-4FE0-9EBD-B89A131FD79B}
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\Interface\{F7AA3C0A-8CC3-4989-BF35-EF288214E737}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Wert Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gefunden: HKU\.DEFAULT\Software\jhdbca
Schlüssel Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Installer
Schlüssel Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Linkey
Schlüssel Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\SmdmF
Schlüssel Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\MICROSOFT\wewewe
Schlüssel Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\tivecar
Schlüssel Gefunden: HKU\S-1-5-18\Software\jhdbca
Schlüssel Gefunden: HKCU\Software\Installer
Schlüssel Gefunden: HKCU\Software\Linkey
Schlüssel Gefunden: HKCU\Software\SmdmF
Schlüssel Gefunden: HKCU\Software\MICROSOFT\wewewe
Schlüssel Gefunden: HKCU\Software\tivecar
Schlüssel Gefunden: HKLM\SOFTWARE\SmdmF
Schlüssel Gefunden: HKLM\SOFTWARE\trotuxSoftware
Schlüssel Gefunden: HKLM\SOFTWARE\jhdbca
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CleanBrowser
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DPower_is1
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BestCleaner_is1
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyMemory
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fd7bad22-3721-476e-e815-8e1e74df2bcd}
Schlüssel Gefunden: [x64] HKCU\Software\Installer
Schlüssel Gefunden: [x64] HKCU\Software\Linkey
Schlüssel Gefunden: [x64] HKCU\Software\SmdmF
Schlüssel Gefunden: [x64] HKCU\Software\MICROSOFT\wewewe
Schlüssel Gefunden: [x64] HKCU\Software\tivecar
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\SearchModule
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\jhdbca
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2803453848-642829566-3864579339-1001\Products\22dab7df1273e6748e51e8e147fdb2dc
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Daten Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6Q
Daten Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4il
Daten Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4i
Daten Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kj
Daten Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuek
Daten Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4
Daten Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.default-search.net?sid=503&a
Daten Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXq
Daten Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJ
Daten Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcd
Daten Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuD
Daten Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DX
Daten Gefunden: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6Q
Daten Gefunden: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4il
Daten Gefunden: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4i
Daten Gefunden: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kj
Daten Gefunden: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuek
Daten Gefunden: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4
Daten Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4iloA4Cqx
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.default-search.net?sid=503&aid=102&itype=a&ver=15511&tm=478&src=hmp
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4iloA4Cqxh
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4iloA4Cqxhk
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4ilo
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4iloA4Cqx
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.default-search.net?sid=503&aid=102&itype=a&ver=15511&tm=478&src=hmp
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4iloA4Cq
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4iloA4Cqx
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4i
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBg
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb-DXqJHF7eQd8pUwLNtUdUuyfcpP6k2kjuekPBgT4iloA4C
Schlüssel Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Daten Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Daten Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Schlüssel Gefunden: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Daten Gefunden: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Daten Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F61C0022-3A6E-4302-9C5A-6A8C00D0A3B0}
Daten Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\movshare.net
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\movshare.net
Wert Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [Wd]
Wert Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DiskPower]
Wert Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyMemory]
Wert Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BestCleaner]
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\DesktopBackground\Shell\Add event reminder
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Directory\Background\shell\Add event reminder
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Directory\shell\Add event reminder
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\*\shell\Add event reminder
***** [ Internetbrowser ] *****
Firefox pref Gefunden: [C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\prefs.js] - "browser.newtab.url" - "hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H1Oztrmbl10BU,36cd9532-8ba9-4c
Firefox pref Gefunden: [C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\prefs.js] - "browser.search.defaultenginename" - "default-search.net"
Firefox pref Gefunden: [C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\prefs.js] - "browser.search.order.1" - "default-search.net"
Firefox pref Gefunden: [C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\prefs.js] - "browser.search.selectedEngine" - "default-search.net"
Firefox pref Gefunden: [C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\prefs.js] - "keyword.URL" - "hxxp://www.default-search.net/search?sid=503&aid=102&itype=a&ver=15511&tm=478&src=ds&p="
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [19503 Bytes] - [24/01/2017 13:27:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19577 Bytes] ##########
Code:
ATTFilter # AdwCleaner v6.042 - Bericht erstellt am 24/01/2017 um 13:29:35
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-24.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Simone - SIMONE-PC
# Gestartet von : C:\Users\Simone\Downloads\adwcleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: zigipyro
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Program Files (x86)\VK OK AdBlock
[-] Ordner gelöscht: C:\Users\Simone\AppData\Local\39464E43-1485262613-3136-4E52-00269E57E885
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\VK OK AdBlock
[-] Ordner gelöscht: C:\Users\Simone\AppData\Roaming\Note-up
[-] Ordner gelöscht: C:\Users\Simone\AppData\Roaming\OpenCandy
[-] Ordner gelöscht: C:\Users\Simone\AppData\Roaming\RHEng
[#] Ordner mit Neustart gelöscht: C:\Users\Simone\AppData\Roaming\tlerauic
[-] Ordner gelöscht: C:\ProgramData\smdmf
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\smdmf
[-] Ordner gelöscht: C:\Program Files (x86)\Assets Manager
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\VK OK AdBlock
[-] Ordner gelöscht: C:\Program Files (x86)\filter
[-] Ordner gelöscht: C:\Program Files (x86)\CleanBrowser
[-] Ordner gelöscht: C:\Program Files (x86)\DPower
[-] Ordner gelöscht: C:\Program Files (x86)\BestCleaner
[-] Ordner gelöscht: C:\Program Files (x86)\MyMemory
[-] Ordner gelöscht: C:\Users\Simone\AppData\Local\Temp\OCS
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\DPower
[-] Ordner gelöscht: C:\Program Files (x86)\Mozilla Firefox\browser\features\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
[-] Ordner gelöscht: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\naweriweentcofise
***** [ Dateien ] *****
[-] Datei gelöscht: C:\TOSTACK
[-] Datei gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[-] Datei gelöscht: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\invalidprefs.js
[-] Datei gelöscht: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\searchplugins\default-search.xml
[-] Datei gelöscht: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
[-] Datei gelöscht: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\searchplugins\smod.xml
[#] Datei gelöscht: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
[#] Datei gelöscht: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
[-] Verknüpfung desinfiziert: C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: Update Service for VK OK AdBlock
[-] Aufgabe gelöscht: Update Service for VK OK AdBlock2
***** [ Registrierungsdatenbank ] *****
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\zigipyro
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock_is1
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{73F208F0-628E-4E2C-A8E5-E7A06B71AB01}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
[#] Schlüssel mit Neustart gelöscht: {764C8270-3798-46F1-8ECE-23F531AF8CEE}
[#] Schlüssel mit Neustart gelöscht: {B11B5281-500D-4B5C-8B39-9240FD340085}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9171FFD0-87C3-4FE0-9EBD-B89A131FD79B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{F7AA3C0A-8CC3-4989-BF35-EF288214E737}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{9171FFD0-87C3-4FE0-9EBD-B89A131FD79B}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{F7AA3C0A-8CC3-4989-BF35-EF288214E737}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\jhdbca
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Installer
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Linkey
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\SmdmF
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\MICROSOFT\wewewe
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\tivecar
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\jhdbca
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Installer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Linkey
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SmdmF
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\MICROSOFT\wewewe
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\tivecar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SmdmF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\trotuxSoftware
[-] Schlüssel gelöscht: HKLM\SOFTWARE\jhdbca
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VK OK AdBlock
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CleanBrowser
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DPower_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BestCleaner_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyMemory
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fd7bad22-3721-476e-e815-8e1e74df2bcd}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Installer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Linkey
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SmdmF
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\MICROSOFT\wewewe
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\tivecar
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\SearchModule
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\jhdbca
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2803453848-642829566-3864579339-1001\Products\22dab7df1273e6748e51e8e147fdb2dc
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Daten wiederhergestellt: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten wiederhergestellt: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten wiederhergestellt: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten wiederhergestellt: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F61C0022-3A6E-4302-9C5A-6A8C00D0A3B0}
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\movshare.net
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\movshare.net
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [Wd]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DiskPower]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyMemory]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BestCleaner]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\DesktopBackground\Shell\Add event reminder
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Directory\Background\shell\Add event reminder
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Directory\shell\Add event reminder
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\*\shell\Add event reminder
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.newtab.url" - "hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H1Oztrmbl10BU,36cd9532-8ba9-4cc9-a5da-eb5d10b15e66,"
[-] Firefox Einstellungen bereinigt: "browser.search.defaultenginename" - "default-search.net"
[-] Firefox Einstellungen bereinigt: "browser.search.order.1" - "default-search.net"
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "default-search.net"
[-] Firefox Einstellungen bereinigt: "keyword.URL" - "hxxp://www.default-search.net/search?sid=503&aid=102&itype=a&ver=15511&tm=478&src=ds&p="
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [16998 Bytes] - [24/01/2017 13:29:35]
C:\AdwCleaner\AdwCleaner[S0].txt - [19761 Bytes] - [24/01/2017 13:27:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [17146 Bytes] ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2017
durchgeführt von Simone (Administrator) auf SIMONE-PC (24-01-2017 14:37:58)
Gestartet von C:\Users\Simone\Downloads
Geladene Profile: Simone (Verfügbare Profile: Simone)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\7aa7021a-05b1-4791-81e1-c7e17992ccce1485258690\knsC1D8.tmp
() C:\Windows\Temp\g2B26.tmp.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
() C:\Program Files\QP51FFQLD4\XTTOFJM57.exe
() C:\Program Files\5WV3YOI7WJ\5WV3YOI7W.exe
() C:\Program Files\PD6GAT98BN\PD6GAT98B.exe
() C:\Program Files\1MHZYOASN6\1MHZYOASN.exe
() C:\Users\Simone\AppData\Local\Temp\{f30-7c-05-d44b6-9acc1-50f4-c78c9}\dKC_'A9&gb.exe
() C:\Program Files\ZVS7GTP3PI\ZVS7GTP3P.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
() C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Simone\AppData\Local\39464E43-1485266695-3136-4E52-00269E57E885\qnsn3CE3.tmp
() C:\Windows\Temp\B56B.tmp
(zdengine) C:\Program Files (x86)\OtherSearch\zdengine.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-08-25] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2009-08-25] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [DSL Soforthilfe] => C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2015-12-02] (Easybits)
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Run: [6JO5OX3NZN] => C:\Program Files\QP51FFQLD4\XTTOFJM57.exe [380416 2017-01-24] ()
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Run: [4FV6DPZQHX] => C:\Program Files\5WV3YOI7WJ\5WV3YOI7W.exe [380416 2017-01-24] ()
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Run: [3AXV8OEUN4] => C:\Program Files\PD6GAT98BN\PD6GAT98B.exe [380416 2017-01-24] ()
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Run: [HNL4YO6AL3] => C:\Program Files\1MHZYOASN6\1MHZYOASN.exe [380416 2017-01-24] ()
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Run: [dKC_'A9&gb.exe] => C:\Users\Simone\AppData\Local\Temp\{f30-7c-05-d44b6-9acc1-50f4-c78c9}\dKC_'A9&gb.exe [1191424 2017-01-24] () <===== ACHTUNG
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Run: [LWBRVZM4VU] => C:\Program Files\ZVS7GTP3PI\ZVS7GTP3P.exe [380416 2017-01-24] ()
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\MountPoints2: {3ce572aa-f735-11e3-b8a7-00269e57e885} - I:\LG_PC_Programs.exe
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\...\MountPoints2: {dd41b88d-3095-11e5-9891-00269e57e885} - G:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2
HKLM\...\Providers\gkag881u: C:\Program Files (x86)\Cnsythuker Collector\local64spl.dll [289792 2017-01-24] ()
ShellExecuteHooks: Kein Name - {17FEF462-DE3D-11E6-96EE-64006A5CFC23} - C:\Users\Simone\AppData\Roaming\Vaterentphoser\Cloitpruwther.dll -> Keine Datei
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-08-25] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2014-06-29]
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\Windows\system32\zdengine.dll Keine Datei
Winsock: Catalog9 02 C:\Windows\system32\zdengine.dll Keine Datei
Winsock: Catalog9 03 C:\Windows\system32\zdengine.dll Keine Datei
Winsock: Catalog9 04 C:\Windows\system32\zdengine.dll Keine Datei
Winsock: Catalog9 15 C:\Windows\system32\zdengine.dll Keine Datei
Winsock: Catalog9-x64 01 C:\Windows\system32\zdengine64.dll [364303 2017-01-24] (zdengine)
Winsock: Catalog9-x64 02 C:\Windows\system32\zdengine64.dll [364303 2017-01-24] (zdengine)
Winsock: Catalog9-x64 03 C:\Windows\system32\zdengine64.dll [364303 2017-01-24] (zdengine)
Winsock: Catalog9-x64 04 C:\Windows\system32\zdengine64.dll [364303 2017-01-24] (zdengine)
Winsock: Catalog9-x64 15 C:\Windows\system32\zdengine64.dll [364303 2017-01-24] (zdengine)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4ECDEC68-6726-45EA-B0DC-DE96F3036ED3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {5970C4E2-FE63-4A58-BCAD-492B21182195} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM -> {6F1AC36C-1808-4B40-AAD7-BE7B43DF660C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2803453848-642829566-3864579339-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2803453848-642829566-3864579339-1001 -> {5970C4E2-FE63-4A58-BCAD-492B21182195} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-25] (Sun Microsystems, Inc.)
