Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.05.2014, 19:15   #1
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Hallo zusammen, nachdem ich vor einiger Zeit schon mal Hilfe bei euch gefunden habe, hoffe ich auch dieses mal wieder auf eure Unterstützung.
Vielen Dank dafür schon mal im Voraus!

Stinger hat einen Fund gemeldet, hier der entsprechende Log:

Code:
ATTFilter
<HTML><HEAD> <TITLE>
McAfee Stinger Scan Results</TITLE></HEAD><BODY BGCOLOR=#ffffff><H1 ALIGN=CENTER>
McAfee Stinger Scan Results</H1><H2 ALIGN=CENTER><HR></H2><meta http-equiv="Content-Type"  content="text/html;charset=UTF-8"/><PRE>
McAfee® Labs Stinger™ Version 12.1.0.893 built on May  9 2014 at 12:15:37
Copyright© 2014, McAfee, Inc. All Rights Reserved.

AV Engine version v5610.1040 for Windows.
Virus data file v1000.0 created on May 9, 2014
Ready to scan for 6348 viruses, trojans and variants.

Custom scan initiated on Samstag, Mai 10, 2014 14:10:29


Rootkit scan result : Not Scanned.


C:\Documents and Settings\All Users\Application Data\czonofs.dat [MD5:4f37bb0a5e3b45a2fea77998b1964441] is infected with Trojan-FDXU!4F37BB0A5E3B
C:\Documents and Settings\All Users\Application Data\czonofs.dat has been Deleted

Summary Report on C:
File(s)
	TotalFiles:............	668818
	Clean:.................	425050
	Not Scanned:........... 243767
	Possibly Infected:.....	1

Time: 01:36:13

Scan completed on Samstag, Mai 10, 2014 15:46:42
         
Hier auch noch die anderen Logdateien:

FRST.txt:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014
Ran by mip-admin (administrator) on ESMERALDA on 10-05-2014 15:53:26
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc)
HKLM\...\Run: [Ocs_SM] => C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-05-02] (OCS)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-04-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-04-25] (Iminent)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-18] (AVAST Software)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ATTENTION
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [yaeqlbdy] => regsvr32.exe "C:\ProgramData\yaeqlbdy.dat"
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\MountPoints2: {30586661-a7e5-11e2-be89-806e6f6e6963} - "D:\start.exe" 
AppInit_DLLs-x32: c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll => "c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll" File Not Found
Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\mip-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = 
SearchScopes: HKCU - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://www.google.com"
CHR Extension: (Google Docs) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-10]
CHR Extension: (Google Drive) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-10]
CHR Extension: (YouTube) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-10]
CHR Extension: (Google-Suche) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-10]
CHR Extension: (Iminent) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2014-05-10]
CHR Extension: (Google Wallet) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-10]
CHR Extension: (Google Mail) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-10]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Chef\AppData\Roaming\BabSolution\CR\delta2.crx [2013-05-02]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - C:\Program Files (x86)\Iminent\Iminent.crx [2013-05-02]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-18] (AVAST Software)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 SearchAnonymizer; C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-05-02] ()
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3047744 2014-05-08] (Iminent)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-01-18] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-30] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2014-01-18] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2014-01-18] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [79672 2014-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-18] ()
S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-10 15:53 - 2014-05-10 15:53 - 00000000 ____D () C:\FRST
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 _____ () C:\Users\mip-admin\defogger_reenable
2014-05-10 15:49 - 2014-05-10 15:50 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_154947.html
2014-05-10 15:13 - 2014-05-10 15:13 - 02065408 _____ (Farbar) C:\Users\mip-admin\Downloads\FRST64.exe
2014-05-10 15:13 - 2014-05-10 15:13 - 00380416 _____ () C:\Users\mip-admin\Downloads\Gmer-19357.exe
2014-05-10 15:11 - 2014-05-10 15:53 - 00000000 ____D () C:\Users\mip-admin\Desktop\Viren Heilung
2014-05-10 15:11 - 2014-05-10 15:11 - 00050477 _____ () C:\Users\mip-admin\Downloads\Defogger.exe
2014-05-10 14:47 - 2014-05-10 14:47 - 00512784 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avastclear_9.0.2013.exe
2014-05-10 14:10 - 2014-05-10 15:46 - 00001085 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_141029.html
2014-05-10 14:10 - 2014-05-10 14:10 - 00000000 ____D () C:\Quarantine
2014-05-10 14:07 - 2014-05-10 14:08 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_140737.html
2014-05-10 14:05 - 2014-05-10 14:05 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Macromedia
2014-05-10 14:04 - 2014-05-10 15:51 - 00000122 ___RH () C:\Users\mip-admin\Downloads\Stinger.opt
2014-05-10 14:04 - 2014-05-10 15:51 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-05-10 14:04 - 2014-05-10 14:04 - 10653032 _____ (McAfee Inc) C:\Users\mip-admin\Downloads\stinger32.exe
2014-05-10 13:57 - 2014-05-10 13:58 - 88882192 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avast_free_antivirus_setup.exe
2014-05-10 13:51 - 2014-05-10 14:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1033
2014-05-10 13:50 - 2014-05-10 14:06 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Google
2014-05-10 13:48 - 2014-05-10 13:48 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\bitcasa
2014-05-10 13:47 - 2014-05-10 13:47 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Intel Corporation
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Canon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Samsung
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Power2Go8
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Adobe
2014-05-10 13:45 - 2014-05-10 13:50 - 00002259 _____ () C:\Users\mip-admin\Desktop\Google Chrome.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00001450 _____ () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Adobe
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\VirtualStore
2014-05-10 13:43 - 2014-05-10 15:52 - 00000000 ____D () C:\Users\mip-admin
2014-05-10 13:43 - 2014-05-10 13:45 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Packages
2014-05-10 13:43 - 2014-05-10 13:43 - 00000020 ___SH () C:\Users\mip-admin\ntuser.ini
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Vorlagen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Startmenü
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Netzwerkumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Lokale Einstellungen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Eigene Dateien
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Druckumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Musik
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Bilder
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Verlauf
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Synaptics
2014-05-10 13:43 - 2014-03-15 21:13 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-10 13:43 - 2013-06-24 13:29 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-10 13:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-10 13:43 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-10 13:21 - 2014-05-10 13:23 - 00000000 ___HD () C:\windows\AxInstSV
2014-05-10 13:20 - 2014-05-10 13:32 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\QuickScan
2014-05-08 20:15 - 2014-05-08 20:15 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-08 19:52 - 2014-05-08 19:52 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-08 19:52 - 2014-05-08 19:52 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-06 21:38 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 21:38 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 21:38 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 21:38 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 21:38 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-02 20:18 - 2014-04-23 01:47 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-02 20:18 - 2014-04-23 01:47 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-02 20:17 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-02 20:17 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-02 20:17 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-02 20:17 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 12:22 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 12:22 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 12:22 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 12:22 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 12:22 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 12:22 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 12:22 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 12:22 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 12:22 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 12:22 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 12:22 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 12:22 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 12:22 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 12:22 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 12:22 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-12 12:21 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 12:21 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 12:21 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 12:20 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 12:20 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 12:20 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 12:20 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 12:20 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 12:20 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 12:20 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 12:20 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

==================== One Month Modified Files and Folders =======

2014-05-10 15:53 - 2014-05-10 15:53 - 00000000 ____D () C:\FRST
2014-05-10 15:53 - 2014-05-10 15:11 - 00000000 ____D () C:\Users\mip-admin\Desktop\Viren Heilung
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 _____ () C:\Users\mip-admin\defogger_reenable
2014-05-10 15:52 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin
2014-05-10 15:51 - 2014-05-10 14:04 - 00000122 ___RH () C:\Users\mip-admin\Downloads\Stinger.opt
2014-05-10 15:51 - 2014-05-10 14:04 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-05-10 15:50 - 2014-05-10 15:49 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_154947.html
2014-05-10 15:46 - 2014-05-10 14:10 - 00001085 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_141029.html
2014-05-10 15:24 - 2013-05-04 22:30 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-10 15:15 - 2013-01-25 05:10 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-05-10 15:13 - 2014-05-10 15:13 - 02065408 _____ (Farbar) C:\Users\mip-admin\Downloads\FRST64.exe
2014-05-10 15:13 - 2014-05-10 15:13 - 00380416 _____ () C:\Users\mip-admin\Downloads\Gmer-19357.exe
2014-05-10 15:11 - 2014-05-10 15:11 - 00050477 _____ () C:\Users\mip-admin\Downloads\Defogger.exe
2014-05-10 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-05-10 14:47 - 2014-05-10 14:47 - 00512784 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avastclear_9.0.2013.exe
2014-05-10 14:47 - 2013-01-25 03:52 - 01124203 _____ () C:\windows\WindowsUpdate.log
2014-05-10 14:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-05-10 14:10 - 2014-05-10 14:10 - 00000000 ____D () C:\Quarantine
2014-05-10 14:08 - 2014-05-10 14:07 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_140737.html
2014-05-10 14:06 - 2014-05-10 13:50 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Google
2014-05-10 14:06 - 2013-05-02 21:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-10 14:05 - 2014-05-10 14:05 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Macromedia
2014-05-10 14:04 - 2014-05-10 14:04 - 10653032 _____ (McAfee Inc) C:\Users\mip-admin\Downloads\stinger32.exe
2014-05-10 14:01 - 2014-05-10 13:51 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1033
2014-05-10 14:01 - 2013-05-02 15:00 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1001
2014-05-10 13:58 - 2014-05-10 13:57 - 88882192 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avast_free_antivirus_setup.exe
2014-05-10 13:50 - 2014-05-10 13:45 - 00002259 _____ () C:\Users\mip-admin\Desktop\Google Chrome.lnk
2014-05-10 13:48 - 2014-05-10 13:48 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\bitcasa
2014-05-10 13:47 - 2014-05-10 13:47 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Intel Corporation
2014-05-10 13:47 - 2013-01-25 04:58 - 00000000 ____D () C:\ProgramData\WinClon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Canon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Samsung
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Power2Go8
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Adobe
2014-05-10 13:46 - 2013-05-02 13:55 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-05-10 13:45 - 2014-05-10 13:45 - 00001450 _____ () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-10 13:45 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Packages
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Adobe
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\VirtualStore
2014-05-10 13:43 - 2014-05-10 13:43 - 00000020 ___SH () C:\Users\mip-admin\ntuser.ini
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Vorlagen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Startmenü
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Netzwerkumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Lokale Einstellungen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Eigene Dateien
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Druckumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Musik
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Bilder
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Verlauf
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Synaptics
2014-05-10 13:43 - 2013-05-18 13:48 - 00000000 ___RD () C:\Users\Chef\Dropbox
2014-05-10 13:43 - 2013-05-18 13:46 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\Dropbox
2014-05-10 13:43 - 2013-05-04 22:30 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 13:42 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-10 13:41 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-10 13:32 - 2014-05-10 13:20 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\QuickScan
2014-05-10 13:23 - 2014-05-10 13:21 - 00000000 ___HD () C:\windows\AxInstSV
2014-05-10 13:21 - 2013-07-28 16:36 - 00000000 ____D () C:\Users\Chef\AppData\Local\CrashDumps
2014-05-10 13:19 - 2013-05-04 22:30 - 00004098 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 13:19 - 2013-05-04 22:30 - 00003862 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-10 13:13 - 2013-01-25 20:54 - 00754172 _____ () C:\windows\system32\perfh007.dat
2014-05-10 13:13 - 2013-01-25 20:54 - 00156362 _____ () C:\windows\system32\perfc007.dat
2014-05-10 13:13 - 2012-07-26 09:28 - 01748838 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-08 20:15 - 2014-05-08 20:15 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-08 20:15 - 2013-01-25 04:47 - 00000000 ____D () C:\ProgramData\Intel
2014-05-08 20:05 - 2012-08-05 23:07 - 00860322 _____ () C:\windows\PFRO.log
2014-05-08 20:05 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-05-08 19:53 - 2013-01-25 04:42 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-08 19:52 - 2014-05-08 19:52 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-08 19:52 - 2014-05-08 19:52 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-08 19:52 - 2013-01-25 04:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-04-29 16:14 - 2014-05-02 20:17 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-02 20:17 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-23 01:47 - 2014-05-02 20:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2014-05-02 20:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-19 19:06 - 2014-03-02 12:37 - 00000000 ____D () C:\Users\Chef\Documents\Arztadressen
2014-04-19 11:39 - 2014-05-06 21:38 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 21:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 21:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 21:38 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 21:38 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-15 11:11 - 2013-05-02 13:55 - 00000000 ___RD () C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-15 11:11 - 2013-05-02 13:55 - 00000000 ___RD () C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 20:18 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 20:17 - 2013-08-21 16:51 - 00000000 ____D () C:\windows\system32\MRT
2014-04-14 20:16 - 2013-05-03 10:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 19:52

==================== End Of Log ============================
         
ADDITION.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-05-2014
Ran by mip-admin at 2014-05-10 15:54:11
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D1FE6D8B-E5EE-5205-3E53-CDA000257D99}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2011 - Avast Software)
Bitcasa version 0.9.20.4133 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4133 - Bitcasa Inc.)
BrowserProtect (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - ) <==== ATTENTION
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP3300 Benutzerregistrierung (HKLM-x32\...\Canon iP3300 Benutzerregistrierung) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Delta) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.16.16 - Delta) <==== ATTENTION
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Help Desk (HKLM\...\{3D85CD3F-00E0-4E14-82D6-1F9397DDD09B}) (Version: 1.0.8 - Samsung Electronics CO., LTD.)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.17.41.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.17.41.0 - Iminent) Hidden <==== ATTENTION
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystic Gallery (HKLM-x32\...\Mystic Gallery) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.7.2 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{3EB3E946-FB88-45C2-A19B-410D254657D9}) (Version: 2.1.20 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{F5B5BA56-8FEB-494B-84E6-C8DA9C2BEE50}) (Version: 2.1.6 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
User Guide (HKLM-x32\...\{C7588111-1A12-4EFE-8CA0-DA4344480D92}) (Version: 1.4.00 - Samsung Electronics CO., LTD.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)

==================== Restore Points  =========================

22-03-2014 16:42:52 Windows Update
12-04-2014 10:12:36 Windows Update
02-05-2014 18:13:40 Windows Update
10-05-2014 11:39:43 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04DEB689-306C-496A-9364-1CDF17180B35} - System32\Tasks\AdobeAAMUpdater-1.0-Esmeralda-Chef => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {06A4AD44-E164-481C-97E7-4FD0C13BE49F} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-11-30] (Samsung Electronics CO., LTD.)
Task: {12DF29B0-55C0-4F02-B631-39303CF52C98} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-18] (AVAST Software)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2033F2F4-84BB-4548-B145-D214EC365DC7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C06C0B3-58E7-4594-902F-FD6D297592DB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {4AA7E9A4-D73C-4C6B-B81F-A2852332C3C1} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16] (Synaptics Incorporated)
Task: {5346A36B-87BE-40E5-8722-B2BCD8FA1EA4} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {59ED68AC-CE6F-4B61-BE58-F596EDEDC4DE} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-10-25] (Samsung Electronics CO., LTD.)
Task: {69B5829A-2A3F-4578-9042-AEF18736F613} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-10-15] (SEC)
Task: {6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {6E48F844-22D1-44F3-8857-7D0452415727} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {967D187D-5A2C-46BE-A6C3-30EFBA3E9BF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB3527A5-705D-4939-A605-964D0470BA71} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D5D7F3E5-83B7-4A72-A6BE-9922EEBF94D7} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F6296C50-6397-4C60-A2CF-0699E5738F57} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {F7C47359-95C7-48FF-9600-437CA42806DE} - System32\Tasks\EPUpdater => C:\Users\Chef\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {FA1864BF-A4CB-4F4A-BB73-CEC9D8738308} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Loaded Modules (whitelisted) =============

2013-05-02 17:43 - 2013-05-02 17:43 - 00040960 _____ () C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2012-11-30 09:26 - 2012-11-30 09:26 - 00082312 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-07-26 09:55 - 2012-07-26 09:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-09-17 10:23 - 2012-09-17 10:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 04:54 - 2012-08-06 04:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-10 13:15 - 2014-05-10 09:41 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051000\algo.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 01068664 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00103032 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-01-25 04:47 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-01-25 05:07 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/10/2014 02:07:00 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16537, Zeitstempel: 0x5123410e
Name des fehlerhaften Moduls: IEFRAME.dll, Version: 10.0.9200.16859, Zeitstempel: 0x531171d2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001038e8
ID des fehlerhaften Prozesses: 0x5c4
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Vollständiger Name des fehlerhaften Pakets: iexplore.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iexplore.exe5

Error: (05/10/2014 01:43:13 PM) (Source: ESENT) (User: ) (EventID: 489)
Description: taskhostex (3992) Versuch, Datei "C:\Users\Chef\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (05/10/2014 01:23:13 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: IEInstal.exe, Version: 10.0.9200.16750, Zeitstempel: 0x5269da59
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000088f42d10
ID des fehlerhaften Prozesses: 0x20a64
Startzeit der fehlerhaften Anwendung: 0xIEInstal.exe0
Pfad der fehlerhaften Anwendung: IEInstal.exe1
Pfad des fehlerhaften Moduls: IEInstal.exe2
Berichtskennung: IEInstal.exe3
Vollständiger Name des fehlerhaften Pakets: IEInstal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEInstal.exe5

Error: (05/10/2014 01:21:15 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: IEInstal.exe, Version: 10.0.9200.16750, Zeitstempel: 0x5269da59
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000088f42d10
ID des fehlerhaften Prozesses: 0x20448
Startzeit der fehlerhaften Anwendung: 0xIEInstal.exe0
Pfad der fehlerhaften Anwendung: IEInstal.exe1
Pfad des fehlerhaften Moduls: IEInstal.exe2
Berichtskennung: IEInstal.exe3
Vollständiger Name des fehlerhaften Pakets: IEInstal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEInstal.exe5

Error: (05/10/2014 01:11:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Esmeralda) (EventID: 5973)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/10/2014 01:11:12 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1dd44

Startzeit: 01cf6c408219807f

Endzeit: 4294967295

Anwendungspfad: C:\windows\system32\wwahost.exe

Berichts-ID: cac1f060-d833-11e3-beba-208984a59691

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/09/2014 06:48:25 PM) (Source: Customer Experience Improvement Program) (User: ) (EventID: 1008)
Description: 80070005

Error: (05/07/2014 04:11:04 PM) (Source: Customer Experience Improvement Program) (User: ) (EventID: 1008)
Description: 80070005

Error: (05/07/2014 01:24:37 PM) (Source: ATIeRecord) (User: ) (EventID: 16388)
Description: ATI EEU Client event error

Error: (05/06/2014 07:56:12 PM) (Source: ATIeRecord) (User: ) (EventID: 16391)
Description: ATI EEU maximum number of session has been surpassed


System errors:
=============
Error: (05/10/2014 02:07:38 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/10/2014 02:07:38 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/10/2014 02:07:37 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/10/2014 01:41:47 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) (EventID: 6)
Description: 0xc000014d0

Error: (05/10/2014 01:25:02 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) (EventID: 6)
Description: 0xc000014d0

Error: (05/08/2014 08:05:49 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) (EventID: 6)
Description: 0xc000014d0

Error: (05/07/2014 03:00:17 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "avast! EmHWID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (05/06/2014 07:58:05 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) (EventID: 6)
Description: 0xc000014d0

Error: (05/06/2014 07:56:10 PM) (Source: DCOM) (User: Esmeralda) (EventID: 10010)
Description: {787D01C9-AA41-4D81-90A6-4E44557CF902}

Error: (04/28/2014 07:09:36 PM) (Source: Schannel) (User: NT-AUTORITÄT) (EventID: 4120)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.


Microsoft Office Sessions:
=========================
Error: (05/10/2014 02:07:00 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: iexplore.exe10.0.9200.165375123410eIEFRAME.dll10.0.9200.16859531171d2c000000500000000001038e85c401cf6c480d3af57cC:\Program Files\Internet Explorer\iexplore.exeC:\windows\SYSTEM32\IEFRAME.dll97050ba4-d83b-11e3-bebc-208984a59691

Error: (05/10/2014 01:43:13 PM) (Source: ESENT) (User: ) (EventID: 489)
Description: taskhostex3992C:\Users\Chef\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (05/10/2014 01:23:13 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: IEInstal.exe10.0.9200.167505269da59unknown0.0.0.000000000c00000050000000088f42d1020a6401cf6c423a6981fdC:\Program Files\Internet Explorer\IEInstal.exeunknown78a8d198-d835-11e3-beba-208984a59691

Error: (05/10/2014 01:21:15 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: IEInstal.exe10.0.9200.167505269da59unknown0.0.0.000000000c00000050000000088f42d102044801cf6c41f43a8678C:\Program Files\Internet Explorer\IEInstal.exeunknown329ddec4-d835-11e3-beba-208984a59691

Error: (05/10/2014 01:11:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Esmeralda) (EventID: 5973)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927142

Error: (05/10/2014 01:11:12 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: wwahost.exe6.2.9200.164201dd4401cf6c408219807f4294967295C:\windows\system32\wwahost.execac1f060-d833-11e3-beba-208984a59691Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbweApp

Error: (05/09/2014 06:48:25 PM) (Source: Customer Experience Improvement Program) (User: ) (EventID: 1008)
Description: 80070005

Error: (05/07/2014 04:11:04 PM) (Source: Customer Experience Improvement Program) (User: ) (EventID: 1008)
Description: 80070005

Error: (05/07/2014 01:24:37 PM) (Source: ATIeRecord) (User: ) (EventID: 16388)
Description: 

Error: (05/06/2014 07:56:12 PM) (Source: ATIeRecord) (User: ) (EventID: 16391)
Description: 


==================== Memory info =========================== 

Percentage of memory in use: 22%
Total physical RAM: 8083.41 MB
Available physical RAM: 6274.82 MB
Total Pagefile: 9299.42 MB
Available Pagefile: 6443.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:436.5 GB) (Free:389.05 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         

und hier auch noch die GMER.txt:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-10 16:03:05
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002a  rev. 0,00MB
Running: Gmer-19357.exe; Driver: C:\Users\mip-admin\AppData\Local\Temp\kwliapow.sys


---- Kernel code sections - GMER 2.1 ----

.text    C:\windows\System32\win32k.sys!W32pServiceTable                                                                                                                                     fffff960001f8e00 7 bytes [00, 77, 82, 01, 00, 57, F2]
.text    C:\windows\System32\win32k.sys!W32pServiceTable + 8                                                                                                                                 fffff960001f8e08 7 bytes [01, 42, C0, FF, 00, 17, DB]

---- User code sections - GMER 2.1 ----

.text    C:\windows\system32\svchost.exe[904] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                          000007fea0d3f81b 1 byte [62]
.text    C:\windows\System32\svchost.exe[1140] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                         000007fea0d3f81b 1 byte [62]
.text    C:\windows\system32\wbem\wmiprvse.exe[2940] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                   000007fea0d3f81b 1 byte [62]
.text    C:\windows\system32\SearchIndexer.exe[3912] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                   000007fea0d3f81b 1 byte [62]
.text    C:\windows\Explorer.EXE[880] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                  000007fea0d3f81b 1 byte [62]
.text    C:\windows\system32\AUDIODG.EXE[1948] C:\windows\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                         000007fea0d3f81b 1 byte [62]

---- Threads - GMER 2.1 ----

Thread   C:\windows\system32\csrss.exe [4244:4380]                                                                                                                                           fffff960008585e8
---- Processes - GMER 2.1 ----

Process  C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe (*** suspicious ***) @ C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [1508](2013-05-02 15:43:02)  0000000000ff0000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                               unknown MBR code
Disk     \Device\Harddisk0\DR0                                                                                                                                                               sector 0: rootkit-like behavior

---- EOF - GMER 2.1 ----
         
Danke euch vielmals für eure Hilfe!

Grüße Christian

Alt 10.05.2014, 20:19   #2
Machiavelli
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Hallo und willkommen an Board, trojakick

Mein Name ist Machiavelli und werde bei Deinem Malware Problemen behilflich sein. Falls Du Dich im abgesicherten Modus befindest, würde ich Dir raten, alle Anweisungen von mir auszudrucken, um besseren Überblick auf die Gesamtsituation zu bekommen. Ich bin hier im Malwareteam und daher ist es mir möglich, Dir zu helfen.

Damit eine Bereinigung ermöglicht werden kann, musst Du ein paar Regeln/Tipps beachten:
  • Malware zu entfernen ist normalerweise recht schwierig
    Heutige Malware kann sich sehr gut verstecken, so kann es sein, dass es bestimmte Tools nicht sehen. Eine Neuinstallation ist daher oft das klügere.
  • Bitte folge meinen Anweisung bis in das kleinste Detail
    Falls Du was falsches machst, wie z.B. irgendwas fixt, was nicht durch mich genehmigt wurde, kann der PC dadurch beschädigt werden. Daher folge meinen Anweisungen ganz genau
  • Bleibe mit mir in Kontakt, bis Deine Probleme vollständig gelöst sind
    Themen, in welchen innerhalb von 4 Tagen keine Antwort gepostet wird, werden geschlossen.
  • Bitte lasse keine anderen Tools laufen, während ich bereinige
    Wenn Du Tools wie z.B. Malwarebytes etc. ohne meines Wissens laufen lässt, kann es unter Umständen Ergebnisse verfälschen.
  • Ließ meine Posts vollständig durch
    Falls nicht, kann das zu schwerwiegenden Problemen (z.B. PC bootet nicht mehr) führen oder der Prozess der Malwareentfernung wird länger


Ich melde mich mit weiteren Anweisungen später.
__________________


Alt 10.05.2014, 20:38   #3
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Hallo Machiavelli,

ich habe gerade noch den ESET OnlineScanner laufen lassen.
der Scan lief jetzt knapp über eine Stunde.
Hier das entsprechende Ergebnis:

Code:
ATTFilter
C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaApp.dll	Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaEng.dll	möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\deltasrv.exe	Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll	Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\escortShld.dll	Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\uninstall.exe	Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll	Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung
C:\Users\Chef\AppData\Roaming\BabSolution\CR\delta2.crx	Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung
C:\Users\Chef\AppData\Roaming\BabSolution\Shared\BabMaint.exe	Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung
Arbeitsspeicher	Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung
         
Danke für deine Mühe! Grüße Christian
__________________

Alt 10.05.2014, 20:40   #4
Machiavelli
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Hallo,
da hat sich einiges angehäuft.

Das macht mir am meisten Sorge:
Zitat:
Disk \Device\Harddisk0\DR0 unknown MBR code
Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior
Schritt 1: Chrome Extension
  • Starte Chrome und gib folgendes in die Adresszeile ein: chrome:extensions
  • Drücke auf Enter. Das wird Dir eine Liste von Extensions geben, welche in Chrome installiert sind. Bitte entferne folgende Extension, indem man auf das Papierkorbsymbol neben dem jeweiligen Extension klickt.

Bitte entferne diese Extensions:
  • Iminent

Schritt 2: Uninstalls

Bitte deinstalliere folgende Programme:
  • BrowserProtect
  • Delta Chrome Toolbar
  • Delta toolbar
  • Iminent

Schritt 3: FRST Fix

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-04-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-04-25] (Iminent)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ATTENTION
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [yaeqlbdy] => regsvr32.exe "C:\ProgramData\yaeqlbdy.dat"
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\MountPoints2: {30586661-a7e5-11e2-be89-806e6f6e6963} - "D:\start.exe" 
AppInit_DLLs-x32: c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll => "c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll" File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = 
SearchScopes: HKCU - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = 
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3047744 2014-05-08] (Iminent)
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Task: {6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {F7C47359-95C7-48FF-9600-437CA42806DE} - System32\Tasks\EPUpdater => C:\Users\Chef\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
C:\Program Files (x86)\Delta
C:\Users\Chef\AppData\Roaming\BabSolution
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 4: Adwarecleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 5: Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Schritt 6: FRST Scan




Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

Schritt 7: TDSSKiller

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt 8: Frage

Wie läuft Dein System nun?

Geändert von Machiavelli (10.05.2014 um 20:49 Uhr)

Alt 10.05.2014, 21:35   #5
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Hallo Machiavelli,

hier die Fixlog.txt:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-05-2014
Ran by mip-admin at 2014-05-10 21:53:25 Run:1
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-04-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-04-25] (Iminent)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ATTENTION
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [yaeqlbdy] => regsvr32.exe "C:\ProgramData\yaeqlbdy.dat"
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\MountPoints2: {30586661-a7e5-11e2-be89-806e6f6e6963} - "D:\start.exe" 
AppInit_DLLs-x32: c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll => "c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll" File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = 
SearchScopes: HKCU - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = 
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3047744 2014-05-08] (Iminent)
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Task: {6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {F7C47359-95C7-48FF-9600-437CA42806DE} - System32\Tasks\EPUpdater => C:\Users\Chef\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
C:\Program Files (x86)\Delta
C:\Users\Chef\AppData\Roaming\BabSolution
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Iminent => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\IminentMessenger => Value not found.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-2669165515-361187302-876288576-1001\Software\Microsoft\Windows\CurrentVersion\Run\\yaeqlbdy => Value not found.
HKU\S-1-5-21-2669165515-361187302-876288576-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30586661-a7e5-11e2-be89-806e6f6e6963} => Key not found.
HKCR\CLSID\{30586661-a7e5-11e2-be89-806e6f6e6963} => Key not found.
"c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{38B7222B-4B2A-4275-BD2A-70DC0BE165A6} => Key deleted successfully.
HKCR\CLSID\{38B7222B-4B2A-4275-BD2A-70DC0BE165A6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key not found.
HKCR\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Value not found.
HKCR\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => Value deleted successfully.
HKCR\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
SProtection => Service not found.
C:\ProgramData\MakeMarkerFile.exe => Moved successfully.
C:\Users\EasySurvey\EasySurvey.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} => Key deleted successfully.
C:\Windows\System32\Tasks\BrowserProtect => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7C47359-95C7-48FF-9600-437CA42806DE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C47359-95C7-48FF-9600-437CA42806DE} => Key deleted successfully.
C:\Windows\System32\Tasks\EPUpdater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully.
"C:\Program Files (x86)\Delta" => File/Directory not found.
C:\Users\Chef\AppData\Roaming\BabSolution => Moved successfully.