BHO: VK OK AdBlock -> {FF20459C-DA6E-41A7-80BC-8F4FEFD9C575} -> C:\Program Files (x86)\VK OK AdBlock\IEEF\ubRZAHX.dll => Keine Datei
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Kein Name -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> Keine Datei
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-08-25] (Sun Microsystems, Inc.)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
Toolbar: HKLM-x32 - Kein Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - Keine Datei
Toolbar: HKU\S-1-5-21-2803453848-642829566-3864579339-1001 -> Kein Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - Keine Datei
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default [2017-01-24]
FF Homepage: Mozilla\Firefox\Profiles\28nsljbo.default -> www.google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\28nsljbo.default -> hxxp://www.default-search.net/search?sid=503&aid=102&itype=a&ver=15511&tm=478&src=ds&p=
FF Extension: (DSL Soforthilfe) - C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\Extensions\{95E05177-EA09-4386-8B79-FEB1EAC063E6} [2014-11-11] [ist nicht signiert]
FF SearchPlugin: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\28nsljbo.default\searchplugins\gkag881u.xml [2017-01-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-22] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Datei ist nicht signiert]
R2 Grerzuied; C:\Program Files (x86)\Meqaculthalek\BoforyMng.dll [147968 2017-01-24] () [Datei ist nicht signiert]
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 negudibo; C:\Program Files (x86)\7aa7021a-05b1-4791-81e1-c7e17992ccce1485258690\knsC1D8.tmp [410112 2017-01-24] () [Datei ist nicht signiert]
R2 RepairFileHewlettPackard; C:\Program Files (x86)\Hewlett-Packard\RepairFileHewlettPackard.dll [225792 2017-01-24] () [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 zdengine; C:\Program Files (x86)\OtherSearch\zdengine.exe [1660135 2017-01-24] (zdengine) [Datei ist nicht signiert] <==== ACHTUNG
R2 zigipyro; C:\Users\Simone\AppData\Local\39464E43-1485266695-3136-4E52-00269E57E885\qnsn3CE3.tmp [158720 2015-12-26] () [Datei ist nicht signiert]
S2 gemeloki; C:\Program Files (x86)\7aa7021a-05b1-4791-81e1-c7e17992ccce1485258690\prot7aa7021a-05b1-4791-81e1-c7e17992ccce.tmpfs [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Assets Manager\smdmf\x64\smdmfmgrc3.cfg [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-24 14:37 - 2017-01-24 14:38 - 00019130 _____ C:\Users\Simone\Downloads\FRST.txt
2017-01-24 14:37 - 2017-01-24 14:37 - 00000000 ____D C:\FRST
2017-01-24 14:35 - 2017-01-24 14:36 - 02420736 _____ (Farbar) C:\Users\Simone\Downloads\FRST64.exe
2017-01-24 14:09 - 2017-01-24 14:10 - 00009568 _____ C:\Windows\SysWOW64\zdengineOff.ini
2017-01-24 14:09 - 2017-01-24 14:10 - 00009568 _____ C:\Windows\system32\zdengineOff.ini
2017-01-24 14:09 - 2017-01-24 14:10 - 00000002 _____ C:\END
2017-01-24 14:09 - 2017-01-24 14:10 - 00000000 ____D C:\Program Files (x86)\OtherSearch
2017-01-24 14:09 - 2017-01-24 14:09 - 00364303 _____ (zdengine) C:\Windows\system32\zdengine64.dll.old.kxdg
2017-01-24 14:09 - 2017-01-24 14:09 - 00364303 _____ (zdengine) C:\Windows\system32\zdengine64.dll
2017-01-24 14:09 - 2017-01-24 14:09 - 00301711 _____ (zdengine) C:\Windows\SysWOW64\zdengine.dll.old.sbc
2017-01-24 14:09 - 2017-01-24 14:09 - 00301711 _____ (zdengine) C:\Windows\SysWOW64\zdengine.dll
2017-01-24 14:09 - 2017-01-24 14:09 - 00001998 _____ C:\Windows\System32\Tasks\updengine
2017-01-24 14:05 - 2017-01-24 14:05 - 00000329 _____ C:\Users\Simone\Desktop\AliExpress.url
2017-01-24 14:04 - 2017-01-24 14:05 - 00000000 ____D C:\Users\Simone\AppData\Local\39464E43-1485266695-3136-4E52-00269E57E885
2017-01-24 14:04 - 2017-01-24 14:04 - 00000334 _____ C:\Users\Simone\Desktop\Booking.com.url
2017-01-24 13:24 - 2017-01-24 13:29 - 00000000 ____D C:\AdwCleaner
2017-01-24 13:22 - 2017-01-24 13:24 - 03988944 _____ C:\Users\Simone\Downloads\adwcleaner_6.042.exe
2017-01-24 13:05 - 2017-01-24 13:05 - 00000306 __RSH C:\Users\Simone\ntuser.pol
2017-01-24 13:02 - 2017-01-24 13:03 - 00000000 ____D C:\Program Files\ZVS7GTP3PI
2017-01-24 13:02 - 2017-01-24 13:02 - 00000000 ____D C:\Program Files (x86)\pccleanplus
2017-01-24 13:00 - 2017-01-24 13:00 - 00000000 ____D C:\Users\Simone\AppData\Roaming\tlerauic
2017-01-24 12:59 - 2017-01-24 12:59 - 00000000 ____H C:\Windows\system32\BIT9FD9.tmp
2017-01-24 12:56 - 2017-01-24 12:59 - 00000000 ____D C:\Program Files\1MHZYOASN6
2017-01-24 12:51 - 2017-01-24 14:03 - 00000000 ____D C:\Program Files (x86)\7aa7021a-05b1-4791-81e1-c7e17992ccce1485258690
2017-01-24 12:51 - 2017-01-24 12:53 - 00000000 ____D C:\Program Files\PD6GAT98BN
2017-01-24 12:49 - 2017-01-24 14:38 - 00016704 _____ C:\Windows\System32\Tasks\8302q87j32z796
2017-01-24 12:49 - 2017-01-24 12:49 - 00000000 ___HD C:\ProgramData\8302q87j32z796
2017-01-24 12:48 - 2017-01-24 12:49 - 00000000 ____D C:\Program Files\5WV3YOI7WJ
2017-01-24 12:47 - 2017-01-24 12:48 - 00000000 ____D C:\Program Files\QP51FFQLD4
2017-01-24 12:47 - 2017-01-24 12:47 - 00000000 ____D C:\ProgramData\Avira
2017-01-24 12:47 - 2017-01-24 12:47 - 00000000 ____D C:\ProgramData\Avg
2017-01-24 12:47 - 2017-01-24 12:47 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-24 12:46 - 2017-01-24 13:05 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Vaterentphoser
2017-01-24 12:46 - 2017-01-24 13:05 - 00000000 ____D C:\Program Files (x86)\Meqaculthalek
2017-01-24 12:46 - 2017-01-24 12:46 - 00006032 _____ C:\Windows\System32\Tasks\Cnsythuker Collector
2017-01-24 12:46 - 2017-01-24 12:46 - 00000000 ____D C:\Users\Simone\AppData\Local\Gepecultfawidom
2017-01-24 12:46 - 2017-01-24 12:46 - 00000000 ____D C:\Program Files (x86)\Cnsythuker Collector
2017-01-24 12:45 - 2017-01-24 12:45 - 00000306 __RSH C:\ProgramData\ntuser.pol
2017-01-24 12:41 - 2017-01-24 12:42 - 04273224 _____ (IC) C:\Users\Simone\Downloads\Microsoft_Office_2007_Product_Key_and_Serial_Key_F.exe
2016-12-28 16:54 - 2017-01-24 12:46 - 00000000 ____D C:\Users\Simone\Desktop\Joel Bewerbung
2016-12-28 15:15 - 2016-12-28 15:15 - 00000162 ____H C:\Users\Simone\Desktop\~$rsönliche Daten.odt
2016-12-28 14:26 - 2016-12-28 14:26 - 00016939 _____ C:\Users\Simone\Downloads\Lebenslauf2.odt
2016-12-28 14:21 - 2016-05-24 00:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-28 14:21 - 2016-05-23 23:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-28 14:21 - 2016-05-21 18:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-28 14:21 - 2016-05-21 17:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-28 14:21 - 2016-05-20 23:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-28 14:21 - 2016-05-20 23:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-28 14:21 - 2016-05-20 23:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-28 14:21 - 2016-05-20 23:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-28 14:21 - 2016-05-20 23:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-28 14:21 - 2016-05-20 23:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-28 14:21 - 2016-05-20 23:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-28 14:21 - 2016-05-20 23:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-28 14:21 - 2016-05-20 23:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-28 14:21 - 2016-05-20 23:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-28 14:21 - 2016-05-20 23:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-28 14:21 - 2016-05-20 22:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-28 14:21 - 2016-05-20 22:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-28 14:21 - 2016-05-20 22:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-28 14:21 - 2016-05-20 22:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-28 14:21 - 2016-05-20 22:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-28 14:21 - 2016-05-20 22:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-28 14:21 - 2016-05-20 22:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-28 14:21 - 2016-05-20 22:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-28 14:21 - 2016-05-20 22:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-28 14:21 - 2016-05-20 22:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-28 14:21 - 2016-05-20 22:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-28 14:21 - 2016-05-20 22:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-28 14:21 - 2016-05-20 22:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-28 14:21 - 2016-05-20 22:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-28 14:21 - 2016-05-20 22:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-28 14:21 - 2016-05-20 22:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-28 14:21 - 2016-05-20 22:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-28 14:21 - 2016-05-20 22:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-28 14:21 - 2016-05-20 22:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-28 14:21 - 2016-05-20 22:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-28 14:21 - 2016-05-20 22:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-28 14:21 - 2016-05-20 22:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-28 14:21 - 2016-05-20 22:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-28 14:21 - 2016-05-20 22:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-28 14:21 - 2016-05-20 22:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-28 14:21 - 2016-05-20 22:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-28 14:21 - 2016-05-20 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-28 14:21 - 2016-05-20 22:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-28 14:21 - 2016-05-20 22:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-28 14:21 - 2016-05-20 22:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-28 14:21 - 2016-05-20 22:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-28 14:21 - 2016-05-20 22:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-28 14:21 - 2016-05-20 22:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-28 14:21 - 2016-05-20 22:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-28 14:21 - 2016-05-20 22:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-28 14:21 - 2016-05-20 22:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-28 14:21 - 2016-05-20 22:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-28 14:21 - 2016-05-20 22:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-28 14:21 - 2016-05-20 22:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-28 14:21 - 2016-05-20 22:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-28 14:21 - 2016-05-20 22:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-28 14:21 - 2016-05-20 22:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-28 14:21 - 2016-05-20 22:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-28 14:21 - 2016-05-20 22:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-28 14:21 - 2016-05-20 22:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-28 14:21 - 2016-05-20 21:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-28 14:21 - 2016-05-20 21:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-28 14:21 - 2016-05-20 21:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-28 14:21 - 2016-05-20 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-28 14:21 - 2016-05-20 21:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-28 14:21 - 2016-05-20 21:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-28 13:53 - 2017-01-24 14:09 - 00000000 ____D C:\Users\Simone\AppData\LocalLow\Mozilla
2016-12-28 13:50 - 2017-01-24 13:48 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{8b29aa66-ccfb-11e6-9d3b-00269e57e885}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 13:50 - 2017-01-24 13:48 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{8b29aa66-ccfb-11e6-9d3b-00269e57e885}.TM.blf
2016-12-28 13:50 - 2016-12-28 14:04 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{8b29aa66-ccfb-11e6-9d3b-00269e57e885}.TMContainer00000000000000000002.regtrans-ms
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-24 14:27 - 2014-10-12 11:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-24 13:42 - 2009-07-14 05:45 - 00025968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-24 13:42 - 2009-07-14 05:45 - 00025968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-24 13:37 - 2014-06-18 23:21 - 00000187 _____ C:\ProgramData\HPWALog.txt
2017-01-24 13:31 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-24 13:28 - 2014-08-31 15:35 - 00001100 _____ C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2017-01-24 13:05 - 2014-06-18 23:14 - 00000000 ____D C:\Users\Simone
2017-01-24 13:01 - 2014-08-31 15:05 - 00000000 __SHD C:\Users\Simone\AppData\Local\EmieUserList
2017-01-24 13:01 - 2014-08-31 15:05 - 00000000 __SHD C:\Users\Simone\AppData\Local\EmieSiteList
2017-01-24 12:53 - 2009-08-25 02:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-24 12:51 - 2009-08-25 01:08 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-01-24 12:47 - 2014-11-11 21:04 - 00000000 ____D C:\Program Files (x86)\DSL Soforthilfe
2017-01-24 12:47 - 2014-06-18 22:25 - 00000000 ____D C:\Program Files (x86)\JMicron
2017-01-24 12:47 - 2014-06-18 22:22 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2017-01-24 12:47 - 2009-07-14 04:20 - 00000000 ____D C:\PerfLogs
2017-01-24 12:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2017-01-22 21:47 - 2014-10-12 11:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-22 21:47 - 2014-09-02 18:33 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-22 21:47 - 2014-09-02 18:33 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-22 21:47 - 2014-09-02 18:33 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-22 21:47 - 2009-08-25 01:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-20 18:26 - 2009-08-25 10:55 - 00699342 _____ C:\Windows\system32\perfh007.dat
2017-01-20 18:26 - 2009-08-25 10:55 - 00149450 _____ C:\Windows\system32\perfc007.dat
2017-01-20 18:26 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-20 15:10 - 2014-06-20 23:54 - 00000000 ____D C:\Users\Simone\AppData\Roaming\vlc
2017-01-20 15:09 - 2016-05-30 19:48 - 00000000 ____D C:\Users\Simone\Desktop\Freakies
2017-01-20 15:08 - 2014-07-07 20:33 - 00000000 ____D C:\Users\Simone\AppData\Roaming\MediaMonkey
2017-01-20 15:01 - 2016-07-18 18:27 - 00000000 ____D C:\Users\Simone\Desktop\Prinzengarde 2017
2017-01-09 19:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-08 09:42 - 2015-05-17 12:26 - 00000000 ____D C:\Users\Simone\Desktop\Prinzengarde 2016
2016-12-28 19:03 - 2009-07-14 03:34 - 00262144 ____H C:\Windows\system32\config\SOFTWARE.LOG2
2016-12-28 18:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\winsxs
2016-12-28 18:54 - 2016-12-23 21:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-28 18:54 - 2014-09-27 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-28 18:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-28 18:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2016-12-28 18:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\en-US
2016-12-28 18:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\de-DE
2016-12-28 18:54 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-28 18:54 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-28 17:06 - 2014-06-19 08:12 - 00000000 __SHD C:\System Volume Information
2016-12-28 15:29 - 2014-06-18 23:14 - 00000000 ___RD C:\Users\Simone\Documents
2016-12-28 13:53 - 2014-06-18 23:14 - 00000000 ____D C:\Users\Simone\AppData\LocalLow
2016-12-28 13:45 - 2014-06-21 01:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-28 13:45 - 2014-06-21 01:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-01-24 14:05 - 2017-01-24 14:05 - 0023622 _____ () C:\Users\Simone\AppData\Roaming\aliexpress.ico
2017-01-24 14:04 - 2017-01-24 14:05 - 0099678 _____ () C:\Users\Simone\AppData\Roaming\booking.ico
2014-06-18 23:21 - 2014-06-18 23:21 - 0000000 _____ () C:\Users\Simone\AppData\Local\AtStart.txt
2014-11-07 18:38 - 2014-11-08 09:03 - 0004608 _____ () C:\Users\Simone\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-18 23:21 - 2014-06-18 23:21 - 0000000 _____ () C:\Users\Simone\AppData\Local\DSwitch.txt
2014-06-18 23:21 - 2014-06-18 23:21 - 0000000 _____ () C:\Users\Simone\AppData\Local\QSwitch.txt
2014-07-20 12:11 - 2014-07-20 12:11 - 0002148 _____ () C:\Users\Simone\AppData\Local\recently-used.xbel
2014-06-18 23:21 - 2017-01-24 13:37 - 0000187 _____ () C:\ProgramData\HPWALog.txt
2014-06-18 22:46 - 2014-06-18 22:46 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-08-25 03:10 - 2009-08-25 03:11 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2014-06-18 22:45 - 2014-06-18 22:45 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-08-25 03:04 - 2009-08-25 03:06 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-06-18 22:45 - 2014-06-18 22:45 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2014-06-18 22:45 - 2014-06-18 22:45 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-08-25 03:04 - 2009-08-25 03:04 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-08-25 03:06 - 2009-08-25 03:10 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2014-06-18 22:46 - 2014-06-18 22:46 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Simone\AppData\Local\Temp\{f30-7c-05-d44b6-9acc1-50f4-c78c9}\dKC_'A9&gb.exe
Einige Dateien in TEMP:
====================
2017-01-24 14:05 - 2017-01-24 14:08 - 1233121 _____ (Cusecebe ) C:\Users\Simone\AppData\Local\Temp\22BC.tmp.exe
2017-01-24 14:38 - 2017-01-24 14:38 - 0381952 _____ () C:\Users\Simone\AppData\Local\Temp\3844.tmp.exe
2017-01-24 14:13 - 2017-01-24 14:14 - 1233121 _____ (Cusecebe ) C:\Users\Simone\AppData\Local\Temp\80F3.tmp.exe
2017-01-24 14:32 - 2017-01-24 14:33 - 1233121 _____ (Cusecebe ) C:\Users\Simone\AppData\Local\Temp\AF65.tmp.exe
2004-08-18 09:37 - 2004-08-18 09:37 - 0663552 _____ (Electronic Arts Inc.) C:\Users\Simone\AppData\Local\Temp\AutoRun.exe
2015-10-26 19:24 - 2004-08-18 09:33 - 0598016 _____ (Electronic Arts Inc.) C:\Users\Simone\AppData\Local\Temp\AutoRunGUI.dll
2017-01-24 12:45 - 2017-01-24 12:45 - 0769016 _____ () C:\Users\Simone\AppData\Local\Temp\D7S0qCQb0.dll
2017-01-24 12:47 - 2017-01-24 12:48 - 0099377 _____ ( ) C:\Users\Simone\AppData\Local\Temp\diskpower-installer.exe
2015-09-09 20:23 - 2015-09-09 20:24 - 0659040 _____ (DivX, LLC) C:\Users\Simone\AppData\Local\Temp\divx1c40.exe
2015-05-18 20:05 - 2015-05-18 20:06 - 1328848 _____ (DivX, LLC) C:\Users\Simone\AppData\Local\Temp\divxebaa.exe
2014-03-20 13:44 - 2014-03-20 13:44 - 0026936 _____ (TuneUp Software) C:\Users\Simone\AppData\Local\Temp\DseShExt-x64.dll
2014-03-20 13:44 - 2014-03-20 13:44 - 0028984 _____ (TuneUp Software) C:\Users\Simone\AppData\Local\Temp\DseShExt-x86.dll
2017-01-24 14:26 - 2017-01-24 14:27 - 1233121 _____ (Cusecebe ) C:\Users\Simone\AppData\Local\Temp\EC44.tmp.exe
2015-10-26 19:26 - 2004-08-18 09:33 - 1453843 ____R (Macromedia, Inc.) C:\Users\Simone\AppData\Local\Temp\First15.exe
2017-01-24 12:45 - 2017-01-24 12:45 - 0151040 _____ (Mozilla Foundation) C:\Users\Simone\AppData\Local\Temp\freebl3.dll
2017-01-24 14:10 - 2017-01-24 14:10 - 3030016 _____ () C:\Users\Simone\AppData\Local\Temp\fsdB09.exe
2017-01-24 12:54 - 2017-01-24 12:56 - 0451934 _____ (WeMonetize ) C:\Users\Simone\AppData\Local\Temp\FV1CU6XEX4.exe
2017-01-24 12:47 - 2017-01-24 12:47 - 0381687 _____ ( ) C:\Users\Simone\AppData\Local\Temp\global_installer.exe
2017-01-24 12:45 - 2017-01-24 12:45 - 0158059 _____ () C:\Users\Simone\AppData\Local\Temp\HENJAH.dll
2014-06-18 23:16 - 2008-01-14 14:28 - 0069632 _____ (Hewlett-Packard Company) C:\Users\Simone\AppData\Local\Temp\HPQSi.exe
2017-01-24 12:49 - 2017-01-24 12:49 - 0062113 _____ () C:\Users\Simone\AppData\Local\Temp\MMIns.exe
2017-01-24 12:45 - 2017-01-24 12:45 - 0266240 _____ (Mozilla Foundation) C:\Users\Simone\AppData\Local\Temp\nspr4.dll
2017-01-24 12:45 - 2017-01-24 12:45 - 0406528 _____ (Mozilla Foundation) C:\Users\Simone\AppData\Local\Temp\nss3.dll
2017-01-24 12:45 - 2017-01-24 12:45 - 0207872 _____ (Mozilla Foundation) C:\Users\Simone\AppData\Local\Temp\nssutil3.dll
2017-01-24 12:51 - 2017-01-24 12:52 - 0425659 _____ (WeMonetize ) C:\Users\Simone\AppData\Local\Temp\PICULRP3VH.exe
2017-01-24 12:45 - 2017-01-24 12:45 - 0077824 _____ (Mozilla Foundation) C:\Users\Simone\AppData\Local\Temp\plc4.dll
2017-01-24 12:45 - 2017-01-24 12:45 - 0074752 _____ (Mozilla Foundation) C:\Users\Simone\AppData\Local\Temp\plds4.dll
2014-03-20 13:44 - 2014-03-20 13:44 - 0032568 _____ (TuneUp Software) C:\Users\Simone\AppData\Local\Temp\SDShelEx-win32.dll
2014-03-20 13:44 - 2014-03-20 13:44 - 0032056 _____ (TuneUp Software) C:\Users\Simone\AppData\Local\Temp\SDShelEx-x64.dll
2017-01-24 12:45 - 2017-01-24 12:45 - 0159232 _____ (Mozilla Foundation) C:\Users\Simone\AppData\Local\Temp\softokn3.dll
2017-01-24 12:45 - 2017-01-24 12:45 - 0548864 _____ () C:\Users\Simone\AppData\Local\Temp\sqlite3.dll
2017-01-24 12:45 - 2017-01-24 12:45 - 0424088 _____ () C:\Users\Simone\AppData\Local\Temp\trotux.exe
2017-01-22 09:04 - 2017-01-22 09:04 - 1361408 _____ () C:\Users\Simone\AppData\Local\Temp\updengine.exe
2017-01-24 12:45 - 2017-01-24 12:45 - 0220160 _____ () C:\Users\Simone\AppData\Local\Temp\vKHdvGLqG.dll
2017-01-24 12:43 - 2017-01-24 12:45 - 1995818 _____ () C:\Users\Simone\AppData\Local\Temp\vk_ok_adblock.exe
2015-10-26 19:26 - 2004-08-18 09:34 - 0023040 ____R () C:\Users\Simone\AppData\Local\Temp\VP6Install.exe
2015-10-26 19:26 - 2004-08-18 09:34 - 0442368 ____R (On2.com) C:\Users\Simone\AppData\Local\Temp\VP6VFW.dll
2017-01-24 12:45 - 2017-01-24 12:47 - 3285569 _____ () C:\Users\Simone\AppData\Local\Temp\WMIProviders.exe
2014-09-18 12:37 - 2014-09-20 16:09 - 0008704 _____ () C:\Users\Simone\AppData\Local\Temp\yhs_6tpg.dll
2016-10-10 21:23 - 2009-07-25 02:22 - 0453720 _____ (Macrovision Corporation) C:\Users\Simone\AppData\Local\Temp\_is61DD.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-17 20:52
==================== Ende von FRST.txt ============================
|
|
24.01.2017, 14:47
| #4 |
| | Willkürliche Werbetabs in FirefoxCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-01-2017
durchgeführt von Simone (24-01-2017 14:39:04)
Gestartet von C:\Users\Simone\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-06-18 22:14:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2803453848-642829566-3864579339-500 - Administrator - Disabled)
Gast (S-1-5-21-2803453848-642829566-3864579339-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2803453848-642829566-3864579339-1002 - Limited - Enabled)
Simone (S-1-5-21-2803453848-642829566-3864579339-1001 - Administrator - Enabled) => C:\Users\Simone
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{6C47240C-016E-03B5-D13E-AECAED09F2E3}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ACHTUNG
calibre (HKLM-x32\...\{16001F0B-844B-4FEF-80F6-A82D94256530}) (Version: 2.6.0 - Kovid Goyal)
ccc-core-static (x32 Version: 2009.0702.1239.20840 - Ihr Firmenname) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
DSL Soforthilfe (HKLM-x32\...\DSL Soforthilfe) (Version: 1.1.0.51 - Telefónica Germany GmbH & Co. OHG)
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
File Repair (HKLM-x32\...\File Repair_is1) (Version: - File Repair)
Free Video Editor version 1.4.4.820 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.4.820 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2014.01.27 - www.hardcopy.de)
HP 3D DriveGuard (HKLM\...\{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0.1924 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.3.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Java(TM) 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Java(TM) 6 Update 14 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.0.1 - CEWE Stiftung u Co. KGaA)
OtherSearch (HKLM-x32\...\OtherSearch) (Version: 3.0.4.2 - Theudobald Yanko) <==== ACHTUNG
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Sacred (HKLM-x32\...\Sacred_is1) (Version: - Ascaron Entertainment GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
Tunebite (HKLM-x32\...\{AAF42F9E-8900-4FC1-8087-000B12A91AE2}) (Version: 7.2.12800.0 - RapidSolution Software AG)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2803453848-642829566-3864579339-1001_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Simone\AppData\Roaming\tlerauic\obtorsub.dll () <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {162DAC11-036D-4447-8106-FA5E3FC801C6} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
Task: {1AC50823-1CB3-40D8-8BAA-FBC13CBB3385} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {320EE291-D65A-4BD7-82A8-DCDC74AA3BB6} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
Task: {3BD41141-34D9-4C0B-BAB8-2FD6BCD8D8AC} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2009-07-23] (CyberLink)
Task: {400F56AD-2C29-4B15-9E0B-567D11663917} - System32\Tasks\Cnsythuker Collector => C:\Program Files (x86)\Meqaculthalek\simerty.exe [2017-01-24] (Glarysoft Ltd)
Task: {50F0C838-6BA5-46A1-8FA8-8B8B18A7054E} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
Task: {56923374-16FA-40EA-902A-DCF699D599B5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {82C19003-0ABB-4C1A-AD05-2B7CB98BC459} - System32\Tasks\{FAF96CBE-A678-4F16-802B-13F2FA8E12AE} => pcalua.exe -a C:\Users\Simone\Downloads\DivXInstaller(1).exe -d C:\Users\Simone\Downloads
Task: {85832143-77DE-4EF0-9912-847188DC2685} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
Task: {869FF57B-28DA-4374-A2D0-691C731F2CD2} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {97147AA5-E894-42B1-9717-8697DB38D65C} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
Task: {9D7E6692-686E-4985-B231-0B309854B919} - System32\Tasks\updengine => C:\Program Files (x86)\OtherSearch\updengine.exe [2017-01-24] () <==== ACHTUNG
Task: {AA9DBABB-3B9E-4AFF-ADD6-C6E500BF7212} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {AF2778E0-1DB6-49B3-8BA2-752F75C5C862} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {D50F7BFE-C83E-40D3-A1E4-38726573B820} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()
Task: {DC9AAFEE-6E03-4583-B25F-1F37E7875E09} - System32\Tasks\8302q87j32z796 => Rundll32.exe "C:\ProgramData\8302q87j32z796\8302q87j32z796.dll",qjzgmr <==== ACHTUNG
Task: {DCA7E6D3-9EE7-4403-8E8B-B1A3EB6422EF} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
Task: {EC272C97-FDAB-4B20-A9F5-C1986FD4A052} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-22] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-01-24 12:46 - 2017-01-24 12:46 - 00289792 ____H () C:\Program Files (x86)\Cnsythuker Collector\local64spl.dll
2017-01-24 12:49 - 2014-03-22 22:00 - 02957824 _____ () C:\ProgramData\8302q87j32z796\8302q87j32z796.dll
2017-01-24 12:57 - 2017-01-24 12:59 - 00410112 _____ () C:\Program Files (x86)\7aa7021a-05b1-4791-81e1-c7e17992ccce1485258690\knsC1D8.tmp
2017-01-24 13:09 - 2017-01-24 13:31 - 00240640 _____ () C:\Windows\TEMP\g2B26.tmp.exe
2009-08-25 03:10 - 2009-01-21 19:47 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-06-29 17:49 - 2013-10-30 10:49 - 00126968 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_43_x64.dll
2016-12-27 06:40 - 2017-01-24 13:01 - 00142848 _____ () C:\Users\Simone\AppData\Roaming\tlerauic\obtorsub.dll
2014-06-29 17:49 - 2012-11-08 07:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2014-06-29 17:49 - 2013-07-17 16:03 - 00037880 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2009-07-21 09:34 - 2009-07-21 09:34 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2017-01-24 12:47 - 2017-01-24 12:47 - 00380416 _____ () C:\Program Files\QP51FFQLD4\XTTOFJM57.exe
2017-01-24 12:48 - 2017-01-24 12:49 - 00380416 _____ () C:\Program Files\5WV3YOI7WJ\5WV3YOI7W.exe
2017-01-24 12:51 - 2017-01-24 12:52 - 00380416 _____ () C:\Program Files\PD6GAT98BN\PD6GAT98B.exe
2017-01-24 12:56 - 2017-01-24 12:58 - 00380416 _____ () C:\Program Files\1MHZYOASN6\1MHZYOASN.exe
2017-01-24 13:02 - 2017-01-24 13:02 - 01191424 _____ () C:\Users\Simone\AppData\Local\Temp\{f30-7c-05-d44b6-9acc1-50f4-c78c9}\dKC_'A9&gb.exe
2017-01-24 13:02 - 2017-01-24 13:03 - 00380416 _____ () C:\Program Files\ZVS7GTP3PI\ZVS7GTP3P.exe
2014-11-11 21:04 - 2013-11-21 21:57 - 20585888 ____N () C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2009-07-07 10:56 - 2009-07-07 10:56 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-06-18 22:24 - 2014-06-18 22:24 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-07-01 14:44 - 2009-07-01 14:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2015-12-26 09:59 - 2015-12-26 09:59 - 00158720 _____ () C:\Users\Simone\AppData\Local\39464E43-1485266695-3136-4E52-00269E57E885\qnsn3CE3.tmp
2017-01-24 14:02 - 2017-01-24 14:05 - 01714176 _____ () C:\Windows\Temp\B56B.tmp
2017-01-24 12:46 - 2017-01-24 12:46 - 00147968 _____ () c:\program files (x86)\meqaculthalek\boforymng.dll
2017-01-24 12:51 - 2017-01-24 12:51 - 00225792 ____H () C:\Program Files (x86)\Hewlett-Packard\RepairFileHewlettPackard.dll
2014-06-29 17:49 - 2012-07-05 14:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2014-06-29 17:49 - 2013-10-30 10:49 - 00117752 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_43_Win32.dll
2009-07-15 16:51 - 2009-07-15 16:51 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-07-15 16:51 - 2009-07-15 16:51 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-07-15 16:50 - 2009-07-15 16:50 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-07-15 16:50 - 2009-07-15 16:50 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-07-15 16:50 - 2009-07-15 16:50 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-15 16:50 - 2009-07-15 16:50 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-07-15 16:50 - 2009-07-15 16:50 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-07-15 16:50 - 2009-07-15 16:50 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-06-17 10:40 - 2009-06-17 10:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 10:40 - 2009-06-17 10:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 10:40 - 2009-06-17 10:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-06-29 17:49 - 2014-01-10 17:57 - 03647456 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2009-07-23 10:37 - 2009-07-23 10:37 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2017-01-24 13:07 - 2017-01-24 13:31 - 03601920 _____ () C:\Windows\TEMP\g6A85.tmp