==== End of Fixlog ====
         
hier das Logfile von ADW:

Code:
ATTFilter
# AdwCleaner v3.207 - Bericht erstellt am 10/05/2014 um 21:58:13
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : mip-admin - ESMERALDA
# Gestartet von : C:\Users\mip-admin\Desktop\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : SearchAnonymizer

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gefunden : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Ordner Gefunden : C:\Program Files (x86)\Iminent
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\DesktopIconForAmazon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\file scout
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\Iminent
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\OCS
Ordner Gefunden : C:\Users\mip-admin\AppData\LocalLow\Delta

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : HKLM\SOFTWARE\80dc8fb73bec48
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Speedchecker Limited
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Startup_urls] : hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91
Gefunden [Homepage] : hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91
Gefunden [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gefunden [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl

[ Datei : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl

*************************

AdwCleaner[R0].txt - [12086 octets] - [10/05/2014 21:58:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12147 octets] ##########
         
JRT.txt:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by mip-admin on 10.05.2014 at 22:12:56,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\mip-admin\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.05.2014 at 22:22:34,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST.txt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014
Ran by mip-admin (administrator) on ESMERALDA on 10-05-2014 22:24:15
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc)
HKLM\...\Run: [Ocs_SM] => C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-05-02] (OCS)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-18] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\mip-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.com"
CHR Extension: (Google Docs) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-10]
CHR Extension: (Google Drive) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-10]
CHR Extension: (YouTube) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-10]
CHR Extension: (Google-Suche) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-10]
CHR Extension: (Google Wallet) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-10]
CHR Extension: (Google Mail) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-10]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-18] (AVAST Software)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 SearchAnonymizer; C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-05-02] ()
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-01-18] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-30] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2014-01-18] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2014-01-18] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [79672 2014-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-18] ()
S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-10 22:22 - 2014-05-10 22:22 - 00001689 _____ () C:\Users\mip-admin\Desktop\JRT.txt
2014-05-10 22:12 - 2014-05-10 22:12 - 00000000 ____D () C:\windows\ERUNT
2014-05-10 21:58 - 2014-05-10 21:58 - 00000000 ____D () C:\AdwCleaner
2014-05-10 21:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-10 21:56 - 2014-05-10 21:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\mip-admin\Downloads\tdsskiller.exe
2014-05-10 21:56 - 2014-05-10 21:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\mip-admin\Desktop\tdsskiller.exe
2014-05-10 21:55 - 2014-05-10 21:55 - 01016261 _____ (Thisisu) C:\Users\mip-admin\Downloads\JRT.exe
2014-05-10 21:55 - 2014-05-10 21:55 - 01016261 _____ (Thisisu) C:\Users\mip-admin\Desktop\JRT.exe
2014-05-10 21:54 - 2014-05-10 21:54 - 01316991 _____ () C:\Users\mip-admin\Downloads\adwcleaner.exe
2014-05-10 21:54 - 2014-05-10 21:54 - 01316991 _____ () C:\Users\mip-admin\Desktop\adwcleaner.exe
2014-05-10 21:44 - 2014-05-10 21:44 - 00002259 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2014-05-10 21:44 - 2014-05-10 21:44 - 00002259 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2014-05-10 21:44 - 2014-05-10 21:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-10 21:44 - 2014-05-10 21:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-10 20:29 - 2014-05-10 20:29 - 02347384 _____ (ESET) C:\Users\mip-admin\Downloads\esetsmartinstaller_deu.exe
2014-05-10 20:29 - 2014-05-10 20:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-10 15:53 - 2014-05-10 22:24 - 00000000 ____D () C:\FRST
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 _____ () C:\Users\mip-admin\defogger_reenable
2014-05-10 15:49 - 2014-05-10 15:50 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_154947.html
2014-05-10 15:13 - 2014-05-10 15:13 - 02065408 _____ (Farbar) C:\Users\mip-admin\Downloads\FRST64.exe
2014-05-10 15:13 - 2014-05-10 15:13 - 00380416 _____ () C:\Users\mip-admin\Downloads\Gmer-19357.exe
2014-05-10 15:11 - 2014-05-10 22:24 - 00000000 ____D () C:\Users\mip-admin\Desktop\Viren Heilung
2014-05-10 15:11 - 2014-05-10 15:11 - 00050477 _____ () C:\Users\mip-admin\Downloads\Defogger.exe
2014-05-10 14:47 - 2014-05-10 14:47 - 00512784 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avastclear_9.0.2013.exe
2014-05-10 14:10 - 2014-05-10 15:46 - 00001085 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_141029.html
2014-05-10 14:10 - 2014-05-10 14:10 - 00000000 ____D () C:\Quarantine
2014-05-10 14:07 - 2014-05-10 14:08 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_140737.html
2014-05-10 14:05 - 2014-05-10 14:05 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Macromedia
2014-05-10 14:04 - 2014-05-10 15:51 - 00000122 ___RH () C:\Users\mip-admin\Downloads\Stinger.opt
2014-05-10 14:04 - 2014-05-10 15:51 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-05-10 14:04 - 2014-05-10 14:04 - 10653032 _____ (McAfee Inc) C:\Users\mip-admin\Downloads\stinger32.exe
2014-05-10 13:57 - 2014-05-10 13:58 - 88882192 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avast_free_antivirus_setup.exe
2014-05-10 13:51 - 2014-05-10 22:21 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1033
2014-05-10 13:50 - 2014-05-10 14:06 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Google
2014-05-10 13:48 - 2014-05-10 13:48 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\bitcasa
2014-05-10 13:47 - 2014-05-10 13:47 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Intel Corporation
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Canon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Samsung
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Power2Go8
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Adobe
2014-05-10 13:45 - 2014-05-10 13:50 - 00002259 _____ () C:\Users\mip-admin\Desktop\Google Chrome.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00001450 _____ () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Adobe
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\VirtualStore
2014-05-10 13:43 - 2014-05-10 15:52 - 00000000 ____D () C:\Users\mip-admin
2014-05-10 13:43 - 2014-05-10 13:45 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Packages
2014-05-10 13:43 - 2014-05-10 13:43 - 00000020 ___SH () C:\Users\mip-admin\ntuser.ini
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Vorlagen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Startmenü
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Netzwerkumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Lokale Einstellungen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Eigene Dateien
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Druckumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Musik
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Bilder
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Verlauf
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Synaptics
2014-05-10 13:43 - 2014-03-15 21:13 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-10 13:43 - 2013-06-24 13:29 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-10 13:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-10 13:43 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-10 13:21 - 2014-05-10 13:23 - 00000000 ___HD () C:\windows\AxInstSV
2014-05-10 13:20 - 2014-05-10 13:32 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\QuickScan
2014-05-08 20:15 - 2014-05-08 20:15 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-08 19:52 - 2014-05-08 19:52 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-08 19:52 - 2014-05-08 19:52 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-06 21:38 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 21:38 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 21:38 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 21:38 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 21:38 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-02 20:18 - 2014-04-23 01:47 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-02 20:18 - 2014-04-23 01:47 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-02 20:17 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-02 20:17 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-02 20:17 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-02 20:17 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 12:22 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 12:22 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 12:22 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 12:22 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 12:22 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 12:22 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 12:22 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 12:22 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 12:22 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 12:22 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 12:22 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 12:22 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 12:22 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 12:22 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 12:22 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-12 12:21 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 12:21 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 12:21 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 12:20 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 12:20 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 12:20 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 12:20 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 12:20 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 12:20 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 12:20 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 12:20 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

==================== One Month Modified Files and Folders =======

2014-05-10 22:24 - 2014-05-10 15:53 - 00000000 ____D () C:\FRST
2014-05-10 22:24 - 2014-05-10 15:11 - 00000000 ____D () C:\Users\mip-admin\Desktop\Viren Heilung
2014-05-10 22:24 - 2013-05-04 22:30 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-10 22:22 - 2014-05-10 22:22 - 00001689 _____ () C:\Users\mip-admin\Desktop\JRT.txt
2014-05-10 22:21 - 2014-05-10 13:51 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1033
2014-05-10 22:15 - 2013-01-25 05:10 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-05-10 22:12 - 2014-05-10 22:12 - 00000000 ____D () C:\windows\ERUNT
2014-05-10 22:10 - 2013-01-25 20:54 - 00754172 _____ () C:\windows\system32\perfh007.dat
2014-05-10 22:10 - 2013-01-25 20:54 - 00156362 _____ () C:\windows\system32\perfc007.dat
2014-05-10 22:10 - 2012-07-26 09:28 - 01748838 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-10 22:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-05-10 21:58 - 2014-05-10 21:58 - 00000000 ____D () C:\AdwCleaner
2014-05-10 21:56 - 2014-05-10 21:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\mip-admin\Downloads\tdsskiller.exe
2014-05-10 21:56 - 2014-05-10 21:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\mip-admin\Desktop\tdsskiller.exe
2014-05-10 21:55 - 2014-05-10 21:55 - 01016261 _____ (Thisisu) C:\Users\mip-admin\Downloads\JRT.exe
2014-05-10 21:55 - 2014-05-10 21:55 - 01016261 _____ (Thisisu) C:\Users\mip-admin\Desktop\JRT.exe
2014-05-10 21:54 - 2014-05-10 21:54 - 01316991 _____ () C:\Users\mip-admin\Downloads\adwcleaner.exe
2014-05-10 21:54 - 2014-05-10 21:54 - 01316991 _____ () C:\Users\mip-admin\Desktop\adwcleaner.exe
2014-05-10 21:53 - 2013-01-25 04:52 - 00000000 ____D () C:\Users\EasySurvey
2014-05-10 21:49 - 2013-01-25 04:58 - 00000000 ____D () C:\ProgramData\WinClon
2014-05-10 21:46 - 2013-05-04 22:30 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 21:46 - 2012-08-05 23:07 - 00862180 _____ () C:\windows\PFRO.log
2014-05-10 21:46 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-10 21:45 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-05-10 21:44 - 2014-05-10 21:44 - 00002259 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2014-05-10 21:44 - 2014-05-10 21:44 - 00002259 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2014-05-10 21:44 - 2014-05-10 21:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-10 21:44 - 2014-05-10 21:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-10 21:44 - 2013-05-02 17:46 - 00000898 _____ () C:\windows\SysWOW64\InstallUtil.InstallLog
2014-05-10 20:29 - 2014-05-10 20:29 - 02347384 _____ (ESET) C:\Users\mip-admin\Downloads\esetsmartinstaller_deu.exe
2014-05-10 20:29 - 2014-05-10 20:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-10 19:55 - 2013-05-04 22:34 - 00000000 ____D () C:\Program Files\Google
2014-05-10 19:55 - 2013-05-02 21:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-10 19:55 - 2013-01-25 03:52 - 01138338 _____ () C:\windows\WindowsUpdate.log
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 _____ () C:\Users\mip-admin\defogger_reenable
2014-05-10 15:52 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin
2014-05-10 15:51 - 2014-05-10 14:04 - 00000122 ___RH () C:\Users\mip-admin\Downloads\Stinger.opt
2014-05-10 15:51 - 2014-05-10 14:04 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-05-10 15:50 - 2014-05-10 15:49 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_154947.html
2014-05-10 15:46 - 2014-05-10 14:10 - 00001085 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_141029.html
2014-05-10 15:13 - 2014-05-10 15:13 - 02065408 _____ (Farbar) C:\Users\mip-admin\Downloads\FRST64.exe
2014-05-10 15:13 - 2014-05-10 15:13 - 00380416 _____ () C:\Users\mip-admin\Downloads\Gmer-19357.exe
2014-05-10 15:11 - 2014-05-10 15:11 - 00050477 _____ () C:\Users\mip-admin\Downloads\Defogger.exe
2014-05-10 14:47 - 2014-05-10 14:47 - 00512784 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avastclear_9.0.2013.exe
2014-05-10 14:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-05-10 14:10 - 2014-05-10 14:10 - 00000000 ____D () C:\Quarantine
2014-05-10 14:08 - 2014-05-10 14:07 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_140737.html
2014-05-10 14:06 - 2014-05-10 13:50 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Google
2014-05-10 14:05 - 2014-05-10 14:05 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Macromedia
2014-05-10 14:04 - 2014-05-10 14:04 - 10653032 _____ (McAfee Inc) C:\Users\mip-admin\Downloads\stinger32.exe
2014-05-10 14:01 - 2013-05-02 15:00 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1001
2014-05-10 13:58 - 2014-05-10 13:57 - 88882192 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avast_free_antivirus_setup.exe
2014-05-10 13:50 - 2014-05-10 13:45 - 00002259 _____ () C:\Users\mip-admin\Desktop\Google Chrome.lnk
2014-05-10 13:48 - 2014-05-10 13:48 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\bitcasa
2014-05-10 13:47 - 2014-05-10 13:47 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Intel Corporation
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Canon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Samsung
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Power2Go8
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Adobe
2014-05-10 13:46 - 2013-05-02 13:55 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-05-10 13:45 - 2014-05-10 13:45 - 00001450 _____ () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-10 13:45 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Packages
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Adobe
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\VirtualStore
2014-05-10 13:43 - 2014-05-10 13:43 - 00000020 ___SH () C:\Users\mip-admin\ntuser.ini
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Vorlagen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Startmenü
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Netzwerkumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Lokale Einstellungen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Eigene Dateien
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Druckumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Musik
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Bilder
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Verlauf
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Synaptics
2014-05-10 13:43 - 2013-05-18 13:48 - 00000000 ___RD () C:\Users\Chef\Dropbox
2014-05-10 13:43 - 2013-05-18 13:46 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\Dropbox
2014-05-10 13:41 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-10 13:32 - 2014-05-10 13:20 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\QuickScan
2014-05-10 13:23 - 2014-05-10 13:21 - 00000000 ___HD () C:\windows\AxInstSV
2014-05-10 13:21 - 2013-07-28 16:36 - 00000000 ____D () C:\Users\Chef\AppData\Local\CrashDumps
2014-05-10 13:19 - 2013-05-04 22:30 - 00004098 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 13:19 - 2013-05-04 22:30 - 00003862 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 20:15 - 2014-05-08 20:15 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-08 20:15 - 2013-01-25 04:47 - 00000000 ____D () C:\ProgramData\Intel
2014-05-08 19:53 - 2013-01-25 04:42 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-08 19:52 - 2014-05-08 19:52 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-08 19:52 - 2014-05-08 19:52 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-08 19:52 - 2013-01-25 04:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-04-29 16:14 - 2014-05-02 20:17 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-02 20:17 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-23 01:47 - 2014-05-02 20:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2014-05-02 20:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-19 19:06 - 2014-03-02 12:37 - 00000000 ____D () C:\Users\Chef\Documents\Arztadressen
2014-04-19 11:39 - 2014-05-06 21:38 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 21:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 21:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 21:38 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 21:38 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-15 11:11 - 2013-05-02 13:55 - 00000000 ___RD () C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-15 11:11 - 2013-05-02 13:55 - 00000000 ___RD () C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 20:18 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 20:17 - 2013-08-21 16:51 - 00000000 ____D () C:\windows\system32\MRT
2014-04-14 20:16 - 2013-05-03 10:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\mip-admin\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 19:52