2016-12-27 06:40 - 2017-01-24 13:01 - 00118272 _____ () C:\Users\Simone\AppData\Roaming\tlerauic\oviita.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2017-01-24 14:03 - 00008314 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 469ba60d9681f961064c-3cca6631dac1b4997db921c060b712f6.r30.cf2.rackcdn.com
34.195.153.94 a.bf-ad.net
34.195.153.94 a.visualrevenue.com
34.195.153.94 a1.vdna-assets.com
34.195.153.94 a248.e.akamai.net
34.195.153.94 aax.amazon-adsystem.com
34.195.153.94 ad.crwdcntrl.net
34.195.153.94 ad.mail.ru
34.195.153.94 ade.clmbtech.com
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com
34.195.153.94 asset.pagefair.net
34.195.153.94 assets.adobedtm.com
34.195.153.94 assets.flocktory.com
34.195.153.94 autocontext.begun.ru
34.195.153.94 b.grvcdn.com
34.195.153.94 b.ns1p.net
34.195.153.94 b.scorecardresearch.com
34.195.153.94 b.wal.co
Da befinden sich 128 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{DFA783EA-12BD-48C3-A97A-802B701BC6E9}] => C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{31BA9A2E-50FB-4321-A9A7-D7A3744248C2}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DF96EFFD-BE8C-477C-9517-B84D1248D20D}] => svchost.exe
FirewallRules: [{97EEE2D7-0C91-4C07-BB70-4295CFD03F6E}] => C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{FAD2F2A1-4203-4A61-AF15-8E403D91343A}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{57F16A88-AB50-411A-ACD2-7E1884323945}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{D87D58F4-AF8B-492C-937C-8565DA7C8BBF}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{985BB366-784B-45DA-881D-CBCFD46A0F25}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{B1A51B27-ACFF-4C6A-BC36-852F277B4127}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{B4596777-CDD7-4A2A-8018-5585DE4B0DE2}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{75EEE66C-59DE-464F-8EC3-24F7E5DCA6F1}] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{96FD8744-DAE6-4375-86F9-8AEBC56E97D6}] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{D9A19313-2B60-4D64-BED0-173FB18A23C4}] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{1511CA45-77A0-4FDE-AD4D-16514DE2F911}] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{00AF60CA-EA95-48B9-9FB4-390664F5DA10}] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{5BDCAC1B-4CB9-4D38-BCAF-E01C502D7533}] => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QP.exe
FirewallRules: [{01ECE36C-BAA5-4A23-8A98-D96AEF4CD333}] => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QPService.exe
FirewallRules: [TCP Query User{8634D5DC-4706-4A6E-9A4C-A20411ADB71C}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{C763C432-D15F-4EEF-9679-943255FA15B2}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [TCP Query User{9F21222A-FE53-4686-8973-79EC3804F199}C:\program files (x86)\calibre2\calibre.exe] => C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [UDP Query User{8104F299-61E4-4FE4-B611-DD6910139D44}C:\program files (x86)\calibre2\calibre.exe] => C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [{A94641BE-7FE0-4A44-8FC3-480A2D7C3D93}] => C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe
FirewallRules: [{AE0C55E2-3831-45B5-BD85-3D6F28F31988}] => C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe
FirewallRules: [{291EA3F0-5D74-4634-B16F-331BE6183794}] => F:\o2CD.exe
FirewallRules: [{C170B7C6-79AD-4BFE-A366-8763C7AE1573}] => F:\o2CD.exe
FirewallRules: [{AFA40920-CF84-4B3D-91D1-AE944812D11F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{991FDFCD-6F8A-47CA-BC0C-1681B1C2D039}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{793EFB63-4002-4877-89E7-92FA9460A94A}C:\program files (x86)\mediamonkey\mediamonkey.exe] => C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{B61B63CC-2E0C-4F3F-955B-AAAEADF3D01F}C:\program files (x86)\mediamonkey\mediamonkey.exe] => C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{FE57221E-F743-4C04-840C-D7C7EE2CF245}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FFA85E37-503A-4647-921A-19665BD0FF30}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE9FB166-065C-4981-A3FA-F309EAB1AE6C}] => C:\Windows\system32\rundll32.exe
FirewallRules: [{0A0A1614-23AB-4C6D-8C39-6C0EBD7493DD}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{F2F3BD88-5AC0-49B8-86A3-0582370C357B}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{318BE998-BFAA-4C8F-9619-457EE458D90F}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{11919419-BF39-4340-87A1-C1F6124BE01F}] => C:\Windows\System32\rundll32.exe
==================== Wiederherstellungspunkte =========================
17-04-2016 21:45:48 Windows Update
21-05-2016 08:48:19 Windows Update
30-05-2016 22:22:55 Windows Update
02-07-2016 14:20:00 Windows Update
17-08-2016 18:19:07 Windows Update
29-09-2016 20:22:26 Removed PixiePack Codec Pack
10-10-2016 17:45:41 Entfernt Realtek 8136 8168 8169 Ethernet Driver
10-10-2016 21:21:05 Removed PixiePack Codec Pack
10-10-2016 21:22:02 Removed Norton Online Backup aktivieren
10-10-2016 21:22:35 Removed PixiePack Codec Pack
19-12-2016 21:42:06 Windows Update
24-12-2016 01:04:24 Windows Update
28-12-2016 17:06:27 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: F06DEFF2-5B9C-490D-910F-35D3A91196222
Description: F06DEFF2-5B9C-490D-910F-35D3A91196222
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: F06DEFF2-5B9C-490D-910F-35D3A91196222
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/24/2017 12:53:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm global_installer.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a10
Startzeit: 01d27637a2f098a2
Endzeit: 16
Anwendungspfad: C:\Users\Simone\AppData\Local\Temp\is-14JRA.tmp\global_installer.tmp
Berichts-ID:
Error: (01/24/2017 12:53:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm global_installer.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 398
Startzeit: 01d27637ce3e2805
Endzeit: 31
Anwendungspfad: C:\Users\Simone\AppData\Local\Temp\is-PBGUH.tmp\global_installer.tmp
Berichts-ID:
Error: (01/04/2017 07:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 9.1.0.163, Zeitstempel: 0x49a88f00
Name des fehlerhaften Moduls: AcroRd32.dll, Version: 9.1.0.163, Zeitstempel: 0x49a88716
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0028e7bc
ID des fehlerhaften Prozesses: 0x10fc
Startzeit der fehlerhaften Anwendung: 0x01d266bc5c10b692
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll
Berichtskennung: abf60af9-d2af-11e6-a797-00269e57e885
Error: (12/28/2016 07:12:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 12.0.6749.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2a4
Startzeit: 01d26135cd4de5f6
Endzeit: 5
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
Berichts-ID: 24689433-cd29-11e6-9e2c-00269e57e885
Error: (12/28/2016 04:53:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 12.0.6749.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f70
Startzeit: 01d26114da29ca36
Endzeit: 34112
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
Berichts-ID: b2b802d4-cd15-11e6-9d3b-00269e57e885
Error: (10/10/2016 05:47:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Sacred.exe, Version: 1.8.2.6, Zeitstempel: 0x44a10f24
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeaf722
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00009b60
ID des fehlerhaften Prozesses: 0xa7c
Startzeit der fehlerhaften Anwendung: 0x01d22315bca235da
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Ascaron Entertainment\Sacred\Sacred.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\msvcrt.dll
Berichtskennung: 2a95de5f-8f09-11e6-a87c-00269e57e885
Error: (10/10/2016 05:45:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Sacred.exe, Version 1.8.2.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b04
Startzeit: 01d2231584088261
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\Ascaron Entertainment\Sacred\Sacred.exe
Berichts-ID:
Error: (10/03/2016 08:39:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Sacred.exe, Version: 1.8.2.6, Zeitstempel: 0x44a10f24
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeaf722
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00009b60
ID des fehlerhaften Prozesses: 0x11a0
Startzeit der fehlerhaften Anwendung: 0x01d21dad3a909711
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Ascaron Entertainment\Sacred\Sacred.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\msvcrt.dll
Berichtskennung: 0b73f4e2-89a1-11e6-a8f8-00269e57e885
Error: (09/30/2016 10:47:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Sacred.exe, Version: 1.8.2.6, Zeitstempel: 0x44a10f24
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeaf722
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000097fd
ID des fehlerhaften Prozesses: 0xffc
Startzeit der fehlerhaften Anwendung: 0x01d21b6398727d80
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Ascaron Entertainment\Sacred\Sacred.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\msvcrt.dll
Berichtskennung: 8365e16f-8757-11e6-9baa-00269e57e885
Error: (09/30/2016 05:43:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Sacred.exe, Version: 1.8.2.6, Zeitstempel: 0x44a10f24
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeaf722
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000097fd
ID des fehlerhaften Prozesses: 0xd64
Startzeit der fehlerhaften Anwendung: 0x01d21b3929ff4c7f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Ascaron Entertainment\Sacred\Sacred.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\msvcrt.dll
Berichtskennung: fa7cf3fe-872c-11e6-af92-00269e57e885
Systemfehler:
=============
Error: (01/24/2017 01:31:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
F06DEFF2-5B9C-490D-910F-35D3A91196222
Error: (01/24/2017 01:31:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Tower Photograph" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (01/24/2017 01:28:39 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/24/2017 01:28:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RepairFileHewlettPackard" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/24/2017 01:28:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Health Check Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 01:28:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 01:28:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Com4QLBEx" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/24/2017 01:28:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "hpqwmiex" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/24/2017 01:28:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 01:28:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) II Dual-Core M300
Prozentuale Nutzung des RAM: 69%
Installierter physikalischer RAM: 3068.2 MB
Verfügbarer physikalischer RAM: 924.47 MB
Summe virtueller Speicher: 6134.58 MB
Verfügbarer virtueller Speicher: 3751.36 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:449.3 GB) (Free:275.98 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SYSTEM) (Fixed) (Total:0.28 GB) (Free:0.24 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (RECOVERY) (Fixed) (Total:14.2 GB) (Free:3.18 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D511405A)
Partition 1: (Not Active) - (Size=288 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=449.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
24.01.2017, 15:10
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Willkürliche Werbetabs in Firefox 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.01.2017, 16:12
| #6 |
| | Willkürliche Werbetabs in FirefoxCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2014.11.18.05
rootkit: v2014.11.12.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18349
Simone :: SIMONE-PC [administrator]
24.01.2017 15:24:36
mbar-log-2017-01-24 (15-24-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 339028
Time elapsed: 27 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Simone\AppData\Local\Temp\is-EA3NE.tmp\netlogger.exe (Trojan.Agent) -> Delete on reboot. [1924cc71d8a4ac8ad3ee209e1be633cd]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 16:05:50.0935 0x0a50 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
16:06:02.0699 0x0a50 ============================================================
16:06:02.0699 0x0a50 Current date / time: 2017/01/24 16:06:02.0699
16:06:02.0699 0x0a50 SystemInfo:
16:06:02.0699 0x0a50
16:06:02.0699 0x0a50 OS Version: 6.1.7601 ServicePack: 1.0
16:06:02.0699 0x0a50 Product type: Workstation
16:06:02.0699 0x0a50 ComputerName: SIMONE-PC
16:06:02.0700 0x0a50 UserName: Simone
16:06:02.0700 0x0a50 Windows directory: C:\Windows
16:06:02.0700 0x0a50 System windows directory: C:\Windows
16:06:02.0700 0x0a50 Running under WOW64
16:06:02.0700 0x0a50 Processor architecture: Intel x64
16:06:02.0700 0x0a50 Number of processors: 2
16:06:02.0700 0x0a50 Page size: 0x1000
16:06:02.0700 0x0a50 Boot type: Normal boot
16:06:02.0700 0x0a50 CodeIntegrityOptions = 0x00000001
16:06:02.0700 0x0a50 ============================================================
16:06:04.0660 0x0a50 KLMD registered as C:\Windows\system32\drivers\77308824.sys
16:06:04.0660 0x0a50 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23418, osProperties = 0x1
16:06:05.0168 0x0a50 System UUID: {F2D5B3C3-972C-292F-56C7-7FF31DDCF1D9}
16:06:05.0764 0x0a50 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:06:05.0769 0x0a50 ============================================================
16:06:05.0769 0x0a50 \Device\Harddisk0\DR0:
16:06:05.0770 0x0a50 MBR partitions:
16:06:05.0770 0x0a50 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x90000
16:06:05.0770 0x0a50 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x90800, BlocksNum 0x38297800
16:06:05.0770 0x0a50 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38328000, BlocksNum 0x1C68000
16:06:05.0770 0x0a50 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F90DBF, BlocksNum 0x3EFFC1
16:06:05.0770 0x0a50 ============================================================
16:06:05.0780 0x0a50 C: <-> \Device\Harddisk0\DR0\Partition2
16:06:05.0802 0x0a50 D: <-> \Device\Harddisk0\DR0\Partition1
16:06:05.0850 0x0a50 E: <-> \Device\Harddisk0\DR0\Partition3
16:06:05.0850 0x0a50 ============================================================
16:06:05.0850 0x0a50 Initialize success
16:06:05.0850 0x0a50 ============================================================
16:06:08.0456 0x0770 ============================================================
16:06:08.0456 0x0770 Scan started
16:06:08.0456 0x0770 Mode: Manual;
16:06:08.0456 0x0770 ============================================================
16:06:08.0456 0x0770 KSN ping started
16:06:09.0775 0x0770 KSN ping finished: true
16:06:11.0102 0x0770 ================ Scan system memory ========================
16:06:11.0102 0x0770 System memory - ok
16:06:11.0104 0x0770 ================ Scan services =============================
16:06:11.0269 0x0770 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:06:11.0278 0x0770 1394ohci - ok
16:06:11.0320 0x0770 [ 1CFFE9C06E66A57DAE1452E449A58240, F337852EEF9DCF33FB1B85EEF61FA8D28A780B13488B144DFAD2234FC24CB430 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:06:11.0322 0x0770 Accelerometer - ok
16:06:11.0364 0x0770 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:06:11.0381 0x0770 ACPI - ok
16:06:11.0401 0x0770 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:06:11.0403 0x0770 AcpiPmi - ok
16:06:11.0510 0x0770 [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:06:11.0520 0x0770 AdobeFlashPlayerUpdateSvc - ok
16:06:11.0586 0x0770 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:06:11.0613 0x0770 adp94xx - ok
16:06:11.0632 0x0770 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:06:11.0644 0x0770 adpahci - ok
16:06:11.0667 0x0770 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:06:11.0675 0x0770 adpu320 - ok
16:06:11.0712 0x0770 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:06:11.0716 0x0770 AeLookupSvc - ok
16:06:11.0816 0x0770 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
16:06:11.0820 0x0770 AESTFilters - ok
16:06:11.0869 0x0770 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
16:06:11.0894 0x0770 AFD - ok
16:06:11.0921 0x0770 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:06:11.0924 0x0770 agp440 - ok
16:06:11.0947 0x0770 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:06:11.0951 0x0770 ALG - ok
16:06:11.0976 0x0770 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:06:11.0978 0x0770 aliide - ok
16:06:12.0022 0x0770 [ D0D8877969011D1B0ED9C3C55A9A9108, DFF41D12EA353DFACDF5C1C227D2D44D659EB8C484829651C90F8684CE2B9E49 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:06:12.0030 0x0770 AMD External Events Utility - ok
16:06:12.0044 0x0770 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:06:12.0047 0x0770 amdide - ok
16:06:12.0081 0x0770 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:06:12.0084 0x0770 AmdK8 - ok
16:06:12.0103 0x0770 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:06:12.0104 0x0770 AmdPPM - ok
16:06:12.0137 0x0770 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:06:12.0142 0x0770 amdsata - ok
16:06:12.0160 0x0770 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:06:12.0168 0x0770 amdsbs - ok
16:06:12.0189 0x0770 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:06:12.0191 0x0770 amdxata - ok
16:06:12.0227 0x0770 [ A74D6CCEECD8DCDE348521E6A7F3FAE3, 6CC14CFA95C98B011F017F32ED6A0CFA48A108002F605835358FFBCF21EA3C9F ] AndnetBus C:\Windows\system32\DRIVERS\lgandnetbus64.sys
16:06:12.0229 0x0770 AndnetBus - ok
16:06:12.0260 0x0770 [ FF7DBB0CC5D0576DF07C901D8451F40A, E1AEF2856DFBBE188698EC45AD15D6D677737068D38952CD7074C9BEB4B2F023 ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
16:06:12.0264 0x0770 AndNetDiag - ok
16:06:12.0294 0x0770 [ 24B6E19D8A068992114CF4EF6BDDD63A, 1CB4EAB27D93F4352CA957548EC2FEAE91175A23F71D83E81CE324B6CCA5E118 ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
16:06:12.0297 0x0770 ANDNetModem - ok
16:06:12.0352 0x0770 [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys
16:06:12.0356 0x0770 AppID - ok
16:06:12.0436 0x0770 [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:06:12.0440 0x0770 AppIDSvc - ok
16:06:12.0474 0x0770 [ B62867835B41BCD839D9896AB4D7DF09, 98036D0202DB6171E90485898175833AC44873A85E6453EBE928E433B364CE07 ] Appinfo C:\Windows\System32\appinfo.dll
16:06:12.0478 0x0770 Appinfo - ok
16:06:12.0497 0x0770 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:06:12.0501 0x0770 arc - ok
16:06:12.0511 0x0770 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:06:12.0515 0x0770 arcsas - ok
16:06:12.0606 0x0770 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:06:12.0639 0x0770 aspnet_state - ok
16:06:12.0672 0x0770 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:06:12.0674 0x0770 AsyncMac - ok
16:06:12.0696 0x0770 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:06:12.0697 0x0770 atapi - ok
16:06:12.0792 0x0770 [ 5D4529AC4156E16BEDB01441AE0CF984, 6E108BA8FF93277A9F8DA3EB8E4CC3082A7EF0DF963A00E347FD6E2105CA9E06 ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:06:12.0871 0x0770 athr - ok
16:06:12.0927 0x0770 [ 38467FF83C2B4265D51F418812A91E3C, 93F3C16E3B97EDBE7315CC9B9008D2B77D658EBFF14ECB184D521373E0B193D0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
16:06:12.0933 0x0770 AtiHdmiService - ok
16:06:13.0210 0x0770 [ C5758BF1DFD762A5B17041FF061B7750, BA732E670536C73523DA0880485E5028C682FBEAF048F564EB626DA61364CAAD ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:06:13.0448 0x0770 atikmdag - ok
16:06:13.0490 0x0770 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
16:06:13.0494 0x0770 AtiPcie - ok
16:06:13.0549 0x0770 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:06:13.0584 0x0770 AudioEndpointBuilder - ok
16:06:13.0623 0x0770 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:06:13.0641 0x0770 AudioSrv - ok
16:06:13.0690 0x0770 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:06:13.0695 0x0770 AxInstSV - ok
16:06:13.0747 0x0770 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:06:13.0806 0x0770 b06bdrv - ok
16:06:13.0827 0x0770 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:06:13.0844 0x0770 b57nd60a - ok
16:06:13.0874 0x0770 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:06:13.0879 0x0770 BDESVC - ok
16:06:13.0893 0x0770 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:06:13.0895 0x0770 Beep - ok
16:06:13.0959 0x0770 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:06:13.0993 0x0770 BFE - ok
16:06:14.0045 0x0770 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:06:14.0088 0x0770 BITS - ok
16:06:14.0114 0x0770 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:06:14.0117 0x0770 blbdrive - ok
16:06:14.0143 0x0770 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:06:14.0147 0x0770 bowser - ok
16:06:14.0153 0x0770 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:06:14.0155 0x0770 BrFiltLo - ok
16:06:14.0162 0x0770 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:06:14.0164 0x0770 BrFiltUp - ok
16:06:14.0178 0x0770 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:06:14.0184 0x0770 Browser - ok
16:06:14.0210 0x0770 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:06:14.0226 0x0770 Brserid - ok
16:06:14.0234 0x0770 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:06:14.0237 0x0770 BrSerWdm - ok
16:06:14.0244 0x0770 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:06:14.0246 0x0770 BrUsbMdm - ok
16:06:14.0252 0x0770 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:06:14.0254 0x0770 BrUsbSer - ok
16:06:14.0263 0x0770 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:06:14.0266 0x0770 BTHMODEM - ok
16:06:14.0287 0x0770 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:06:14.0292 0x0770 bthserv - ok
16:06:14.0307 0x0770 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:06:14.0312 0x0770 cdfs - ok
16:06:14.0345 0x0770 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:06:14.0367 0x0770 cdrom - ok
16:06:14.0442 0x0770 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:06:14.0446 0x0770 CertPropSvc - ok
16:06:14.0481 0x0770 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:06:14.0558 0x0770 circlass - ok
16:06:14.0629 0x0770 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
16:06:14.0642 0x0770 CLFS - ok
16:06:14.0823 0x0770 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:06:14.0828 0x0770 clr_optimization_v2.0.50727_32 - ok
16:06:14.0862 0x0770 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:06:14.0866 0x0770 clr_optimization_v2.0.50727_64 - ok
16:06:14.0939 0x0770 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:06:14.0976 0x0770 clr_optimization_v4.0.30319_32 - ok
16:06:15.0020 0x0770 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:06:15.0046 0x0770 clr_optimization_v4.0.30319_64 - ok
16:06:15.0062 0x0770 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:06:15.0064 0x0770 CmBatt - ok
16:06:15.0090 0x0770 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:06:15.0092 0x0770 cmdide - ok
16:06:15.0170 0x0770 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
16:06:15.0196 0x0770 CNG - ok
16:06:15.0304 0x0770 [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:06:15.0312 0x0770 Com4QLBEx - ok
16:06:15.0336 0x0770 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:06:15.0338 0x0770 Compbatt - ok
16:06:15.0356 0x0770 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:06:15.0359 0x0770 CompositeBus - ok
16:06:15.0373 0x0770 COMSysApp - ok
16:06:15.0389 0x0770 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:06:15.0391 0x0770 crcdisk - ok
16:06:15.0449 0x0770 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:06:15.0457 0x0770 CryptSvc - ok
16:06:15.0594 0x0770 [ 755F9A47508A7E14C6FD49547E739559, D836F45971563461DAAB435C57C05BF4A7DFDEF01D1D5F9ADB42C45ABD6DF901 ] cuxoloxe C:\Program Files (x86)\7aa7021a-05b1-4791-81e1-c7e17992ccce1485258690\kns9780.tmp
16:06:15.0621 0x0770 cuxoloxe - ok
16:06:15.0688 0x0770 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
16:06:15.0717 0x0770 DcomLaunch - ok
16:06:15.0755 0x0770 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:06:15.0772 0x0770 defragsvc - ok
16:06:15.0802 0x0770 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:06:15.0806 0x0770 DfsC - ok
16:06:15.0852 0x0770 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:06:15.0874 0x0770 Dhcp - ok
16:06:16.0000 0x0770 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
16:06:16.0060 0x0770 DiagTrack - ok
16:06:16.0093 0x0770 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:06:16.0095 0x0770 discache - ok
16:06:16.0126 0x0770 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
16:06:16.0130 0x0770 Disk - ok
16:06:16.0177 0x0770 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:06:16.0185 0x0770 Dnscache - ok
16:06:16.0229 0x0770 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:06:16.0239 0x0770 dot3svc - ok
16:06:16.0258 0x0770 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:06:16.0265 0x0770 DPS - ok
16:06:16.0304 0x0770 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:06:16.0307 0x0770 drmkaud - ok
16:06:16.0380 0x0770 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:06:16.0423 0x0770 DXGKrnl - ok
16:06:16.0473 0x0770 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:06:16.0478 0x0770 EapHost - ok
16:06:16.0627 0x0770 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:06:16.0762 0x0770 ebdrv - ok
16:06:16.0802 0x0770 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] EFS C:\Windows\System32\lsass.exe
16:06:16.0805 0x0770 EFS - ok
16:06:16.0884 0x0770 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:06:16.0924 0x0770 ehRecvr - ok
16:06:16.0952 0x0770 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:06:16.0957 0x0770 ehSched - ok
16:06:17.0002 0x0770 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:06:17.0030 0x0770 elxstor - ok
16:06:17.0062 0x0770 [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
16:06:17.0066 0x0770 enecir - ok
16:06:17.0092 0x0770 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:06:17.0093 0x0770 ErrDev - ok
16:06:17.0140 0x0770 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:06:17.0165 0x0770 EventSystem - ok
16:06:17.0183 0x0770 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:06:17.0190 0x0770 exfat - ok
16:06:17.0205 0x0770 ezSharedSvc - ok
16:06:17.0227 0x0770 F06DEFF2-5B9C-490D-910F-35D3A91196222 - ok
16:06:17.0244 0x0770 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:06:17.0251 0x0770 fastfat - ok
16:06:17.0305 0x0770 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:06:17.0339 0x0770 Fax - ok
16:06:17.0353 0x0770 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:06:17.0355 0x0770 fdc - ok
16:06:17.0376 0x0770 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:06:17.0379 0x0770 fdPHost - ok
16:06:17.0390 0x0770 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:06:17.0393 0x0770 FDResPub - ok
16:06:17.0404 0x0770 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:06:17.0407 0x0770 FileInfo - ok
16:06:17.0414 0x0770 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:06:17.0416 0x0770 Filetrace - ok
16:06:17.0423 0x0770 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:06:17.0425 0x0770 flpydisk - ok
16:06:17.0462 0x0770 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:06:17.0526 0x0770 FltMgr - ok
16:06:17.0618 0x0770 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
16:06:17.0669 0x0770 FontCache - ok
16:06:17.0729 0x0770 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:06:17.0730 0x0770 FontCache3.0.0.0 - ok
16:06:17.0739 0x0770 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:06:17.0741 0x0770 FsDepends - ok
16:06:17.0765 0x0770 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:06:17.0768 0x0770 Fs_Rec - ok
16:06:17.0794 0x0770 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:06:17.0803 0x0770 fvevol - ok
16:06:17.0826 0x0770 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:06:17.0830 0x0770 gagp30kx - ok
16:06:17.0895 0x0770 [ C44D560E441F091EA3B72F778EC60DE2, 1F90BA0E98C436B98BF6B0BC93146B52C081DF374424E2DCA270316D508A59B2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
16:06:17.0905 0x0770 GameConsoleService - ok
16:06:17.0927 0x0770 gemeloki - ok
16:06:17.0989 0x0770 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
16:06:18.0026 0x0770 gpsvc - ok
16:06:18.0122 0x0770 [ 8EF6A8230FAF1BFD71CB68DCB2BD4723, 8CFD942B851127A503A7FA369D339196BB81C2C59026CE75DB3DD8BC65691A1D ] Grerzuied C:\Program Files (x86)\Meqaculthalek\BoforyMng.dll
16:06:18.0129 0x0770 Grerzuied - ok
16:06:18.0187 0x0770 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:06:18.0195 0x0770 gusvc - ok
16:06:18.0207 0x0770 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:06:18.0210 0x0770 hcw85cir - ok
16:06:18.0249 0x0770 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:06:18.0271 0x0770 HdAudAddService - ok
16:06:18.0317 0x0770 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:06:18.0322 0x0770 HDAudBus - ok
16:06:18.0340 0x0770 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:06:18.0343 0x0770 HidBatt - ok
16:06:18.0362 0x0770 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:06:18.0367 0x0770 HidBth - ok
16:06:18.0419 0x0770 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:06:18.0422 0x0770 HidIr - ok
16:06:18.0446 0x0770 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:06:18.0449 0x0770 hidserv - ok
16:06:18.0494 0x0770 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:06:18.0497 0x0770 HidUsb - ok
16:06:18.0527 0x0770 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:06:18.0532 0x0770 hkmsvc - ok
16:06:18.0567 0x0770 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:06:18.0578 0x0770 HomeGroupListener - ok