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-05-2014
Ran by mip-admin at 2014-05-10 22:24:58
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D1FE6D8B-E5EE-5205-3E53-CDA000257D99}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2011 - Avast Software)
Bitcasa version 0.9.20.4133 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4133 - Bitcasa Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP3300 Benutzerregistrierung (HKLM-x32\...\Canon iP3300 Benutzerregistrierung) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Help Desk (HKLM\...\{3D85CD3F-00E0-4E14-82D6-1F9397DDD09B}) (Version: 1.0.8 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystic Gallery (HKLM-x32\...\Mystic Gallery) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.7.2 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{3EB3E946-FB88-45C2-A19B-410D254657D9}) (Version: 2.1.20 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{F5B5BA56-8FEB-494B-84E6-C8DA9C2BEE50}) (Version: 2.1.6 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
User Guide (HKLM-x32\...\{C7588111-1A12-4EFE-8CA0-DA4344480D92}) (Version: 1.4.00 - Samsung Electronics CO., LTD.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)

==================== Restore Points  =========================

22-03-2014 16:42:52 Windows Update
12-04-2014 10:12:36 Windows Update
02-05-2014 18:13:40 Windows Update
10-05-2014 11:39:43 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04DEB689-306C-496A-9364-1CDF17180B35} - System32\Tasks\AdobeAAMUpdater-1.0-Esmeralda-Chef => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {06A4AD44-E164-481C-97E7-4FD0C13BE49F} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-11-30] (Samsung Electronics CO., LTD.)
Task: {12DF29B0-55C0-4F02-B631-39303CF52C98} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-18] (AVAST Software)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2033F2F4-84BB-4548-B145-D214EC365DC7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C06C0B3-58E7-4594-902F-FD6D297592DB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {4AA7E9A4-D73C-4C6B-B81F-A2852332C3C1} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16] (Synaptics Incorporated)
Task: {5346A36B-87BE-40E5-8722-B2BCD8FA1EA4} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {59ED68AC-CE6F-4B61-BE58-F596EDEDC4DE} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-10-25] (Samsung Electronics CO., LTD.)
Task: {69B5829A-2A3F-4578-9042-AEF18736F613} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-10-15] (SEC)
Task: {6E48F844-22D1-44F3-8857-7D0452415727} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {967D187D-5A2C-46BE-A6C3-30EFBA3E9BF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB3527A5-705D-4939-A605-964D0470BA71} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D5D7F3E5-83B7-4A72-A6BE-9922EEBF94D7} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F6296C50-6397-4C60-A2CF-0699E5738F57} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {FA1864BF-A4CB-4F4A-BB73-CEC9D8738308} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Loaded Modules (whitelisted) =============

2013-05-02 17:43 - 2013-05-02 17:43 - 00040960 _____ () C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2012-11-30 09:26 - 2012-11-30 09:26 - 00082312 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-09-17 10:23 - 2012-09-17 10:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 04:54 - 2012-08-06 04:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-10 19:58 - 2014-05-10 19:02 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051001\algo.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 01068664 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00103032 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-02-15 20:25 - 2014-02-15 20:25 - 00017920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2013-01-25 04:47 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 20%
Total physical RAM: 8083.41 MB
Available physical RAM: 6395.91 MB
Total Pagefile: 9299.42 MB
Available Pagefile: 7463.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:436.5 GB) (Free:388.89 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         


Alt 10.05.2014, 21:48   #6
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



... und noch

tdssKiller:

Code:
ATTFilter
22:28:28.0403 0x04cc  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
22:28:28.0403 0x04cc  UEFI system
22:28:32.0182 0x04cc  ============================================================
22:28:32.0182 0x04cc  Current date / time: 2014/05/10 22:28:32.0182
22:28:32.0182 0x04cc  SystemInfo:
22:28:32.0182 0x04cc  
22:28:32.0183 0x04cc  OS Version: 6.2.9200 ServicePack: 0.0
22:28:32.0183 0x04cc  Product type: Workstation
22:28:32.0183 0x04cc  ComputerName: ESMERALDA
22:28:32.0183 0x04cc  UserName: mip-admin
22:28:32.0183 0x04cc  Windows directory: C:\windows
22:28:32.0183 0x04cc  System windows directory: C:\windows
22:28:32.0183 0x04cc  Running under WOW64
22:28:32.0183 0x04cc  Processor architecture: Intel x64
22:28:32.0183 0x04cc  Number of processors: 4
22:28:32.0183 0x04cc  Page size: 0x1000
22:28:32.0183 0x04cc  Boot type: Normal boot
22:28:32.0183 0x04cc  ============================================================
22:28:33.0209 0x04cc  KLMD registered as C:\windows\system32\drivers\88001823.sys
22:28:33.0337 0x04cc  System UUID: {D437BC67-7EAA-4E43-B6C5-68BD2648411C}
22:28:34.0049 0x04cc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:28:34.0052 0x04cc  ============================================================
22:28:34.0052 0x04cc  \Device\Harddisk0\DR0:
22:28:34.0052 0x04cc  GPT partitions:
22:28:34.0053 0x04cc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8CCDCCCE-8BD0-443E-BDF2-98ECE4D2FFB9}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
22:28:34.0053 0x04cc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {1B8D22C5-B019-4128-B47F-B59716115348}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x96000
22:28:34.0053 0x04cc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1F32624D-B76F-4F7A-9407-205F662553F9}, Name: Microsoft reserved partition, StartLBA 0x190000, BlocksNum 0x40000
22:28:34.0053 0x04cc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0389BCD8-CEDF-471C-8B72-FE81979F1982}, Name: Basic data partition, StartLBA 0x1D0000, BlocksNum 0x368FF00F
22:28:34.0053 0x04cc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A6CFD210-1368-4836-9BF3-73487BBF9FB0}, Name: Basic data partition, StartLBA 0x36ACF00F, BlocksNum 0x36B7000
22:28:34.0053 0x04cc  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C0730760-68B8-4370-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A18600F, BlocksNum 0x200000
22:28:34.0053 0x04cc  MBR partitions:
22:28:34.0053 0x04cc  ============================================================
22:28:34.0086 0x04cc  C: <-> \Device\Harddisk0\DR0\Partition4
22:28:34.0086 0x04cc  ============================================================
22:28:34.0086 0x04cc  Initialize success
22:28:34.0086 0x04cc  ============================================================
22:29:20.0631 0x0560  ============================================================
22:29:20.0631 0x0560  Scan started
22:29:20.0631 0x0560  Mode: Manual; SigCheck; TDLFS; 
22:29:20.0631 0x0560  ============================================================
22:29:20.0631 0x0560  KSN ping started
22:29:23.0153 0x0560  KSN ping finished: true
22:29:23.0554 0x0560  ================ Scan system memory ========================
22:29:23.0554 0x0560  System memory - ok
22:29:23.0555 0x0560  ================ Scan services =============================
22:29:23.0696 0x0560  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
22:29:23.0843 0x0560  1394ohci - ok
22:29:23.0938 0x0560  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
22:29:23.0962 0x0560  3ware - ok
22:29:24.0015 0x0560  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
22:29:24.0055 0x0560  ACPI - ok
22:29:24.0078 0x0560  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
22:29:24.0098 0x0560  acpiex - ok
22:29:24.0113 0x0560  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
22:29:24.0146 0x0560  acpipagr - ok
22:29:24.0152 0x0560  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
22:29:24.0194 0x0560  AcpiPmi - ok
22:29:24.0199 0x0560  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
22:29:24.0236 0x0560  acpitime - ok
22:29:24.0352 0x0560  [ C4B1D322567F73BB5A687F907EA25507, CA11E9F5A6B70E0883B1AA75A3D03FE9112A7EC7B4BEFD9973B9A3457564FADF ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
22:29:24.0373 0x0560  AdobeActiveFileMonitor11.0 - ok
22:29:24.0475 0x0560  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:29:24.0490 0x0560  AdobeARMservice - ok
22:29:24.0541 0x0560  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
22:29:24.0583 0x0560  adp94xx - ok
22:29:24.0610 0x0560  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
22:29:24.0646 0x0560  adpahci - ok
22:29:24.0660 0x0560  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
22:29:24.0685 0x0560  adpu320 - ok
22:29:24.0723 0x0560  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
22:29:24.0760 0x0560  AeLookupSvc - ok
22:29:24.0810 0x0560  [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD             C:\windows\system32\drivers\afd.sys
22:29:24.0920 0x0560  AFD - ok
22:29:24.0938 0x0560  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
22:29:24.0957 0x0560  agp440 - ok
22:29:24.0996 0x0560  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
22:29:25.0034 0x0560  ALG - ok
22:29:25.0068 0x0560  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
22:29:25.0153 0x0560  AllUserInstallAgent - ok
22:29:25.0186 0x0560  [ 1F500945F87AA517BD2F049256B304DD, AFAA5C58A516C63C5142798FAF5CA55AF14EF85BA6EF5E9657C8FF7B0F7311E7 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
22:29:25.0259 0x0560  AMD External Events Utility - ok
22:29:25.0306 0x0560  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
22:29:25.0348 0x0560  AmdK8 - ok
22:29:25.0814 0x0560  [ 2A831A7F9031B5BBA6EF189381D65228, 797FBD32F7514235293E003F0AE9F570173E7738251070879500C4F21F105C96 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
22:29:26.0355 0x0560  amdkmdag - ok
22:29:26.0410 0x0560  [ B9ACB2AA40709E060CDC34F13F1C9C8F, D483FCFC5EC76998DA4D0655ADCC5A5844E74FD5FB4B5862761B9FEAEFCFC6DB ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
22:29:26.0468 0x0560  amdkmdap - ok
22:29:26.0496 0x0560  [ 02CF5AD93538CCE63EB09364EDD3DCF9, A50EBC874966DDA8D209F102148BBD3C6BD5E0CB0DB23D22A99AC3AD3AACE17A ] amdkmpfd        C:\windows\system32\drivers\amdkmpfd.sys
22:29:26.0519 0x0560  amdkmpfd - ok
22:29:26.0537 0x0560  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
22:29:26.0570 0x0560  AmdPPM - ok
22:29:26.0594 0x0560  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
22:29:26.0615 0x0560  amdsata - ok
22:29:26.0637 0x0560  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
22:29:26.0667 0x0560  amdsbs - ok
22:29:26.0675 0x0560  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
22:29:26.0692 0x0560  amdxata - ok
22:29:26.0701 0x0560  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
22:29:26.0746 0x0560  AppID - ok
22:29:26.0784 0x0560  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
22:29:26.0853 0x0560  AppIDSvc - ok
22:29:26.0905 0x0560  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
22:29:26.0941 0x0560  Appinfo - ok
22:29:26.0966 0x0560  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
22:29:26.0988 0x0560  arc - ok
22:29:27.0005 0x0560  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
22:29:27.0027 0x0560  arcsas - ok
22:29:27.0057 0x0560  [ 9C2BEA3957EFFD45F352F0938DFB3721, 7006CC604C480CF512A29AD03BA17FFA564FDDF34CE768ACBD805611503D5012 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
22:29:27.0076 0x0560  aswMonFlt - ok
22:29:27.0108 0x0560  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
22:29:27.0137 0x0560  aswRdr - ok
22:29:27.0195 0x0560  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
22:29:27.0210 0x0560  aswRvrt - ok
22:29:27.0272 0x0560  [ 52B5F8FAF7E78C02D26B0B6E3A05F596, 7C45BA507529F822D4397BD5F001EC861C85E9CBB1F75927E48843B15D5C0B8E ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
22:29:27.0333 0x0560  aswSnx - ok
22:29:27.0373 0x0560  [ 251360C2FCA22BAFE0583314B3262F98, 1EB1B4620E3AFA8ACDDE5F1A6EC4AAEDD40AE2FC5C013AF1B13B03C4B60F6CEB ] aswSP           C:\windows\system32\drivers\aswSP.sys
22:29:27.0405 0x0560  aswSP - ok
22:29:27.0442 0x0560  [ AAB5F5336EDBB5D99CC7E1A9F4D8F63F, 01B40475DCA40E7B426DB0578A33DB62D62640F3A7F9F95A6BBF0AD3CF0F2941 ] aswStm          C:\windows\system32\drivers\aswStm.sys
22:29:27.0458 0x0560  aswStm - ok
22:29:27.0484 0x0560  [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
22:29:27.0506 0x0560  aswVmm - ok
22:29:27.0524 0x0560  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
22:29:27.0562 0x0560  AsyncMac - ok
22:29:27.0599 0x0560  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
22:29:27.0617 0x0560  atapi - ok
22:29:27.0696 0x0560  [ AFF895D6FFA43B058ABFF27964083BBC, DD3A99B843EFB3D17784F420019B431A45C69822FF4CF05CF7B16BE9D5ABB2E0 ] AthBTPort       C:\windows\system32\DRIVERS\btath_flt.sys
22:29:27.0711 0x0560  AthBTPort - ok
22:29:27.0769 0x0560  [ 3283A0D40B330B930CD4596D0231D15F, A1691990929281C35116AF086B9F4246E78A9691D678B78A1B35EE14AE0ACD88 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
22:29:27.0790 0x0560  AtherosSvc - ok
22:29:27.0975 0x0560  [ 221F28472FB210E2D4A7B4488BC798F9, 1AB0224EBA40E3CA1347AAB571FE40D744F1F67851C660F9F25C5FEA1EF155C1 ] athr            C:\windows\system32\DRIVERS\athw8x.sys
22:29:28.0163 0x0560  athr - ok
22:29:28.0196 0x0560  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
22:29:28.0226 0x0560  AudioEndpointBuilder - ok
22:29:28.0284 0x0560  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\windows\System32\Audiosrv.dll
22:29:28.0367 0x0560  Audiosrv - ok
22:29:28.0458 0x0560  [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:29:28.0473 0x0560  avast! Antivirus - ok
22:29:28.0514 0x0560  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
22:29:28.0553 0x0560  AxInstSV - ok
22:29:28.0618 0x0560  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
22:29:28.0663 0x0560  b06bdrv - ok
22:29:28.0692 0x0560  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
22:29:28.0721 0x0560  BasicDisplay - ok
22:29:28.0744 0x0560  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
22:29:28.0777 0x0560  BasicRender - ok
22:29:28.0822 0x0560  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\windows\System32\bdesvc.dll
22:29:28.0859 0x0560  BDESVC - ok
22:29:28.0872 0x0560  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
22:29:28.0909 0x0560  Beep - ok
22:29:28.0972 0x0560  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\windows\System32\bfe.dll
22:29:29.0034 0x0560  BFE - ok
22:29:29.0107 0x0560  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\System32\qmgr.dll
22:29:29.0183 0x0560  BITS - ok
22:29:29.0202 0x0560  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
22:29:29.0235 0x0560  bowser - ok
22:29:29.0277 0x0560  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
22:29:29.0321 0x0560  BrokerInfrastructure - ok
22:29:29.0359 0x0560  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
22:29:29.0454 0x0560  Browser - ok
22:29:29.0497 0x0560  [ 71EAE55AB4E8195E254C34DC2E13A15F, C00B88C4E2C4109C9FDA2E54D230A8EA6438BEB578FE0ED8280C2BC57E6FB9CD ] BTATH_A2DP      C:\windows\system32\drivers\btath_a2dp.sys
22:29:29.0523 0x0560  BTATH_A2DP - ok
22:29:29.0543 0x0560  [ 86F9298BD580818EDFE84306F2681F3F, 13203F0F01CBEDC88904F9FBE81F2C95F1023E00EDE528F3CA54F3C5F68AEDCC ] btath_avdt      C:\windows\system32\drivers\btath_avdt.sys
22:29:29.0558 0x0560  btath_avdt - ok
22:29:29.0617 0x0560  [ D5418AF1B9AC86D89C045026EFBD5FB7, A23B6EEB5779DEE146E12207E6ED68EA514673436A9FC1ECBAE46D586F02D468 ] BTATH_BUS       C:\windows\System32\drivers\btath_bus.sys
22:29:29.0628 0x0560  BTATH_BUS - ok
22:29:29.0653 0x0560  [ DDA454A4D6F88C91ED931E7C7C524015, 28DA11000DA55A11D915AA416CC85616D673771FEE5F611D0E85CDD9AA989447 ] BTATH_HCRP      C:\windows\System32\drivers\btath_hcrp.sys
22:29:29.0672 0x0560  BTATH_HCRP - ok
22:29:29.0705 0x0560  [ BE7BB6D1353E0434317C037C7DA9CD25, 14F41684FB4A1E30C414D0F2B2D6259D9305E91B5FE0C275D589BC58843D5323 ] BTATH_HID       C:\windows\system32\DRIVERS\btath_hid.sys
22:29:29.0724 0x0560  BTATH_HID - ok
22:29:29.0742 0x0560  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\windows\system32\DRIVERS\btath_lwflt.sys
22:29:29.0755 0x0560  BTATH_LWFLT - ok
22:29:29.0782 0x0560  [ 9B58A32D0C39910361225995FA546776, B9F904CB88041EF5CE9CD377F46F8D104BDABF541B6D50638187FE1A5C684DF2 ] BTATH_RCP       C:\windows\System32\drivers\btath_rcp.sys
22:29:29.0798 0x0560  BTATH_RCP - ok
22:29:29.0842 0x0560  [ 7E82C4E6D383B81522EE57F1916D8BDA, F1E04832E033D63CBA855E0AF0250F66721650720FDB9DAF7C069F9B7D666489 ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
22:29:29.0923 0x0560  BtFilter - ok
22:29:29.0957 0x0560  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
22:29:29.0994 0x0560  BthAvrcpTg - ok
22:29:30.0024 0x0560  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
22:29:30.0070 0x0560  BthEnum - ok
22:29:30.0099 0x0560  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
22:29:30.0185 0x0560  BthHFEnum - ok
22:29:30.0213 0x0560  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
22:29:30.0248 0x0560  bthhfhid - ok
22:29:30.0287 0x0560  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
22:29:30.0376 0x0560  BthLEEnum - ok
22:29:30.0400 0x0560  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
22:29:30.0455 0x0560  BTHMODEM - ok
22:29:30.0493 0x0560  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
22:29:30.0530 0x0560  BthPan - ok
22:29:30.0609 0x0560  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
22:29:30.0737 0x0560  BTHPORT - ok
22:29:30.0775 0x0560  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
22:29:30.0862 0x0560  bthserv - ok
22:29:30.0891 0x0560  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
22:29:30.0914 0x0560  BTHUSB - ok
22:29:30.0954 0x0560  [ D2AAC014F1888A58DBDA67FAA15ED6CB, DBD6F4C84956CE8A14D8321EF52798F5C88E991E79BB03433BB34C8881A21FC7 ] cbfs3           C:\windows\system32\drivers\cbfs3.sys
22:29:30.0983 0x0560  cbfs3 - ok
22:29:31.0023 0x0560  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
22:29:31.0059 0x0560  cdfs - ok
22:29:31.0088 0x0560  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
22:29:31.0128 0x0560  cdrom - ok
22:29:31.0201 0x0560  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
22:29:31.0238 0x0560  CertPropSvc - ok
22:29:31.0252 0x0560  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
22:29:31.0293 0x0560  circlass - ok
22:29:31.0329 0x0560  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\windows\system32\drivers\CLFS.sys
22:29:31.0365 0x0560  CLFS - ok
22:29:31.0409 0x0560  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
22:29:31.0426 0x0560  CLVirtualDrive - ok
22:29:31.0443 0x0560  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
22:29:31.0472 0x0560  CmBatt - ok
22:29:31.0533 0x0560  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\windows\system32\Drivers\cng.sys
22:29:31.0580 0x0560  CNG - ok
22:29:31.0613 0x0560  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
22:29:31.0659 0x0560  CompositeBus - ok
22:29:31.0665 0x0560  COMSysApp - ok
22:29:31.0681 0x0560  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
22:29:31.0759 0x0560  condrv - ok
22:29:31.0840 0x0560  [ 070606BDB143CBD862F6587C49A4FD96, 9157BEAEE8EC36F2BB953C25C193462EF78A4B5D71E12AD391FAEB65582A4F1E ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
22:29:31.0866 0x0560  cphs - ok
22:29:31.0904 0x0560  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
22:29:31.0937 0x0560  CryptSvc - ok
22:29:31.0972 0x0560  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\windows\system32\drivers\dam.sys
22:29:31.0992 0x0560  dam - ok
22:29:32.0082 0x0560  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
22:29:32.0171 0x0560  DcomLaunch - ok
22:29:32.0234 0x0560  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\windows\System32\defragsvc.dll
22:29:32.0314 0x0560  defragsvc - ok
22:29:32.0364 0x0560  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
22:29:32.0427 0x0560  DeviceAssociationService - ok
22:29:32.0461 0x0560  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
22:29:32.0503 0x0560  DeviceInstall - ok
22:29:32.0567 0x0560  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
22:29:32.0610 0x0560  Dfsc - ok
22:29:32.0648 0x0560  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\windows\system32\dhcpcore.dll
22:29:32.0694 0x0560  Dhcp - ok
22:29:32.0728 0x0560  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
22:29:32.0760 0x0560  discache - ok
22:29:32.0795 0x0560  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\windows\system32\drivers\disk.sys
22:29:32.0817 0x0560  disk - ok
22:29:32.0828 0x0560  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
22:29:32.0848 0x0560  dmvsc - ok
22:29:32.0884 0x0560  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\windows\System32\dnsrslvr.dll
22:29:32.0945 0x0560  Dnscache - ok
22:29:32.0982 0x0560  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
22:29:33.0033 0x0560  dot3svc - ok
22:29:33.0057 0x0560  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
22:29:33.0097 0x0560  DPS - ok
22:29:33.0131 0x0560  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
22:29:33.0205 0x0560  drmkaud - ok
22:29:33.0246 0x0560  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
22:29:33.0277 0x0560  DsmSvc - ok
22:29:33.0370 0x0560  [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
22:29:33.0493 0x0560  DXGKrnl - ok
22:29:33.0528 0x0560  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
22:29:33.0570 0x0560  Eaphost - ok
22:29:33.0786 0x0560  [ E6649F1F23937411DF9BB02964C2A332, E33710623AACF71B301E97923241775358A981142804834B6D413D1DFC3B313B ] Easy Launcher   C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
22:29:33.0896 0x0560  Easy Launcher - detected UnsignedFile.Multi.Generic ( 1 )
22:29:36.0380 0x0560  Detect skipped due to KSN trusted
22:29:36.0381 0x0560  Easy Launcher - ok
22:29:36.0588 0x0560  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\windows\system32\drivers\evbda.sys
22:29:36.0777 0x0560  ebdrv - ok
22:29:36.0817 0x0560  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\windows\System32\lsass.exe
22:29:36.0856 0x0560  EFS - ok
22:29:36.0878 0x0560  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
22:29:36.0902 0x0560  EhStorClass - ok
22:29:36.0927 0x0560  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
22:29:36.0950 0x0560  EhStorTcgDrv - ok
22:29:36.0969 0x0560  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
22:29:36.0999 0x0560  ErrDev - ok
22:29:37.0064 0x0560  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
22:29:37.0124 0x0560  EventSystem - ok
22:29:37.0150 0x0560  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
22:29:37.0201 0x0560  exfat - ok
22:29:37.0230 0x0560  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
22:29:37.0258 0x0560  fastfat - ok
22:29:37.0312 0x0560  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
22:29:37.0375 0x0560  Fax - ok
22:29:37.0382 0x0560  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
22:29:37.0410 0x0560  fdc - ok
22:29:37.0466 0x0560  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
22:29:37.0518 0x0560  fdPHost - ok
22:29:37.0542 0x0560  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
22:29:37.0597 0x0560  FDResPub - ok
22:29:37.0636 0x0560  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
22:29:37.0677 0x0560  fhsvc - ok
22:29:37.0701 0x0560  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
22:29:37.0722 0x0560  FileInfo - ok
22:29:37.0754 0x0560  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
22:29:37.0818 0x0560  Filetrace - ok
22:29:37.0836 0x0560  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
22:29:37.0870 0x0560  flpydisk - ok
22:29:37.0903 0x0560  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
22:29:37.0941 0x0560  FltMgr - ok
22:29:38.0027 0x0560  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\windows\system32\FntCache.dll
22:29:38.0110 0x0560  FontCache - ok
22:29:38.0265 0x0560  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:29:38.0285 0x0560  FontCache3.0.0.0 - ok
22:29:38.0309 0x0560  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
22:29:38.0336 0x0560  FsDepends - ok
22:29:38.0371 0x0560  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
22:29:38.0389 0x0560  Fs_Rec - ok
22:29:38.0452 0x0560  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
22:29:38.0493 0x0560  fvevol - ok
22:29:38.0524 0x0560  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
22:29:38.0559 0x0560  FxPPM - ok
22:29:38.0576 0x0560  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
22:29:38.0596 0x0560  gagp30kx - ok
22:29:38.0628 0x0560  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
22:29:38.0706 0x0560  gencounter - ok
22:29:38.0747 0x0560  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
22:29:38.0772 0x0560  GPIOClx0101 - ok
22:29:38.0850 0x0560  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