16:06:18.0598 0x0770 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:06:18.0607 0x0770 HomeGroupProvider - ok
16:06:18.0662 0x0770 [ 0141816A095A3F5A83FFA5B4A47B8023, F7B26D707EB817FA0F5BFDFA785370B458AF54C94A1E679B36F6808158EA467C ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
16:06:18.0667 0x0770 HP Health Check Service - ok
16:06:18.0695 0x0770 [ 05712FDDBD45A5864EB326FAABC6A4E3, 8BACA990971A331E6EC7F896EF2404F09E381DAA3519FC6E3027C0DBD991BA7F ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:06:18.0698 0x0770 hpdskflt - ok
16:06:18.0730 0x0770 [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:06:18.0732 0x0770 HpqKbFiltr - ok
16:06:18.0785 0x0770 [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:06:18.0794 0x0770 hpqwmiex - ok
16:06:18.0819 0x0770 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:06:18.0823 0x0770 HpSAMD - ok
16:06:18.0838 0x0770 [ AA036CC5F5221D9B915F4D4DCE74BA9A, B90B9F7753B45387AD56A7CE1365BEBC9EB67011B6D2F8C785717942133775AA ] hpsrv C:\Windows\system32\Hpservice.exe
16:06:18.0841 0x0770 hpsrv - ok
16:06:18.0891 0x0770 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:06:18.0923 0x0770 HTTP - ok
16:06:18.0960 0x0770 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:06:18.0962 0x0770 hwpolicy - ok
16:06:18.0996 0x0770 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:06:19.0001 0x0770 i8042prt - ok
16:06:19.0041 0x0770 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:06:19.0066 0x0770 iaStorV - ok
16:06:19.0129 0x0770 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:06:19.0189 0x0770 idsvc - ok
16:06:19.0230 0x0770 IEEtwCollectorService - ok
16:06:19.0987 0x0770 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:06:20.0223 0x0770 igfx - ok
16:06:20.0252 0x0770 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:06:20.0256 0x0770 iirsp - ok
16:06:20.0312 0x0770 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:06:20.0354 0x0770 IKEEXT - ok
16:06:20.0386 0x0770 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:06:20.0389 0x0770 intelide - ok
16:06:20.0400 0x0770 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:06:20.0405 0x0770 intelppm - ok
16:06:20.0438 0x0770 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:06:20.0444 0x0770 IPBusEnum - ok
16:06:20.0478 0x0770 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:06:20.0483 0x0770 IpFilterDriver - ok
16:06:20.0525 0x0770 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:06:20.0553 0x0770 iphlpsvc - ok
16:06:20.0585 0x0770 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:06:20.0589 0x0770 IPMIDRV - ok
16:06:20.0599 0x0770 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:06:20.0604 0x0770 IPNAT - ok
16:06:20.0611 0x0770 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:06:20.0613 0x0770 IRENUM - ok
16:06:20.0636 0x0770 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:06:20.0639 0x0770 isapnp - ok
16:06:20.0669 0x0770 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:06:20.0686 0x0770 iScsiPrt - ok
16:06:20.0747 0x0770 [ F8844B00C10E386C704C610E95A9847D, 3E3CFDDD0DD9E98542BAE07ED9CF922D98370C94BE364BA84F677EAA01ED775A ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:06:20.0753 0x0770 JMCR - ok
16:06:20.0781 0x0770 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:06:20.0784 0x0770 kbdclass - ok
16:06:20.0811 0x0770 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:06:20.0813 0x0770 kbdhid - ok
16:06:20.0828 0x0770 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] KeyIso C:\Windows\system32\lsass.exe
16:06:20.0830 0x0770 KeyIso - ok
16:06:20.0862 0x0770 [ 3974E5264A0481600370C5BEED061DDF, 6365DC2B3ECAF462F98481103F47B7550688D1A3AE96C88FDBCB3ED3BBB76EB6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:06:20.0867 0x0770 KSecDD - ok
16:06:20.0897 0x0770 [ 6E85615A86FE86E76DAE49BF9F227483, 825F9906910C33A36D04D805402A8C0C8E09232407E077B85282E3208A9BFC25 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:06:20.0904 0x0770 KSecPkg - ok
16:06:20.0912 0x0770 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:06:20.0913 0x0770 ksthunk - ok
16:06:20.0978 0x0770 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:06:21.0003 0x0770 KtmRm - ok
16:06:21.0031 0x0770 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:06:21.0041 0x0770 LanmanServer - ok
16:06:21.0069 0x0770 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:06:21.0075 0x0770 LanmanWorkstation - ok
16:06:21.0159 0x0770 [ 83D8BE94E1CBCBE2EA8372DB1A95A159, 28D18C7B93EFB6C83023D39A54489DDE98DE578AFCC06DD0712D00DE7CD48968 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:06:21.0162 0x0770 LightScribeService - ok
16:06:21.0179 0x0770 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:06:21.0181 0x0770 lltdio - ok
16:06:21.0219 0x0770 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:06:21.0257 0x0770 lltdsvc - ok
16:06:21.0276 0x0770 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:06:21.0278 0x0770 lmhosts - ok
16:06:21.0306 0x0770 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:06:21.0311 0x0770 LSI_FC - ok
16:06:21.0321 0x0770 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:06:21.0325 0x0770 LSI_SAS - ok
16:06:21.0333 0x0770 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:06:21.0337 0x0770 LSI_SAS2 - ok
16:06:21.0348 0x0770 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:06:21.0352 0x0770 LSI_SCSI - ok
16:06:21.0362 0x0770 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:06:21.0366 0x0770 luafv - ok
16:06:21.0414 0x0770 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:06:21.0419 0x0770 Mcx2Svc - ok
16:06:21.0440 0x0770 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:06:21.0443 0x0770 megasas - ok
16:06:21.0466 0x0770 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:06:21.0483 0x0770 MegaSR - ok
16:06:21.0506 0x0770 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:06:21.0511 0x0770 MMCSS - ok
16:06:21.0531 0x0770 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:06:21.0533 0x0770 Modem - ok
16:06:21.0544 0x0770 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:06:21.0545 0x0770 monitor - ok
16:06:21.0571 0x0770 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:06:21.0574 0x0770 mouclass - ok
16:06:21.0581 0x0770 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:06:21.0583 0x0770 mouhid - ok
16:06:21.0616 0x0770 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:06:21.0620 0x0770 mountmgr - ok
16:06:21.0678 0x0770 [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:06:21.0685 0x0770 MozillaMaintenance - ok
16:06:21.0713 0x0770 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:06:21.0720 0x0770 mpio - ok
16:06:21.0736 0x0770 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:06:21.0740 0x0770 mpsdrv - ok
16:06:21.0800 0x0770 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:06:21.0837 0x0770 MpsSvc - ok
16:06:21.0871 0x0770 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:06:21.0878 0x0770 MRxDAV - ok
16:06:21.0917 0x0770 [ 10112D850C844606419C79EE24EE6016, 1668F47ED9C31D805542646A0AD6E572C3547FF822F5BCDF1BB3F521714F8B85 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:06:21.0924 0x0770 mrxsmb - ok
16:06:21.0958 0x0770 [ DCC4343B422A13B42C7678998449CE8A, 9C143543DC9B21A15C5E86640464A3A78C5E820857D0A6BE05D4FBC20D0BF866 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:06:21.0970 0x0770 mrxsmb10 - ok
16:06:22.0001 0x0770 [ 46C4F5BEE8D98BB1688752EAD0ABB7C0, C744F39E462798DC98D1C4603758AC43DB4A7961F3BAF9E5ABA22AD905E012F8 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:06:22.0006 0x0770 mrxsmb20 - ok
16:06:22.0036 0x0770 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:06:22.0038 0x0770 msahci - ok
16:06:22.0068 0x0770 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:06:22.0075 0x0770 msdsm - ok
16:06:22.0091 0x0770 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:06:22.0098 0x0770 MSDTC - ok
16:06:22.0134 0x0770 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:06:22.0137 0x0770 Msfs - ok
16:06:22.0147 0x0770 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:06:22.0150 0x0770 mshidkmdf - ok
16:06:22.0173 0x0770 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:06:22.0175 0x0770 msisadrv - ok
16:06:22.0212 0x0770 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:06:22.0221 0x0770 MSiSCSI - ok
16:06:22.0231 0x0770 msiserver - ok
16:06:22.0256 0x0770 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:06:22.0258 0x0770 MSKSSRV - ok
16:06:22.0277 0x0770 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:06:22.0279 0x0770 MSPCLOCK - ok
16:06:22.0291 0x0770 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:06:22.0293 0x0770 MSPQM - ok
16:06:22.0326 0x0770 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:06:22.0349 0x0770 MsRPC - ok
16:06:22.0382 0x0770 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:06:22.0383 0x0770 mssmbios - ok
16:06:22.0396 0x0770 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:06:22.0398 0x0770 MSTEE - ok
16:06:22.0414 0x0770 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:06:22.0418 0x0770 MTConfig - ok
16:06:22.0438 0x0770 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:06:22.0441 0x0770 Mup - ok
16:06:22.0506 0x0770 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:06:22.0531 0x0770 napagent - ok
16:06:22.0574 0x0770 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:06:22.0591 0x0770 NativeWifiP - ok
16:06:22.0666 0x0770 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:06:22.0732 0x0770 NDIS - ok
16:06:22.0772 0x0770 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:06:22.0775 0x0770 NdisCap - ok
16:06:22.0793 0x0770 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:06:22.0795 0x0770 NdisTapi - ok
16:06:22.0830 0x0770 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:06:22.0833 0x0770 Ndisuio - ok
16:06:22.0869 0x0770 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:06:22.0877 0x0770 NdisWan - ok
16:06:22.0901 0x0770 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:06:22.0905 0x0770 NDProxy - ok
16:06:22.0919 0x0770 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:06:22.0923 0x0770 NetBIOS - ok
16:06:22.0954 0x0770 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:06:22.0964 0x0770 NetBT - ok
16:06:22.0983 0x0770 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] Netlogon C:\Windows\system32\lsass.exe
16:06:22.0985 0x0770 Netlogon - ok
16:06:23.0016 0x0770 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:06:23.0042 0x0770 Netman - ok
16:06:23.0086 0x0770 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:06:23.0094 0x0770 NetMsmqActivator - ok
16:06:23.0117 0x0770 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:06:23.0122 0x0770 NetPipeActivator - ok
16:06:23.0142 0x0770 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:06:23.0158 0x0770 netprofm - ok
16:06:23.0175 0x0770 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:06:23.0179 0x0770 NetTcpActivator - ok
16:06:23.0188 0x0770 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:06:23.0192 0x0770 NetTcpPortSharing - ok
16:06:23.0406 0x0770 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
16:06:23.0867 0x0770 netw5v64 - ok
16:06:23.0900 0x0770 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:06:23.0904 0x0770 nfrd960 - ok
16:06:23.0950 0x0770 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:06:23.0971 0x0770 NlaSvc - ok
16:06:23.0982 0x0770 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:06:23.0984 0x0770 Npfs - ok
16:06:24.0017 0x0770 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:06:24.0020 0x0770 nsi - ok
16:06:24.0031 0x0770 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:06:24.0033 0x0770 nsiproxy - ok
16:06:24.0130 0x0770 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:06:24.0201 0x0770 Ntfs - ok
16:06:24.0225 0x0770 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:06:24.0228 0x0770 Null - ok
16:06:24.0404 0x0770 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:06:24.0411 0x0770 nvraid - ok
16:06:24.0545 0x0770 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:06:24.0551 0x0770 nvstor - ok
16:06:24.0604 0x0770 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:06:24.0612 0x0770 nv_agp - ok
16:06:24.0765 0x0770 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:06:24.0791 0x0770 odserv - ok
16:06:24.0822 0x0770 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:06:24.0863 0x0770 ohci1394 - ok
16:06:24.0898 0x0770 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:06:24.0905 0x0770 ose - ok
16:06:24.0941 0x0770 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:06:24.0962 0x0770 p2pimsvc - ok
16:06:24.0994 0x0770 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:06:25.0019 0x0770 p2psvc - ok
16:06:25.0047 0x0770 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:06:25.0052 0x0770 Parport - ok
16:06:25.0080 0x0770 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:06:25.0084 0x0770 partmgr - ok
16:06:25.0119 0x0770 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:06:25.0127 0x0770 PcaSvc - ok
16:06:25.0161 0x0770 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:06:25.0168 0x0770 pci - ok
16:06:25.0194 0x0770 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:06:25.0197 0x0770 pciide - ok
16:06:25.0218 0x0770 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:06:25.0228 0x0770 pcmcia - ok
16:06:25.0245 0x0770 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:06:25.0249 0x0770 pcw - ok
16:06:25.0294 0x0770 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:06:25.0327 0x0770 PEAUTH - ok
16:06:25.0393 0x0770 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:06:25.0396 0x0770 PerfHost - ok
16:06:25.0484 0x0770 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:06:25.0552 0x0770 pla - ok
16:06:25.0602 0x0770 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:06:25.0628 0x0770 PlugPlay - ok
16:06:25.0655 0x0770 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:06:25.0659 0x0770 PNRPAutoReg - ok
16:06:25.0684 0x0770 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:06:25.0694 0x0770 PNRPsvc - ok
16:06:25.0756 0x0770 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:06:25.0781 0x0770 PolicyAgent - ok
16:06:25.0821 0x0770 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:06:25.0829 0x0770 Power - ok
16:06:25.0879 0x0770 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:06:25.0884 0x0770 PptpMiniport - ok
16:06:25.0911 0x0770 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:06:25.0915 0x0770 Processor - ok
16:06:25.0946 0x0770 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:06:25.0956 0x0770 ProfSvc - ok
16:06:25.0978 0x0770 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:06:25.0980 0x0770 ProtectedStorage - ok
16:06:26.0007 0x0770 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:06:26.0012 0x0770 Psched - ok
16:06:26.0082 0x0770 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:06:26.0157 0x0770 ql2300 - ok
16:06:26.0173 0x0770 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:06:26.0177 0x0770 ql40xx - ok