22:29:38.0949 0x0560  gpsvc - ok
22:29:38.0992 0x0560  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:29:39.0009 0x0560  gupdate - ok
22:29:39.0016 0x0560  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:29:39.0031 0x0560  gupdatem - ok
22:29:39.0070 0x0560  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:29:39.0121 0x0560  HdAudAddService - ok
22:29:39.0191 0x0560  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
22:29:39.0223 0x0560  HDAudBus - ok
22:29:39.0286 0x0560  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
22:29:39.0338 0x0560  HidBatt - ok
22:29:39.0369 0x0560  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\windows\System32\drivers\hidbth.sys
22:29:39.0405 0x0560  HidBth - ok
22:29:39.0436 0x0560  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
22:29:39.0469 0x0560  hidi2c - ok
22:29:39.0490 0x0560  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
22:29:39.0539 0x0560  HidIr - ok
22:29:39.0564 0x0560  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\system32\hidserv.dll
22:29:39.0675 0x0560  hidserv - ok
22:29:39.0703 0x0560  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
22:29:39.0732 0x0560  HidUsb - ok
22:29:39.0797 0x0560  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
22:29:39.0840 0x0560  hkmsvc - ok
22:29:39.0890 0x0560  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:29:39.0951 0x0560  HomeGroupListener - ok
22:29:40.0002 0x0560  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:29:40.0043 0x0560  HomeGroupProvider - ok
22:29:40.0080 0x0560  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
22:29:40.0100 0x0560  HpSAMD - ok
22:29:40.0166 0x0560  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\windows\system32\drivers\HTTP.sys
22:29:40.0232 0x0560  HTTP - ok
22:29:40.0247 0x0560  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
22:29:40.0265 0x0560  hwpolicy - ok
22:29:40.0285 0x0560  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
22:29:40.0334 0x0560  hyperkbd - ok
22:29:40.0355 0x0560  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
22:29:40.0388 0x0560  HyperVideo - ok
22:29:40.0407 0x0560  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
22:29:40.0450 0x0560  i8042prt - ok
22:29:40.0532 0x0560  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
22:29:40.0572 0x0560  iaStorA - ok
22:29:40.0665 0x0560  [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:29:40.0677 0x0560  IAStorDataMgrSvc - ok
22:29:40.0708 0x0560  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
22:29:40.0746 0x0560  iaStorV - ok
22:29:40.0992 0x0560  [ 24B5EE5A17AD83427D9BDFCBF7C2C1B4, 371DE28F6DE442AD29EB59BFECD77579329F206D6EF2553E441CCFF48DA47E45 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
22:29:41.0331 0x0560  igfx - ok
22:29:41.0376 0x0560  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
22:29:41.0394 0x0560  iirsp - ok
22:29:41.0472 0x0560  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\windows\System32\ikeext.dll
22:29:41.0562 0x0560  IKEEXT - ok
22:29:41.0781 0x0560  [ 5C20DBF6A00AF50C7CB74DB233E03AF0, 1AB043E8F08857D6A08D4EF8613C8B2ECB85364BAC0D485443D3ADDA8E6072AC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
22:29:42.0001 0x0560  IntcAzAudAddService - ok
22:29:42.0047 0x0560  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
22:29:42.0103 0x0560  IntcDAud - ok
22:29:42.0242 0x0560  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:29:42.0282 0x0560  Intel(R) Capability Licensing Service Interface - ok
22:29:42.0338 0x0560  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
22:29:42.0354 0x0560  Intel(R) ME Service - ok
22:29:42.0375 0x0560  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
22:29:42.0392 0x0560  intelide - ok
22:29:42.0641 0x0560  [ 24B5EE5A17AD83427D9BDFCBF7C2C1B4, 371DE28F6DE442AD29EB59BFECD77579329F206D6EF2553E441CCFF48DA47E45 ] intelkmd        C:\windows\system32\DRIVERS\igdpmd64.sys
22:29:42.0945 0x0560  intelkmd - ok
22:29:42.0994 0x0560  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\windows\System32\drivers\intelppm.sys
22:29:43.0072 0x0560  intelppm - ok
22:29:43.0098 0x0560  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
22:29:43.0140 0x0560  IpFilterDriver - ok
22:29:43.0197 0x0560  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
22:29:43.0267 0x0560  iphlpsvc - ok
22:29:43.0277 0x0560  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
22:29:43.0304 0x0560  IPMIDRV - ok
22:29:43.0315 0x0560  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
22:29:43.0350 0x0560  IPNAT - ok
22:29:43.0374 0x0560  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
22:29:43.0397 0x0560  IRENUM - ok
22:29:43.0444 0x0560  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
22:29:43.0463 0x0560  isapnp - ok
22:29:43.0506 0x0560  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
22:29:43.0538 0x0560  iScsiPrt - ok
22:29:43.0695 0x0560  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
22:29:43.0713 0x0560  iumsvc - ok
22:29:43.0748 0x0560  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:29:43.0766 0x0560  jhi_service - ok
22:29:43.0782 0x0560  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
22:29:43.0801 0x0560  kbdclass - ok
22:29:43.0835 0x0560  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
22:29:43.0902 0x0560  kbdhid - ok
22:29:43.0921 0x0560  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
22:29:43.0943 0x0560  kdnic - ok
22:29:43.0961 0x0560  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\windows\system32\lsass.exe
22:29:43.0986 0x0560  KeyIso - ok
22:29:44.0024 0x0560  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
22:29:44.0048 0x0560  KSecDD - ok
22:29:44.0090 0x0560  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
22:29:44.0118 0x0560  KSecPkg - ok
22:29:44.0137 0x0560  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
22:29:44.0160 0x0560  ksthunk - ok
22:29:44.0206 0x0560  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
22:29:44.0273 0x0560  KtmRm - ok
22:29:44.0313 0x0560  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\windows\system32\srvsvc.dll
22:29:44.0367 0x0560  LanmanServer - ok
22:29:44.0408 0x0560  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:29:44.0443 0x0560  LanmanWorkstation - ok
22:29:44.0462 0x0560  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
22:29:44.0532 0x0560  lltdio - ok
22:29:44.0575 0x0560  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
22:29:44.0615 0x0560  lltdsvc - ok
22:29:44.0634 0x0560  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
22:29:44.0671 0x0560  lmhosts - ok
22:29:44.0723 0x0560  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:29:44.0750 0x0560  LMS - ok
22:29:44.0781 0x0560  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
22:29:44.0803 0x0560  LSI_SAS - ok
22:29:44.0812 0x0560  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
22:29:44.0834 0x0560  LSI_SAS2 - ok
22:29:44.0844 0x0560  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
22:29:44.0867 0x0560  LSI_SCSI - ok
22:29:44.0887 0x0560  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
22:29:44.0908 0x0560  LSI_SSS - ok
22:29:44.0959 0x0560  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\windows\System32\lsm.dll
22:29:45.0020 0x0560  LSM - ok
22:29:45.0045 0x0560  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
22:29:45.0096 0x0560  luafv - ok
22:29:45.0103 0x0560  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
22:29:45.0122 0x0560  megasas - ok
22:29:45.0147 0x0560  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
22:29:45.0183 0x0560  MegaSR - ok
22:29:45.0214 0x0560  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
22:29:45.0227 0x0560  MEIx64 - ok
22:29:45.0283 0x0560  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\windows\system32\mmcss.dll
22:29:45.0317 0x0560  MMCSS - ok
22:29:45.0324 0x0560  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
22:29:45.0353 0x0560  Modem - ok
22:29:45.0392 0x0560  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
22:29:45.0464 0x0560  monitor - ok
22:29:45.0491 0x0560  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
22:29:45.0510 0x0560  mouclass - ok
22:29:45.0546 0x0560  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
22:29:45.0581 0x0560  mouhid - ok
22:29:45.0633 0x0560  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
22:29:45.0655 0x0560  mountmgr - ok
22:29:45.0688 0x0560  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
22:29:45.0725 0x0560  mpsdrv - ok
22:29:45.0789 0x0560  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\windows\system32\mpssvc.dll
22:29:45.0853 0x0560  MpsSvc - ok
22:29:45.0880 0x0560  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
22:29:45.0925 0x0560  MRxDAV - ok
22:29:45.0966 0x0560  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
22:29:46.0014 0x0560  mrxsmb - ok
22:29:46.0039 0x0560  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
22:29:46.0127 0x0560  mrxsmb10 - ok
22:29:46.0151 0x0560  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
22:29:46.0181 0x0560  mrxsmb20 - ok
22:29:46.0219 0x0560  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
22:29:46.0305 0x0560  MsBridge - ok
22:29:46.0326 0x0560  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
22:29:46.0367 0x0560  MSDTC - ok
22:29:46.0409 0x0560  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
22:29:46.0438 0x0560  Msfs - ok
22:29:46.0467 0x0560  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
22:29:46.0485 0x0560  msgpiowin32 - ok
22:29:46.0503 0x0560  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
22:29:46.0534 0x0560  mshidkmdf - ok
22:29:46.0553 0x0560  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
22:29:46.0581 0x0560  mshidumdf - ok
22:29:46.0638 0x0560  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
22:29:46.0655 0x0560  msisadrv - ok
22:29:46.0697 0x0560  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
22:29:46.0737 0x0560  MSiSCSI - ok
22:29:46.0743 0x0560  msiserver - ok
22:29:46.0761 0x0560  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
22:29:46.0796 0x0560  MSKSSRV - ok
22:29:46.0815 0x0560  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
22:29:46.0839 0x0560  MsLldp - ok
22:29:46.0858 0x0560  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
22:29:46.0884 0x0560  MSPCLOCK - ok
22:29:46.0901 0x0560  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
22:29:46.0934 0x0560  MSPQM - ok
22:29:46.0972 0x0560  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
22:29:47.0010 0x0560  MsRPC - ok
22:29:47.0039 0x0560  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
22:29:47.0058 0x0560  mssmbios - ok
22:29:47.0098 0x0560  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
22:29:47.0136 0x0560  MSTEE - ok
22:29:47.0156 0x0560  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
22:29:47.0191 0x0560  MTConfig - ok
22:29:47.0212 0x0560  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
22:29:47.0232 0x0560  Mup - ok
22:29:47.0240 0x0560  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
22:29:47.0261 0x0560  mvumis - ok
22:29:47.0316 0x0560  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
22:29:47.0381 0x0560  napagent - ok
22:29:47.0418 0x0560  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
22:29:47.0469 0x0560  NativeWifiP - ok
22:29:47.0513 0x0560  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
22:29:47.0557 0x0560  NcaSvc - ok
22:29:47.0580 0x0560  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
22:29:47.0619 0x0560  NcdAutoSetup - ok
22:29:47.0685 0x0560  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\windows\system32\drivers\ndis.sys
22:29:47.0755 0x0560  NDIS - ok
22:29:47.0786 0x0560  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
22:29:47.0813 0x0560  NdisCap - ok
22:29:47.0844 0x0560  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
22:29:47.0879 0x0560  NdisImPlatform - ok
22:29:47.0909 0x0560  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
22:29:47.0947 0x0560  NdisTapi - ok
22:29:47.0969 0x0560  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
22:29:48.0019 0x0560  Ndisuio - ok
22:29:48.0038 0x0560  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
22:29:48.0079 0x0560  NdisWan - ok
22:29:48.0089 0x0560  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
22:29:48.0121 0x0560  NDISWANLEGACY - ok
22:29:48.0150 0x0560  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
22:29:48.0186 0x0560  NDProxy - ok
22:29:48.0224 0x0560  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
22:29:48.0299 0x0560  Ndu - ok
22:29:48.0319 0x0560  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
22:29:48.0358 0x0560  NetBIOS - ok
22:29:48.0387 0x0560  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
22:29:48.0423 0x0560  NetBT - ok
22:29:48.0442 0x0560  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\windows\system32\lsass.exe
22:29:48.0467 0x0560  Netlogon - ok
22:29:48.0501 0x0560  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
22:29:48.0606 0x0560  Netman - ok
22:29:48.0660 0x0560  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\windows\System32\netprofmsvc.dll
22:29:48.0707 0x0560  netprofm - ok
22:29:48.0773 0x0560  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:29:48.0799 0x0560  NetTcpPortSharing - ok
22:29:48.0840 0x0560  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
22:29:48.0860 0x0560  nfrd960 - ok
22:29:48.0902 0x0560  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\windows\System32\nlasvc.dll
22:29:48.0943 0x0560  NlaSvc - ok
22:29:48.0965 0x0560  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
22:29:48.0995 0x0560  Npfs - ok
22:29:49.0005 0x0560  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
22:29:49.0050 0x0560  npsvctrig - ok
22:29:49.0105 0x0560  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
22:29:49.0143 0x0560  nsi - ok
22:29:49.0181 0x0560  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
22:29:49.0209 0x0560  nsiproxy - ok
22:29:49.0320 0x0560  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
22:29:49.0441 0x0560  Ntfs - ok
22:29:49.0461 0x0560  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
22:29:49.0489 0x0560  Null - ok
22:29:50.0043 0x0560  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
22:29:50.0709 0x0560  nvlddmkm - ok
22:29:50.0766 0x0560  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
22:29:50.0787 0x0560  nvraid - ok
22:29:50.0797 0x0560  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
22:29:50.0819 0x0560  nvstor - ok
22:29:50.0828 0x0560  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
22:29:50.0851 0x0560  nv_agp - ok
22:29:50.0889 0x0560  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
22:29:50.0932 0x0560  p2pimsvc - ok
22:29:50.0967 0x0560  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
22:29:51.0016 0x0560  p2psvc - ok
22:29:51.0026 0x0560  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
22:29:51.0052 0x0560  Parport - ok
22:29:51.0082 0x0560  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
22:29:51.0104 0x0560  partmgr - ok
22:29:51.0165 0x0560  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
22:29:51.0231 0x0560  PcaSvc - ok
22:29:51.0260 0x0560  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
22:29:51.0290 0x0560  pci - ok
22:29:51.0302 0x0560  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
22:29:51.0319 0x0560  pciide - ok
22:29:51.0341 0x0560  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
22:29:51.0371 0x0560  pcmcia - ok
22:29:51.0391 0x0560  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
22:29:51.0411 0x0560  pcw - ok
22:29:51.0450 0x0560  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
22:29:51.0470 0x0560  pdc - ok
22:29:51.0539 0x0560  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
22:29:51.0595 0x0560  PEAUTH - ok
22:29:51.0714 0x0560  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
22:29:51.0751 0x0560  PerfHost - ok
22:29:51.0845 0x0560  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
22:29:51.0948 0x0560  pla - ok
22:29:51.0985 0x0560  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
22:29:52.0014 0x0560  PlugPlay - ok
22:29:52.0027 0x0560  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
22:29:52.0052 0x0560  PNRPAutoReg - ok
22:29:52.0088 0x0560  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
22:29:52.0124 0x0560  PNRPsvc - ok
22:29:52.0171 0x0560  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
22:29:52.0220 0x0560  PolicyAgent - ok
22:29:52.0255 0x0560  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\windows\system32\umpo.dll
22:29:52.0300 0x0560  Power - ok
22:29:52.0330 0x0560  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
22:29:52.0405 0x0560  PptpMiniport - ok
22:29:52.0582 0x0560  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE, 878E46E308BC3AC689CFC401BAA12D217BFB9911C29A10DB5DFFAC250A58CE55 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
22:29:52.0731 0x0560  PrintNotify - ok
22:29:52.0764 0x0560  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\windows\System32\drivers\processr.sys
22:29:52.0798 0x0560  Processor - ok
22:29:52.0870 0x0560  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\windows\system32\profsvc.dll
22:29:52.0902 0x0560  ProfSvc - ok
22:29:52.0919 0x0560  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
22:29:52.0957 0x0560  Psched - ok
22:29:52.0996 0x0560  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
22:29:53.0010 0x0560  PxHlpa64 - ok
22:29:53.0038 0x0560  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
22:29:53.0091 0x0560  QWAVE - ok
22:29:53.0126 0x0560  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
22:29:53.0162 0x0560  QWAVEdrv - ok
22:29:53.0222 0x0560  [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini    C:\windows\System32\drivers\RadioHIDMini.sys
22:29:53.0256 0x0560  RadioHIDMini - ok
22:29:53.0272 0x0560  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
22:29:53.0310 0x0560  RasAcd - ok
22:29:53.0347 0x0560  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
22:29:53.0374 0x0560  RasAgileVpn - ok
22:29:53.0411 0x0560  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
22:29:53.0518 0x0560  RasAuto - ok
22:29:53.0557 0x0560  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
22:29:53.0588 0x0560  Rasl2tp - ok
22:29:53.0615 0x0560  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
22:29:53.0676 0x0560  RasMan - ok
22:29:53.0694 0x0560  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
22:29:53.0738 0x0560  RasPppoe - ok
22:29:53.0779 0x0560  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
22:29:53.0817 0x0560  RasSstp - ok
22:29:53.0864 0x0560  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
22:29:53.0902 0x0560  rdbss - ok
22:29:53.0937 0x0560  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
22:29:53.0958 0x0560  rdpbus - ok
22:29:53.0985 0x0560  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
22:29:54.0076 0x0560  RDPDR - ok
22:29:54.0112 0x0560  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
22:29:54.0130 0x0560  RdpVideoMiniport - ok
22:29:54.0150 0x0560  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
22:29:54.0186 0x0560  RDPWD - ok
22:29:54.0216 0x0560  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
22:29:54.0246 0x0560  rdyboost - ok
22:29:54.0293 0x0560  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
22:29:54.0334 0x0560  RemoteAccess - ok
22:29:54.0368 0x0560  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
22:29:54.0472 0x0560  RemoteRegistry - ok
22:29:54.0512 0x0560  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
22:29:54.0550 0x0560  RFCOMM - ok
22:29:54.0580 0x0560  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
22:29:54.0615 0x0560  RpcEptMapper - ok
22:29:54.0646 0x0560  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
22:29:54.0730 0x0560  RpcLocator - ok
22:29:54.0801 0x0560  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
22:29:54.0858 0x0560  RpcSs - ok
22:29:54.0894 0x0560  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
22:29:54.0936 0x0560  rspndr - ok
22:29:55.0002 0x0560  [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
22:29:55.0026 0x0560  RSUSBVSTOR - ok
22:29:55.0076 0x0560  [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
22:29:55.0117 0x0560  RTL8168 - ok
22:29:55.0145 0x0560  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
22:29:55.0173 0x0560  s3cap - ok
22:29:55.0209 0x0560  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\windows\system32\lsass.exe
22:29:55.0233 0x0560  SamSs - ok
22:29:55.0268 0x0560  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
22:29:55.0291 0x0560  sbp2port - ok
22:29:55.0323 0x0560  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
22:29:55.0361 0x0560  SCardSvr - ok
22:29:55.0377 0x0560  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
22:29:55.0464 0x0560  scfilter - ok
22:29:55.0551 0x0560  [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule        C:\windows\system32\schedsvc.dll