16:06:26.0200 0x0770 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:06:26.0217 0x0770 QWAVE - ok
16:06:26.0225 0x0770 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:06:26.0227 0x0770 QWAVEdrv - ok
16:06:26.0241 0x0770 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:06:26.0243 0x0770 RasAcd - ok
16:06:26.0274 0x0770 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:06:26.0277 0x0770 RasAgileVpn - ok
16:06:26.0301 0x0770 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:06:26.0307 0x0770 RasAuto - ok
16:06:26.0326 0x0770 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:06:26.0332 0x0770 Rasl2tp - ok
16:06:26.0363 0x0770 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:06:26.0391 0x0770 RasMan - ok
16:06:26.0400 0x0770 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:06:26.0404 0x0770 RasPppoe - ok
16:06:26.0413 0x0770 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:06:26.0416 0x0770 RasSstp - ok
16:06:26.0452 0x0770 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:06:26.0469 0x0770 rdbss - ok
16:06:26.0494 0x0770 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:06:26.0497 0x0770 rdpbus - ok
16:06:26.0526 0x0770 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:06:26.0528 0x0770 RDPCDD - ok
16:06:26.0541 0x0770 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:06:26.0543 0x0770 RDPENCDD - ok
16:06:26.0556 0x0770 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:06:26.0558 0x0770 RDPREFMP - ok
16:06:26.0588 0x0770 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:06:26.0597 0x0770 RDPWD - ok
16:06:26.0635 0x0770 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:06:26.0643 0x0770 rdyboost - ok
16:06:26.0667 0x0770 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:06:26.0675 0x0770 RemoteAccess - ok
16:06:26.0723 0x0770 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:06:26.0731 0x0770 RemoteRegistry - ok
16:06:26.0736 0x0770 RepairFileHewlettPackard - ok
16:06:26.0795 0x0770 [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:06:26.0804 0x0770 RichVideo - ok
16:06:26.0819 0x0770 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:06:26.0824 0x0770 RpcEptMapper - ok
16:06:26.0849 0x0770 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:06:26.0851 0x0770 RpcLocator - ok
16:06:26.0902 0x0770 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
16:06:26.0916 0x0770 RpcSs - ok
16:06:26.0966 0x0770 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:06:26.0970 0x0770 rspndr - ok
16:06:26.0988 0x0770 [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:06:26.0997 0x0770 RTL8167 - ok
16:06:27.0017 0x0770 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] SamSs C:\Windows\system32\lsass.exe
16:06:27.0019 0x0770 SamSs - ok
16:06:27.0045 0x0770 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:06:27.0050 0x0770 sbp2port - ok
16:06:27.0070 0x0770 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:06:27.0079 0x0770 SCardSvr - ok
16:06:27.0106 0x0770 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:06:27.0108 0x0770 scfilter - ok
16:06:27.0181 0x0770 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
16:06:27.0249 0x0770 Schedule - ok
16:06:27.0281 0x0770 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:06:27.0283 0x0770 SCPolicySvc - ok
16:06:27.0318 0x0770 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:06:27.0323 0x0770 sdbus - ok
16:06:27.0350 0x0770 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:06:27.0359 0x0770 SDRSVC - ok
16:06:27.0374 0x0770 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:06:27.0378 0x0770 secdrv - ok
16:06:27.0413 0x0770 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
16:06:27.0417 0x0770 seclogon - ok
16:06:27.0442 0x0770 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:06:27.0446 0x0770 SENS - ok
16:06:27.0453 0x0770 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:06:27.0456 0x0770 SensrSvc - ok
16:06:27.0472 0x0770 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:06:27.0475 0x0770 Serenum - ok
16:06:27.0497 0x0770 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:06:27.0502 0x0770 Serial - ok
16:06:27.0530 0x0770 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:06:27.0533 0x0770 sermouse - ok
16:06:27.0582 0x0770 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:06:27.0588 0x0770 SessionEnv - ok
16:06:27.0617 0x0770 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:06:27.0619 0x0770 sffdisk - ok
16:06:27.0651 0x0770 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:06:27.0653 0x0770 sffp_mmc - ok
16:06:27.0669 0x0770 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:06:27.0671 0x0770 sffp_sd - ok
16:06:27.0691 0x0770 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:06:27.0693 0x0770 sfloppy - ok
16:06:27.0734 0x0770 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:06:27.0757 0x0770 SharedAccess - ok
16:06:27.0793 0x0770 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:06:27.0817 0x0770 ShellHWDetection - ok
16:06:27.0829 0x0770 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:06:27.0832 0x0770 SiSRaid2 - ok
16:06:27.0843 0x0770 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:06:27.0846 0x0770 SiSRaid4 - ok
16:06:27.0878 0x0770 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:06:27.0883 0x0770 Smb - ok
16:06:27.0915 0x0770 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:06:27.0918 0x0770 SNMPTRAP - ok
16:06:27.0924 0x0770 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:06:27.0926 0x0770 spldr - ok
16:06:27.0968 0x0770 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:06:27.0996 0x0770 Spooler - ok
16:06:28.0160 0x0770 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:06:28.0289 0x0770 sppsvc - ok
16:06:28.0323 0x0770 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:06:28.0328 0x0770 sppuinotify - ok
16:06:28.0390 0x0770 [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv C:\Windows\system32\DRIVERS\srv.sys
16:06:28.0405 0x0770 srv - ok
16:06:28.0442 0x0770 [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:06:28.0468 0x0770 srv2 - ok
16:06:28.0508 0x0770 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:06:28.0529 0x0770 SrvHsfHDA - ok
16:06:28.0599 0x0770 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:06:28.0682 0x0770 SrvHsfV92 - ok
16:06:28.0731 0x0770 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:06:28.0767 0x0770 SrvHsfWinac - ok
16:06:28.0808 0x0770 [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:06:28.0816 0x0770 srvnet - ok
16:06:28.0840 0x0770 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:06:28.0849 0x0770 SSDPSRV - ok
16:06:28.0859 0x0770 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:06:28.0863 0x0770 SstpSvc - ok
16:06:28.0979 0x0770 [ 810199DCC3BDC38304D7D649992EA7BC, B72D88A9F03D2BE65D45691AB643D11EC306E654AEB74C6610DC7331FE440110 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
16:06:28.0988 0x0770 STacSV - ok
16:06:29.0003 0x0770 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:06:29.0005 0x0770 stexstor - ok
16:06:29.0052 0x0770 [ ED1722F43CE61409EF68340402D6267D, 2FC14738C8F268DE4539064DE6D8954B6C9CD4ADE1139E2C74BD3486BF9A0861 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:06:29.0078 0x0770 STHDA - ok
16:06:29.0129 0x0770 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:06:29.0160 0x0770 stisvc - ok
16:06:29.0184 0x0770 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:06:29.0186 0x0770 swenum - ok
16:06:29.0223 0x0770 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:06:29.0253 0x0770 swprv - ok
16:06:29.0294 0x0770 [ 929C9FA0B18AD2EBC8340591C4BF00FF, 710704028A069EEC918F67D9776AF1367005E3EF8536F2516CB5A12163AFDE8E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:06:29.0311 0x0770 SynTP - ok
16:06:29.0402 0x0770 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
16:06:29.0495 0x0770 SysMain - ok
16:06:29.0616 0x0770 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:06:29.0646 0x0770 TabletInputService - ok
16:06:29.0770 0x0770 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:06:29.0820 0x0770 TapiSrv - ok
16:06:29.0917 0x0770 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:06:30.0014 0x0770 Tcpip - ok
16:06:30.0115 0x0770 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:06:30.0166 0x0770 TCPIP6 - ok
16:06:30.0206 0x0770 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:06:30.0209 0x0770 tcpipreg - ok
16:06:30.0239 0x0770 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:06:30.0241 0x0770 TDPIPE - ok
16:06:30.0268 0x0770 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:06:30.0271 0x0770 TDTCP - ok
16:06:30.0301 0x0770 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:06:30.0306 0x0770 tdx - ok
16:06:30.0331 0x0770 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:06:30.0334 0x0770 TermDD - ok
16:06:30.0470 0x0770 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:06:30.0504 0x0770 TermService - ok
16:06:30.0557 0x0770 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:06:30.0561 0x0770 Themes - ok
16:06:30.0589 0x0770 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:06:30.0592 0x0770 THREADORDER - ok
16:06:30.0630 0x0770 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:06:30.0637 0x0770 TrkWks - ok
16:06:30.0684 0x0770 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:06:30.0692 0x0770 TrustedInstaller - ok
16:06:30.0721 0x0770 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:06:30.0724 0x0770 tssecsrv - ok
16:06:30.0769 0x0770 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:06:30.0772 0x0770 TsUsbFlt - ok
16:06:30.0821 0x0770 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:06:30.0826 0x0770 tunnel - ok
16:06:30.0867 0x0770 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:06:30.0871 0x0770 uagp35 - ok
16:06:30.0903 0x0770 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:06:30.0927 0x0770 udfs - ok
16:06:30.0961 0x0770 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:06:30.0966 0x0770 UI0Detect - ok
16:06:30.0991 0x0770 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:06:30.0994 0x0770 uliagpkx - ok
16:06:31.0031 0x0770 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
16:06:31.0034 0x0770 umbus - ok
16:06:31.0056 0x0770 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:06:31.0059 0x0770 UmPass - ok
16:06:31.0102 0x0770 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:06:31.0128 0x0770 upnphost - ok
16:06:31.0157 0x0770 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:06:31.0163 0x0770 usbccgp - ok
16:06:31.0205 0x0770 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:06:31.0210 0x0770 usbcir - ok
16:06:31.0228 0x0770 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:06:31.0231 0x0770 usbehci - ok
16:06:31.0270 0x0770 [ 44D9C773FEBFF10593B50DDFC2D6BC27, 17D76961C77476FAFC4487C03A9748C378FA7C3858F764DD87B4B127504E7E1F ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
16:06:31.0272 0x0770 usbfilter - ok
16:06:31.0294 0x0770 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:06:31.0318 0x0770 usbhub - ok
16:06:31.0336 0x0770 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:06:31.0338 0x0770 usbohci - ok
16:06:31.0357 0x0770 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:06:31.0359 0x0770 usbprint - ok
16:06:31.0391 0x0770 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:06:31.0395 0x0770 USBSTOR - ok
16:06:31.0467 0x0770 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:06:31.0470 0x0770 usbuhci - ok
16:06:31.0500 0x0770 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:06:31.0508 0x0770 usbvideo - ok
16:06:31.0556 0x0770 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
16:06:31.0559 0x0770 usb_rndisx - ok
16:06:31.0595 0x0770 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:06:31.0599 0x0770 UxSms - ok
16:06:31.0613 0x0770 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] VaultSvc C:\Windows\system32\lsass.exe
16:06:31.0615 0x0770 VaultSvc - ok
16:06:31.0647 0x0770 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:06:31.0650 0x0770 vdrvroot - ok
16:06:31.0702 0x0770 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:06:31.0733 0x0770 vds - ok
16:06:31.0753 0x0770 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:06:31.0757 0x0770 vga - ok
16:06:31.0776 0x0770 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:06:31.0778 0x0770 VgaSave - ok
16:06:31.0814 0x0770 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:06:31.0823 0x0770 vhdmp - ok
16:06:31.0844 0x0770 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:06:31.0847 0x0770 viaide - ok
16:06:31.0875 0x0770 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:06:31.0878 0x0770 volmgr - ok
16:06:31.0921 0x0770 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:06:31.0943 0x0770 volmgrx - ok
16:06:31.0981 0x0770 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:06:32.0002 0x0770 volsnap - ok
16:06:32.0026 0x0770 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:06:32.0034 0x0770 vsmraid - ok
16:06:32.0120 0x0770 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:06:32.0195 0x0770 VSS - ok
16:06:32.0207 0x0770 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:06:32.0209 0x0770 vwifibus - ok
16:06:32.0231 0x0770 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:06:32.0234 0x0770 vwififlt - ok
16:06:32.0286 0x0770 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:06:32.0288 0x0770 vwifimp - ok
16:06:32.0325 0x0770 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:06:32.0350 0x0770 W32Time - ok
16:06:32.0370 0x0770 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:06:32.0373 0x0770 WacomPen - ok
16:06:32.0445 0x0770 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:06:32.0449 0x0770 WANARP - ok
16:06:32.0468 0x0770 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:06:32.0471 0x0770 Wanarpv6 - ok
16:06:32.0540 0x0770 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:06:32.0616 0x0770 wbengine - ok
16:06:32.0666 0x0770 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:06:32.0676 0x0770 WbioSrvc - ok
16:06:32.0722 0x0770 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:06:32.0783 0x0770 wcncsvc - ok
16:06:32.0793 0x0770 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:06:32.0796 0x0770 WcsPlugInService - ok
16:06:32.0825 0x0770 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:06:32.0827 0x0770 Wd - ok
16:06:32.0890 0x0770 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:06:32.0923 0x0770 Wdf01000 - ok
16:06:32.0972 0x0770 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:06:32.0978 0x0770 WdiServiceHost - ok
16:06:32.0985 0x0770 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:06:32.0988 0x0770 WdiSystemHost - ok
16:06:33.0052 0x0770 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
16:06:33.0063 0x0770 WebClient - ok
16:06:33.0093 0x0770 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:06:33.0110 0x0770 Wecsvc - ok
16:06:33.0124 0x0770 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:06:33.0130 0x0770 wercplsupport - ok