22:29:55.0641 0x0560  Schedule - ok
22:29:55.0683 0x0560  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
22:29:55.0715 0x0560  SCPolicySvc - ok
22:29:55.0747 0x0560  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\windows\System32\drivers\sdbus.sys
22:29:55.0774 0x0560  sdbus - ok
22:29:55.0810 0x0560  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
22:29:55.0855 0x0560  SDRSVC - ok
22:29:55.0884 0x0560  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\windows\System32\drivers\sdstor.sys
22:29:55.0905 0x0560  sdstor - ok
22:29:56.0040 0x0560  [ 0F4A80438E7286A0E623582F5F2395BD, 72310FA5A9D3D35ABE6AD65DF8E55D52537C8387AF1A92F677CD31EA8C08D502 ] SearchAnonymizer C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
22:29:56.0057 0x0560  SearchAnonymizer - detected UnsignedFile.Multi.Generic ( 1 )
22:29:58.0485 0x0560  Detect skipped due to KSN trusted
22:29:58.0485 0x0560  SearchAnonymizer - ok
22:29:58.0520 0x0560  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
22:29:58.0542 0x0560  secdrv - ok
22:29:58.0563 0x0560  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
22:29:58.0609 0x0560  seclogon - ok
22:29:58.0629 0x0560  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\System32\sens.dll
22:29:58.0667 0x0560  SENS - ok
22:29:58.0685 0x0560  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
22:29:58.0718 0x0560  SensrSvc - ok
22:29:58.0732 0x0560  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
22:29:58.0767 0x0560  SerCx - ok
22:29:58.0773 0x0560  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
22:29:58.0799 0x0560  Serenum - ok
22:29:58.0807 0x0560  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
22:29:58.0842 0x0560  Serial - ok
22:29:58.0849 0x0560  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
22:29:58.0871 0x0560  sermouse - ok
22:29:58.0911 0x0560  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
22:29:58.0965 0x0560  SessionEnv - ok
22:29:58.0983 0x0560  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
22:29:59.0006 0x0560  sfloppy - ok
22:29:59.0071 0x0560  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
22:29:59.0176 0x0560  SharedAccess - ok
22:29:59.0249 0x0560  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:29:59.0325 0x0560  ShellHWDetection - ok
22:29:59.0346 0x0560  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
22:29:59.0366 0x0560  SiSRaid2 - ok
22:29:59.0418 0x0560  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
22:29:59.0439 0x0560  SiSRaid4 - ok
22:29:59.0462 0x0560  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
22:29:59.0500 0x0560  SNMPTRAP - ok
22:29:59.0543 0x0560  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\windows\system32\drivers\spaceport.sys
22:29:59.0619 0x0560  spaceport - ok
22:29:59.0641 0x0560  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
22:29:59.0680 0x0560  SpbCx - ok
22:29:59.0742 0x0560  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
22:29:59.0818 0x0560  Spooler - ok
22:30:00.0050 0x0560  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\windows\system32\sppsvc.exe
22:30:00.0355 0x0560  sppsvc - ok
22:30:00.0400 0x0560  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
22:30:00.0452 0x0560  srv - ok
22:30:00.0516 0x0560  [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
22:30:00.0617 0x0560  srv2 - ok
22:30:00.0669 0x0560  [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
22:30:00.0735 0x0560  srvnet - ok
22:30:00.0784 0x0560  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
22:30:00.0835 0x0560  SSDPSRV - ok
22:30:00.0869 0x0560  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
22:30:00.0911 0x0560  SstpSvc - ok
22:30:00.0951 0x0560  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
22:30:00.0969 0x0560  stexstor - ok
22:30:01.0049 0x0560  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
22:30:01.0114 0x0560  stisvc - ok
22:30:01.0146 0x0560  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
22:30:01.0167 0x0560  storahci - ok
22:30:01.0192 0x0560  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
22:30:01.0211 0x0560  storflt - ok
22:30:01.0244 0x0560  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
22:30:01.0281 0x0560  StorSvc - ok
22:30:01.0310 0x0560  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
22:30:01.0328 0x0560  storvsc - ok
22:30:01.0343 0x0560  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
22:30:01.0387 0x0560  svsvc - ok
22:30:01.0405 0x0560  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
22:30:01.0424 0x0560  swenum - ok
22:30:01.0468 0x0560  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
22:30:01.0534 0x0560  swprv - ok
22:30:01.0584 0x0560  SWUpdateService - ok
22:30:01.0636 0x0560  [ D068E3E8AA9951D1E051E20300260E7B, 2BAE1F40A5D3F20E5D066AEBAFA4A018A3AD76116F93A30B637DDE12BA457D8C ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
22:30:01.0668 0x0560  SynTP - ok
22:30:01.0755 0x0560  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\windows\system32\sysmain.dll
22:30:01.0856 0x0560  SysMain - ok
22:30:01.0899 0x0560  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
22:30:01.0941 0x0560  SystemEventsBroker - ok
22:30:01.0978 0x0560  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
22:30:02.0016 0x0560  TabletInputService - ok
22:30:02.0054 0x0560  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
22:30:02.0141 0x0560  TapiSrv - ok
22:30:02.0270 0x0560  [ B23882881EFD9404B62993906BC38709, C3F7A4E5155336BF1B3375423C98308268B56B3B834EB2BF10467B7CC4EE18D5 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
22:30:02.0406 0x0560  Tcpip - ok
22:30:02.0518 0x0560  [ B23882881EFD9404B62993906BC38709, C3F7A4E5155336BF1B3375423C98308268B56B3B834EB2BF10467B7CC4EE18D5 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
22:30:02.0672 0x0560  TCPIP6 - ok
22:30:02.0716 0x0560  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
22:30:02.0745 0x0560  tcpipreg - ok
22:30:02.0769 0x0560  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
22:30:02.0806 0x0560  tdx - ok
22:30:03.0119 0x0560  [ 775A7C4B689C0F112A12AD62064E57D1, C9E9B0F89AEA660CA80F8CC1C9E7116E199B267700265BB47640B0A9341C52FF ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
22:30:03.0343 0x0560  TeamViewer8 - ok
22:30:03.0425 0x0560  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
22:30:03.0443 0x0560  terminpt - ok
22:30:03.0548 0x0560  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\windows\System32\termsrv.dll
22:30:03.0639 0x0560  TermService - ok
22:30:03.0655 0x0560  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
22:30:03.0707 0x0560  Themes - ok
22:30:03.0742 0x0560  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\windows\system32\mmcss.dll
22:30:03.0769 0x0560  THREADORDER - ok
22:30:03.0813 0x0560  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
22:30:03.0869 0x0560  TimeBroker - ok
22:30:03.0901 0x0560  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\windows\system32\drivers\tpm.sys
22:30:03.0926 0x0560  TPM - ok
22:30:03.0952 0x0560  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
22:30:03.0985 0x0560  TrkWks - ok
22:30:04.0041 0x0560  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:30:04.0074 0x0560  TrustedInstaller - ok
22:30:04.0134 0x0560  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
22:30:04.0156 0x0560  TsUsbFlt - ok
22:30:04.0164 0x0560  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
22:30:04.0205 0x0560  TsUsbGD - ok
22:30:04.0235 0x0560  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
22:30:04.0336 0x0560  tunnel - ok
22:30:04.0360 0x0560  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
22:30:04.0379 0x0560  uagp35 - ok
22:30:04.0389 0x0560  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
22:30:04.0411 0x0560  UASPStor - ok
22:30:04.0447 0x0560  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
22:30:04.0477 0x0560  UCX01000 - ok
22:30:04.0518 0x0560  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
22:30:04.0608 0x0560  udfs - ok
22:30:04.0642 0x0560  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
22:30:04.0674 0x0560  UI0Detect - ok
22:30:04.0707 0x0560  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
22:30:04.0727 0x0560  uliagpkx - ok
22:30:04.0746 0x0560  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
22:30:04.0776 0x0560  umbus - ok
22:30:04.0799 0x0560  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
22:30:04.0820 0x0560  UmPass - ok
22:30:04.0847 0x0560  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
22:30:04.0889 0x0560  UmRdpService - ok
22:30:05.0021 0x0560  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:30:05.0048 0x0560  UNS - ok
22:30:05.0083 0x0560  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
22:30:05.0155 0x0560  upnphost - ok
22:30:05.0212 0x0560  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
22:30:05.0238 0x0560  usbccgp - ok
22:30:05.0271 0x0560  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
22:30:05.0295 0x0560  usbcir - ok
22:30:05.0309 0x0560  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
22:30:05.0330 0x0560  usbehci - ok
22:30:05.0371 0x0560  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
22:30:05.0422 0x0560  usbhub - ok
22:30:05.0469 0x0560  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
22:30:05.0509 0x0560  USBHUB3 - ok
22:30:05.0539 0x0560  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
22:30:05.0573 0x0560  usbohci - ok
22:30:05.0594 0x0560  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
22:30:05.0667 0x0560  usbprint - ok
22:30:05.0692 0x0560  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
22:30:05.0715 0x0560  USBSTOR - ok
22:30:05.0736 0x0560  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
22:30:05.0758 0x0560  usbuhci - ok
22:30:05.0782 0x0560  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
22:30:05.0811 0x0560  usbvideo - ok
22:30:05.0854 0x0560  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
22:30:05.0889 0x0560  USBXHCI - ok
22:30:05.0903 0x0560  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\windows\system32\lsass.exe
22:30:05.0929 0x0560  VaultSvc - ok
22:30:05.0968 0x0560  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
22:30:05.0986 0x0560  vdrvroot - ok
22:30:06.0064 0x0560  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\windows\System32\vds.exe
22:30:06.0130 0x0560  vds - ok
22:30:06.0177 0x0560  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
22:30:06.0200 0x0560  VerifierExt - ok
22:30:06.0248 0x0560  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
22:30:06.0292 0x0560  vhdmp - ok
22:30:06.0320 0x0560  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
22:30:06.0338 0x0560  viaide - ok
22:30:06.0361 0x0560  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
22:30:06.0383 0x0560  vmbus - ok
22:30:06.0390 0x0560  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
22:30:06.0423 0x0560  VMBusHID - ok
22:30:06.0464 0x0560  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
22:30:06.0517 0x0560  vmicheartbeat - ok
22:30:06.0534 0x0560  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
22:30:06.0570 0x0560  vmickvpexchange - ok
22:30:06.0586 0x0560  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
22:30:06.0623 0x0560  vmicrdv - ok
22:30:06.0640 0x0560  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
22:30:06.0675 0x0560  vmicshutdown - ok
22:30:06.0691 0x0560  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
22:30:06.0727 0x0560  vmictimesync - ok
22:30:06.0744 0x0560  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
22:30:06.0780 0x0560  vmicvss - ok
22:30:06.0798 0x0560  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
22:30:06.0819 0x0560  volmgr - ok
22:30:06.0854 0x0560  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
22:30:06.0890 0x0560  volmgrx - ok
22:30:06.0932 0x0560  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\windows\system32\drivers\volsnap.sys
22:30:06.0967 0x0560  volsnap - ok
22:30:06.0987 0x0560  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
22:30:07.0008 0x0560  vpci - ok
22:30:07.0021 0x0560  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
22:30:07.0046 0x0560  vsmraid - ok
22:30:07.0140 0x0560  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\windows\system32\vssvc.exe
22:30:07.0257 0x0560  VSS - ok
22:30:07.0290 0x0560  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
22:30:07.0325 0x0560  VSTXRAID - ok
22:30:07.0338 0x0560  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
22:30:07.0359 0x0560  vwifibus - ok
22:30:07.0390 0x0560  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
22:30:07.0415 0x0560  vwififlt - ok
22:30:07.0445 0x0560  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
22:30:07.0480 0x0560  vwifimp - ok
22:30:07.0531 0x0560  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
22:30:07.0592 0x0560  W32Time - ok
22:30:07.0599 0x0560  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
22:30:07.0629 0x0560  WacomPen - ok
22:30:07.0668 0x0560  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
22:30:07.0694 0x0560  Wanarp - ok
22:30:07.0701 0x0560  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
22:30:07.0724 0x0560  Wanarpv6 - ok
22:30:07.0814 0x0560  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
22:30:07.0926 0x0560  wbengine - ok
22:30:07.0954 0x0560  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
22:30:08.0009 0x0560  WbioSrvc - ok
22:30:08.0060 0x0560  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
22:30:08.0115 0x0560  Wcmsvc - ok
22:30:08.0169 0x0560  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\windows\System32\wcncsvc.dll
22:30:08.0223 0x0560  wcncsvc - ok
22:30:08.0245 0x0560  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:30:08.0282 0x0560  WcsPlugInService - ok
22:30:08.0317 0x0560  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
22:30:08.0336 0x0560  Wd - ok
22:30:08.0382 0x0560  [ 07D19A55CD27B330534D2DDEA60D5FC6, 9C9441EA6943481838F61FD929F88FE25DC60BB8513A2C01CB4712918A883E3F ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
22:30:08.0401 0x0560  WdBoot - ok
22:30:08.0458 0x0560  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
22:30:08.0511 0x0560  Wdf01000 - ok
22:30:08.0544 0x0560  [ CEBD9CDAADA11FAECCA82E4C06BCDD8E, 6D6E4BF0EB97004F9C07327923C9BD2B451FDDA567FAF39556595302EE5A1A54 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
22:30:08.0573 0x0560  WdFilter - ok
22:30:08.0590 0x0560  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
22:30:08.0640 0x0560  WdiServiceHost - ok
22:30:08.0650 0x0560  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
22:30:08.0690 0x0560  WdiSystemHost - ok
22:30:08.0728 0x0560  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\windows\System32\webclnt.dll
22:30:08.0772 0x0560  WebClient - ok
22:30:08.0807 0x0560  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
22:30:08.0845 0x0560  Wecsvc - ok
22:30:08.0875 0x0560  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
22:30:08.0937 0x0560  wercplsupport - ok
22:30:08.0986 0x0560  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
22:30:09.0067 0x0560  WerSvc - ok
22:30:09.0101 0x0560  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
22:30:09.0123 0x0560  WFPLWFS - ok
22:30:09.0146 0x0560  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
22:30:09.0232 0x0560  WiaRpc - ok
22:30:09.0264 0x0560  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
22:30:09.0284 0x0560  WIMMount - ok
22:30:09.0305 0x0560  WinDefend - ok
22:30:09.0399 0x0560  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
22:30:09.0470 0x0560  WinHttpAutoProxySvc - ok
22:30:09.0578 0x0560  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
22:30:09.0612 0x0560  Winmgmt - ok
22:30:09.0756 0x0560  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\windows\system32\WsmSvc.dll
22:30:09.0931 0x0560  WinRM - ok
22:30:10.0054 0x0560  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\windows\System32\wlansvc.dll
22:30:10.0156 0x0560  WlanSvc - ok
22:30:10.0376 0x0560  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
22:30:10.0502 0x0560  wlidsvc - ok
22:30:10.0530 0x0560  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
22:30:10.0551 0x0560  WmiAcpi - ok
22:30:10.0620 0x0560  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
22:30:10.0681 0x0560  wmiApSrv - ok
22:30:10.0721 0x0560  WMPNetworkSvc - ok
22:30:10.0797 0x0560  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
22:30:10.0836 0x0560  wpcfltr - ok
22:30:10.0871 0x0560  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
22:30:10.0898 0x0560  WPCSvc - ok
22:30:10.0927 0x0560  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
22:30:10.0958 0x0560  WPDBusEnum - ok
22:30:10.0974 0x0560  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
22:30:10.0996 0x0560  WpdUpFltr - ok
22:30:11.0021 0x0560  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
22:30:11.0059 0x0560  ws2ifsl - ok
22:30:11.0091 0x0560  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\windows\System32\wscsvc.dll
22:30:11.0121 0x0560  wscsvc - ok
22:30:11.0153 0x0560  [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice  C:\windows\System32\drivers\WSDPrint.sys
22:30:11.0193 0x0560  WSDPrintDevice - ok
22:30:11.0216 0x0560  [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan         C:\windows\system32\DRIVERS\WSDScan.sys
22:30:11.0240 0x0560  WSDScan - ok
22:30:11.0246 0x0560  WSearch - ok
22:30:11.0388 0x0560  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\windows\System32\WSService.dll
22:30:11.0543 0x0560  WSService - ok
22:30:11.0750 0x0560  [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv        C:\windows\system32\wuaueng.dll
22:30:12.0016 0x0560  wuauserv - ok
22:30:12.0055 0x0560  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
22:30:12.0090 0x0560  WudfPf - ok
22:30:12.0118 0x0560  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
22:30:12.0188 0x0560  WUDFSensorLP - ok
22:30:12.0222 0x0560  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
22:30:12.0267 0x0560  wudfsvc - ok
22:30:12.0281 0x0560  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
22:30:12.0310 0x0560  WUDFWpdFs - ok
22:30:12.0356 0x0560  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\windows\System32\wwansvc.dll
22:30:12.0419 0x0560  WwanSvc - ok
22:30:12.0522 0x0560  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
22:30:12.0558 0x0560  ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
22:30:14.0990 0x0560  Detect skipped due to KSN trusted
22:30:14.0990 0x0560  ZAtheros Bt and Wlan Coex Agent - ok
22:30:15.0011 0x0560  ================ Scan global ===============================
22:30:15.0067 0x0560  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
22:30:15.0104 0x0560  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
22:30:15.0150 0x0560  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
22:30:15.0206 0x0560  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
22:30:15.0225 0x0560  [ Global ] - ok
22:30:15.0225 0x0560  ================ Scan MBR ==================================
22:30:15.0242 0x0560  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:30:15.0398 0x0560  \Device\Harddisk0\DR0 - ok
22:30:15.0399 0x0560  ================ Scan VBR ==================================
22:30:15.0427 0x0560  [ C59829875EA55B48FDCBB88AC31195A0 ] \Device\Harddisk0\DR0\Partition1
22:30:15.0435 0x0560  \Device\Harddisk0\DR0\Partition1 - ok
22:30:15.0449 0x0560  [ 127452AEA3CD5AEBE9C54BC4FAB93432 ] \Device\Harddisk0\DR0\Partition2
22:30:15.0461 0x0560  \Device\Harddisk0\DR0\Partition2 - ok
22:30:15.0473 0x0560  [ 56D5D2E7EDDF4A72608A68FB258A8D17 ] \Device\Harddisk0\DR0\Partition3
22:30:15.0473 0x0560  \Device\Harddisk0\DR0\Partition3 - ok
22:30:15.0486 0x0560  [ A990D0DAB4D294BFA86536C4206DAF53 ] \Device\Harddisk0\DR0\Partition4
22:30:15.0495 0x0560  \Device\Harddisk0\DR0\Partition4 - ok
22:30:15.0524 0x0560  [ AC330A682505943AD246489966BBDE64 ] \Device\Harddisk0\DR0\Partition5
22:30:15.0538 0x0560  \Device\Harddisk0\DR0\Partition5 - ok
22:30:15.0551 0x0560  [ 7FCCB692F2E33BE6E091AD539912E4FA ] \Device\Harddisk0\DR0\Partition6
22:30:15.0553 0x0560  \Device\Harddisk0\DR0\Partition6 - ok
22:30:15.0553 0x0560  Waiting for KSN requests completion. In queue: 38
22:30:16.0553 0x0560  Waiting for KSN requests completion. In queue: 38
22:30:17.0554 0x0560  Waiting for KSN requests completion. In queue: 38
22:30:18.0597 0x0560  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
22:30:18.0613 0x0560  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x41000 ( enabled : updated )
22:30:18.0629 0x0560  Win FW state via NFP2: enabled
22:30:21.0052 0x0560  ============================================================
22:30:21.0052 0x0560  Scan finished
22:30:21.0052 0x0560  ============================================================
22:30:21.0062 0x0d10  Detected object count: 0
22:30:21.0062 0x0d10  Actual detected object count: 0
22:30:30.0856 0x07d0  Deinitialize success
         