16:06:33.0154 0x0770 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:06:33.0159 0x0770 WerSvc - ok
16:06:33.0175 0x0770 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:06:33.0177 0x0770 WfpLwf - ok
16:06:33.0196 0x0770 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:06:33.0199 0x0770 WIMMount - ok
16:06:33.0219 0x0770 WinDefend - ok
16:06:33.0237 0x0770 WinHttpAutoProxySvc - ok
16:06:33.0297 0x0770 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:06:33.0306 0x0770 Winmgmt - ok
16:06:33.0416 0x0770 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:06:33.0542 0x0770 WinRM - ok
16:06:33.0587 0x0770 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:06:33.0589 0x0770 WinUsb - ok
16:06:33.0639 0x0770 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:06:33.0682 0x0770 Wlansvc - ok
16:06:33.0707 0x0770 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:06:33.0708 0x0770 WmiAcpi - ok
16:06:33.0738 0x0770 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:06:33.0746 0x0770 wmiApSrv - ok
16:06:33.0761 0x0770 WMPNetworkSvc - ok
16:06:33.0778 0x0770 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:06:33.0781 0x0770 WPCSvc - ok
16:06:33.0806 0x0770 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:06:33.0813 0x0770 WPDBusEnum - ok
16:06:33.0840 0x0770 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:06:33.0843 0x0770 ws2ifsl - ok
16:06:33.0860 0x0770 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:06:33.0867 0x0770 wscsvc - ok
16:06:33.0877 0x0770 WSearch - ok
16:06:34.0008 0x0770 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
16:06:34.0107 0x0770 wuauserv - ok
16:06:34.0150 0x0770 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:06:34.0154 0x0770 WudfPf - ok
16:06:34.0191 0x0770 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:06:34.0201 0x0770 WUDFRd - ok
16:06:34.0225 0x0770 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:06:34.0230 0x0770 wudfsvc - ok
16:06:34.0268 0x0770 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:06:34.0285 0x0770 WwanSvc - ok
16:06:34.0315 0x0770 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
16:06:34.0411 0x0770 yukonw7 - ok
16:06:34.0937 0x0770 [ 68FF1BCFDD5A15D02286F20DB0A2DFFB, E488D51452D16E24DC078B13671D0759C96AB48A88CA2B0C76E368BDD975255F ] zdengine C:\Program Files (x86)\OtherSearch\zdengine.exe
16:06:34.0983 0x0770 zdengine - ok
16:06:35.0138 0x0770 [ 542199EC8FAA7CB170B8F663D62ADA99, BE4317DDD6DE0DBBDCA11414EC0CC43E69038E056BAD21A6738E39E397B80A42 ] zigipyro C:\Users\Simone\AppData\Local\39464E43-1485266695-3136-4E52-00269E57E885\qnsn3CE3.tmp
16:06:35.0145 0x0770 zigipyro - ok
16:06:35.0174 0x0770 ================ Scan global ===============================
16:06:35.0207 0x0770 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
16:06:35.0256 0x0770 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
16:06:35.0275 0x0770 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
16:06:35.0312 0x0770 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:06:35.0351 0x0770 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:06:35.0372 0x0770 [ Global ] - ok
16:06:35.0376 0x0770 ================ Scan MBR ==================================
16:06:35.0393 0x0770 [ BE537C32A40C2FC2B940B3FC753D4EF8 ] \Device\Harddisk0\DR0
16:06:35.0682 0x0770 \Device\Harddisk0\DR0 - ok
16:06:35.0682 0x0770 ================ Scan VBR ==================================
16:06:35.0686 0x0770 [ 83D62B57D3F997109F2FBC3D465B62E3 ] \Device\Harddisk0\DR0\Partition1
16:06:35.0688 0x0770 \Device\Harddisk0\DR0\Partition1 - ok
16:06:35.0694 0x0770 [ 09043F044FF4DA6076E1DFF8210A01AC ] \Device\Harddisk0\DR0\Partition2
16:06:35.0696 0x0770 \Device\Harddisk0\DR0\Partition2 - ok
16:06:35.0701 0x0770 [ 753A7CF5E8577F6958F80B9C10C5E477 ] \Device\Harddisk0\DR0\Partition3
16:06:35.0703 0x0770 \Device\Harddisk0\DR0\Partition3 - ok
16:06:35.0709 0x0770 [ 89244C98D8954C2EA0E2F80F269C8245 ] \Device\Harddisk0\DR0\Partition4
16:06:35.0709 0x0770 \Device\Harddisk0\DR0\Partition4 - ok
16:06:35.0711 0x0770 ================ Scan generic autorun ======================
16:06:35.0721 0x0770 SynTPEnh - ok
16:06:35.0804 0x0770 [ 7A2C26459B599A2D6D5401F73ACA1981, EABDE03BE7F10A3A1CF9E0A38B834F9B48A14D921C63121645DF0906526BB661 ] C:\Program Files\IDT\WDM\sttray64.exe
16:06:35.0830 0x0770 SysTrayApp - ok
16:06:35.0891 0x0770 [ 4C590463E5B60310DBE660686C6CCF7B, 01CF341CEF85799ADDBA7BE256A07C9689A0E53E7151794688153E5BD48EF721 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
16:06:35.0919 0x0770 SmartMenu - ok
16:06:35.0956 0x0770 [ A0DD3037E2DC702A7BED6C3CC2DB8FA6, 709BB80726403C2F1807BE6D766AAD8F7F7F86939804D88A60ED91DFCD76A608 ] C:\Program Files\Java\jre6\bin\jusched.exe
16:06:35.0963 0x0770 SunJavaUpdateSched - ok
16:06:36.0016 0x0770 [ CABF1DF6108BDE0EA1FDFAA67FA02760, 2CEB8E3C2A222C7542B5108DE8280956A12496497FA65709E3830AF8B8141DD5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:06:36.0021 0x0770 StartCCC - ok
16:06:36.0108 0x0770 [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
16:06:36.0116 0x0770 HPCam_Menu - ok
16:06:36.0158 0x0770 [ 0771A5C3B78967F9F83C1C429334AD2A, ACD7C25A85526F8ECC5C54130A1972BC22F78C6E220B99D3D1C2EE42378455FF ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
16:06:36.0174 0x0770 QlbCtrl.exe - ok
16:06:36.0240 0x0770 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
16:06:36.0249 0x0770 UpdatePRCShortCut - ok
16:06:36.0300 0x0770 [ 452FA961163EF4AEE4815796A13AB2CF, 14DC422082F96F5C21C41A5E5F6E8445547CC4B02B18F0A86A34669CA2CE18A7 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
16:06:36.0302 0x0770 Adobe Reader Speed Launcher - ok
16:06:36.0337 0x0770 [ 15657931FB7CA61FA1B72B955E1799E7, 1B25DFE965CC6BB59817097A37ABE77A3B27269915FFA64B16F9ABF65F511FF9 ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
16:06:36.0340 0x0770 Easybits Recovery - ok
16:06:36.0386 0x0770 [ D22D936F9AB0DA3B8EB7537284867708, 97C5A3985CF7CFD57F77A29A07B440E2A35EFEFC17BCF5896894F2A760674742 ] C:\Program Files (x86)\Java\jre6\bin\jusched.exe
16:06:36.0392 0x0770 SunJavaUpdateSched - ok
16:06:36.0414 0x0770 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
16:06:36.0417 0x0770 HP Software Update - ok
16:06:36.0513 0x0770 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:06:36.0580 0x0770 Sidebar - ok
16:06:36.0630 0x0770 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:06:36.0635 0x0770 mctadmin - ok
16:06:36.0686 0x0770 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:06:36.0715 0x0770 Sidebar - ok
16:06:36.0727 0x0770 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:06:36.0731 0x0770 mctadmin - ok
16:06:36.0823 0x0770 [ 9157189DC07511ECBBE1D2615D8A2FED, 071318574386D44CF62F633D9A78451A41DB3EF74B2973EBE26A3F7ED336A079 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
16:06:36.0864 0x0770 HPADVISOR - ok
16:06:37.0027 0x0770 [ CCF2234A35077CA217A61C9CACC48198, C1FB60E22DB42073A7803B2715A779D42D86F762D226312E8D3BC78FBB5D1E1D ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
16:06:37.0119 0x0770 LightScribe Control Panel - ok
16:06:37.0211 0x0770 [ 9B5E5E7A5E8E8030691AA223B507BE22, DD0986D2BCF1AF56BE123AA71B37FDF5BC24FE7ED16A0517A0E7386DAE7F8AF3 ] C:\Program Files\QP51FFQLD4\XTTOFJM57.exe
16:06:37.0233 0x0770 6JO5OX3NZN - ok
16:06:37.0346 0x0770 [ 9B5E5E7A5E8E8030691AA223B507BE22, DD0986D2BCF1AF56BE123AA71B37FDF5BC24FE7ED16A0517A0E7386DAE7F8AF3 ] C:\Program Files\5WV3YOI7WJ\5WV3YOI7W.exe
16:06:37.0374 0x0770 4FV6DPZQHX - ok
16:06:37.0493 0x0770 [ 9B5E5E7A5E8E8030691AA223B507BE22, DD0986D2BCF1AF56BE123AA71B37FDF5BC24FE7ED16A0517A0E7386DAE7F8AF3 ] C:\Program Files\PD6GAT98BN\PD6GAT98B.exe
16:06:37.0505 0x0770 3AXV8OEUN4 - ok
16:06:37.0632 0x0770 [ 9B5E5E7A5E8E8030691AA223B507BE22, DD0986D2BCF1AF56BE123AA71B37FDF5BC24FE7ED16A0517A0E7386DAE7F8AF3 ] C:\Program Files\1MHZYOASN6\1MHZYOASN.exe
16:06:37.0657 0x0770 HNL4YO6AL3 - ok
16:06:37.0843 0x0770 [ 43AF03FAAF7576B62277DC9E652EBCF7, 9376D2C30AD2057514E94FDDBD9C40D7BCC90BABA8C304AEB935E1D170F8665C ] C:\Users\Simone\AppData\Local\Temp\{f30-7c-05-d44b6-9acc1-50f4-c78c9}\dKC_'A9&gb.exe
16:06:37.0893 0x0770 dKC_'A9&gb.exe - ok
16:06:37.0986 0x0770 [ 9B5E5E7A5E8E8030691AA223B507BE22, DD0986D2BCF1AF56BE123AA71B37FDF5BC24FE7ED16A0517A0E7386DAE7F8AF3 ] C:\Program Files\ZVS7GTP3PI\ZVS7GTP3P.exe
16:06:38.0011 0x0770 LWBRVZM4VU - ok
16:06:38.0033 0x0770 Win FW state via NFP2: enabled ( trusted )
16:06:38.0034 0x0770 ============================================================
16:06:38.0034 0x0770 Scan finished
16:06:38.0034 0x0770 ============================================================
16:06:38.0047 0x0878 Detected object count: 0
16:06:38.0047 0x0878 Actual detected object count: 0
16:07:25.0252 0x0abc Deinitialize success
Malewarebytes Antirootkit hatte etwas gefunden und behoben, TDSSkiller hat nichts gefunden. |
|
24.01.2017, 16:12
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Willkürliche Werbetabs in Firefox Was sollst du machen wenn MBAR fündig wurde?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.01.2017, 16:15
| #8 |
| | Willkürliche Werbetabs in Firefox Noch einmal einen Scan durchführen, dieser läuft schon. Wollte nur schonmal die vorhandenen Logs mitteilen. Da der Scan am längsten dauert. |
|
24.01.2017, 16:17
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Willkürliche Werbetabs in Firefox ok 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.01.2017, 16:42
| #10 |
| | Willkürliche Werbetabs in Firefox Alles klar. Scan ist abgeschlossen und dieser hat nichts mehr gefunden. Leider besteht das Problem immer noch, da sich während des Scans (habe nicht mitgezählt) bestimmt 25 tabs geöffnet hatten. |
|
24.01.2017, 22:01
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Willkürliche Werbetabs in Firefox Wir sindnach MBAR auch noch nicht fertig... Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.01.2017, 22:01
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Willkürliche Werbetabs in Firefox Wir sindnach MBAR auch noch nicht fertig... Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.01.2017, 16:04
| #13 |
| | Willkürliche Werbetabs in FirefoxCode:
ATTFilter # AdwCleaner v6.042 - Bericht erstellt am 26/01/2017 um 15:54:37
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-26.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Simone - SIMONE-PC
# Gestartet von : C:\Users\Simone\Downloads\AdwCleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Simone\AppData\Local\BrowserAir
[-] Ordner gelöscht: C:\Users\Simone\AppData\Roaming\tlerauic
[-] Ordner gelöscht: C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserAir
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Simone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BrowserAir.lnk
[-] Datei gelöscht: C:\Users\Simone\Desktop\BrowserAir.lnk
[-] Datei gelöscht: C:\Windows\SysNative\zdengine64.dll
[#] Datei gelöscht: C:\Windows\SysNative\NetUtils2016.dll
[-] Datei gelöscht: C:\Windows\SysNative\drivers\NetUtils2016.sys
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: IBUpd
[-] Aufgabe gelöscht: IBUpd2
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Clients\StartMenuInternet\BrowserAir.WMLQZ7GM4ZWZFAGLWIKO22PMWY
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\jhdbca
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\BrowserAir
[-] Schlüssel gelöscht: HKU\S-1-5-21-2803453848-642829566-3864579339-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserAir
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\jhdbca
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\BrowserAir
[-] Schlüssel gelöscht: HKLM\SOFTWARE\BrowserAir
[-] Schlüssel gelöscht: HKLM\SOFTWARE\jhdbca
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserAir
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\BrowserAir
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\jhdbca
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserAir
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\BrowserairExec.exe
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "keyword.URL" - "hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=h1oztrmbl10bu,36cd9532-8ba9-4cc9-a5da-eb5d10b15e66,"
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [12193 Bytes] - [26/01/2017 15:42:21]
C:\AdwCleaner\AdwCleaner[C2].txt - [2997 Bytes] - [26/01/2017 15:54:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [12087 Bytes] - [26/01/2017 15:39:00]
C:\AdwCleaner\AdwCleaner[S1].txt - [3088 Bytes] - [26/01/2017 15:53:22]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3217 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64
Ran by Simone (Administrator) on 26.01.2017 at 15:58:20,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 27
Successfully deleted: C:\Users\Simone\Appdata\LocalLow\datamngr (Folder)
Successfully deleted: C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\search.lnk (Shortcut)
Successfully deleted: C:\Windows\system32\Tasks\SMW_UpdateTask_Time_333530353338353337312d3437415a556c2a3223346c41 (Task)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01QF9BOW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VBLQD88 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Q6GK183 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C365LJTZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQAA9AW9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P8WD2Q1R (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WVDT14PB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Simone\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YPN8KOWI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01QF9BOW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VBLQD88 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Q6GK183 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C365LJTZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQAA9AW9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P8WD2Q1R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WVDT14PB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YPN8KOWI (Temporary Internet Files Folder)
Registry: 6
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\F06DEFF2-5B9C-490D-910F-35D3A91196222 (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5970C4E2-FE63-4A58-BCAD-492B21182195} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.01.2017 at 16:01:25,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
26.01.2017, 16:19
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Willkürliche Werbetabs in Firefox Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen: 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.01.2017, 16:19
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Willkürliche Werbetabs in Firefox Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Willkürliche Werbetabs in Firefox |
| exoclick, firefox, geholfen, günstigen, hoffe, jahre, malware, marke, mobile, nicht, preise, problem, schließ, schließt, schonmal, seiten, sekunden, selbstständig, tab, trotz, viren, web, werbe, werbetabs, überhaupt |
Linear-Darstellung