Hallo Machiavelli,

nach einem Neustart wurde ich von Avast mit einer Updateaufforderung begrüßt.
Habe dieses Update auch durchgeführt.

Avast erscheint jetzt auch wieder rechts unten in der Liste.

Gefühlt ist das ja schon mal ganz gut, oder?

Grüße Christian

Alt 10.05.2014, 22:25   #7
Machiavelli
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Hey,
schaut viel besser aus!

Schritt 1: Adwarecleaner Löschen

Bitte lass noch alle Funde von Adwarecleaner entfernen.
  • Schließe alle offenen Programme und Browser.
  • Starte bitte Adwarecleaner.
  • Akzeptiere die Nutzungsbedingungen.
  • Klicke auf Suchen und warte, bis der Suchlauf abgeschlossen ist.
  • Klicke nun auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
    Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Sx].txt. (x = fortlaufende Nummer).

Schritt 2: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 3: EmsiSoft

Lade Dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
  • Führe die mbrmastr.exe aus.
  • Drücke auf Backup MBR und speichere es als unknown auf den Desktop.

  • Schließe dann das Programm wieder.
  • Packe die erstellte unknown.mbr in ein zip-Archiv (Rechtsklick -> Senden an -> Zip-komprimierten Ordner) und hänge die Datei hier an.
  • Auf dem Desktop wird ebenfalls eine Textdatei MBRMastr_<date>_<time>.txt erstellt. Poste deren Inhalt bitte hier.

Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Navigiere nun in der Suchleiste zu
    Code:
    ATTFilter
    C:\Users\***\Desktop\unknown.mbr
             
  • und klicke auf Öffnen.
  • Klicke auf Scannen!
  • Warte bitte bis die Datei vollständig hochgeladen wurde.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.

Schritt 4: Security Check

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.


Schritt 5: Frage

Wie läuft das System nun?

Alt 10.05.2014, 22:45   #8
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Hier die Logdatei von ADWCleaner:

Code:
ATTFilter
# AdwCleaner v3.207 - Bericht erstellt am 10/05/2014 um 21:58:13
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : mip-admin - ESMERALDA
# Gestartet von : C:\Users\mip-admin\Desktop\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : SearchAnonymizer

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gefunden : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Ordner Gefunden : C:\Program Files (x86)\Iminent
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\DesktopIconForAmazon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\file scout
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\Iminent
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\OCS
Ordner Gefunden : C:\Users\mip-admin\AppData\LocalLow\Delta

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : HKLM\SOFTWARE\80dc8fb73bec48
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Speedchecker Limited
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Startup_urls] : hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91
Gefunden [Homepage] : hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91
Gefunden [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gefunden [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl

[ Datei : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl

*************************

AdwCleaner[R0].txt - [12086 octets] - [10/05/2014 21:58:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12147 octets] ##########
         

Alt 10.05.2014, 22:50   #9
Machiavelli
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Bitte achte auf meinen Anweisungen. Wenn Du mit Adwarecleaner suchst, musst Du dann auch auf Löschen klicken. So mache Schritt #1 nochmal und das ganz genau Was ist mit den anderen Logs?

Alt 10.05.2014, 22:53   #10
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



mbam.txt:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 10.05.2014
Suchlauf-Zeit: 23:26:10
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.1.1004
Malware Datenbank: v2014.05.10.10
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: mip-admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 295030
Verstrichene Zeit: 22 Min, 49 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 18
PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [5270bf90c3b8b383c3c6223621e1bd43], 
PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [5270bf90c3b8b383c3c6223621e1bd43], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [ab1707480576e74f669086d20ff37a86], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [ab1707480576e74f669086d20ff37a86], 
PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [665cc88735462a0c74145efa14ee03fd], 
PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [665cc88735462a0c74145efa14ee03fd], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [408248079eddef47a12edc7db64c867a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [cff38dc2ea91d363ece4154455ad8f71], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, In Quarantäne, [3c867cd3c6b5979f93dccdc8aa589e62], 
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BabylonToolbar, In Quarantäne, [a81a86c96f0ce45253f95d5124df6c94], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, In Quarantäne, [2f93bf9052292f075a19c6e4f70c37c9], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [952dc08fdf9c7abc4032545620e334cc], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [863c99b63e3d91a55a16a1f413ef10f0], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, In Quarantäne, [734fda75403b62d4d7a4a407e023dc24], 
PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA, In Quarantäne, [c200d679bcbf40f6af616b3ec63de11f], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, In Quarantäne, [408285ca5e1d4de9fa01bcc2dc26b64a], 
PUP.Optional.Iminent, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, In Quarantäne, [e7db4e013c3f7cba6629cdf3739012ee], 
PUP.Optional.BProtector.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, In Quarantäne, [437f89c6aad1a2948549911c4cb7c53b], 

Registrierungswerte: 4
PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|tlbrSrchUrl, In Quarantäne, [c200d679bcbf40f6af616b3ec63de11f], 
PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|lastB, hxxp://www2.delta-search.com/?affID=119828&babsrc=HP_ss&mntrId=C62F2A67B06ED77F, In Quarantäne, [4b77b897700bc2744245a11054aff40c]
PUP.BProtector, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www2.delta-search.com/?affID=119828&babsrc=HP_ss&mntrId=C62F2A67B06ED77F, In Quarantäne, [cef4ce8189f288aef282fdadf11209f7]
PUP.BProtector, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [1da5a7a8a2d986b00a6b1d8d26dd8e72]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 33
PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Roaming\Iminent\Mediator, In Quarantäne, [b909450a0f6c93a395ba3d2f877bb64a], 
PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Roaming\Iminent\Mediator\Datas, In Quarantäne, [b909450a0f6c93a395ba3d2f877bb64a], 
PUP.Optional.FileScout.A, C:\Users\Chef\AppData\Roaming\FILE SCOUT, In Quarantäne, [665cd877780371c51a82224aff037c84], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\images, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\lib, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\1, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\1\de, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\1\Webmail, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\28, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\28\de, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\28\Webmail, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\default, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\default\de, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\default\Webmail, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\default\Webmail\Webmail, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\advertising, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\fx2, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\fx2\off, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\fx2\on, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\images, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\images\emoji, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\images\ql, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\games, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\menu_page, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\_locales, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\_locales\en, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\_locales\fr, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 

Dateien: 431
PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\CHROME-EXTENSION_IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL_0.LOCALSTORAGE, In Quarantäne, [b70be56ab6c5d561e2c663199a68d32d], 
PUP.Optional.Iminent.A, C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\CHROME-EXTENSION_IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL_0.LOCALSTORAGE, In Quarantäne, [cbf71f308bf0989ec2e694e8a26025db], 
PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat, In Quarantäne, [b909450a0f6c93a395ba3d2f877bb64a], 
PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Roaming\Iminent\Mediator\Datas\user.dat, In Quarantäne, [b909450a0f6c93a395ba3d2f877bb64a], 
PUP.Optional.FileScout.A, C:\Users\Chef\AppData\Roaming\File Scout\uninst.exe, In Quarantäne, [665cd877780371c51a82224aff037c84], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\manifest.json, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\images\icon_19.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\images\logo128.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\images\logo16.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\images\logo48.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\background.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\contentScript.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\SOAP.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\lib\base64.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\lib\jquery.min.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\config.xml, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\minibar.min.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\template.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\translations.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\drivingitalia.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\guiadohardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\meebo.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\poptropica.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\01net.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\amazon.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\antronio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ask.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\autoscout.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\avmagazine.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\banners-test.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\basecamphq.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\blog.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\blogger.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\bomnegocio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ciao.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\conduit.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\craigslist.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\dailymotion.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\dailymotion.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\diretta.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ebay.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ebayit.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ehow.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\everyeye.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\facebook.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\facebook.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\flickr.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\forum.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\forumVB.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\foxsports.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\france_hardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\friv.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\funutilities.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\gamekult.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\gamesvillage.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\globo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\google-map.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\google-map.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\gumtree.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\hardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\hi5.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\hi5.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ilmeteo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\imdb.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\imdb.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\iminent_default.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\inbox.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\indeed.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\infos_du_net.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\jappy.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\leboncoin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\libero.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\linkedin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\lokalisten.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\macitynet.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\marca.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\meebo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\meteonetwork.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\milanuncios.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\movie2k.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\mundoanuncio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\myspace.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\myspace.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\netlog.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\nexopia.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\nexopia.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\nirvam.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ohmydollz.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\orkut.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\orkut.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\pagesjaunes.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\photobucket.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\pinterest.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\pof.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\prodigy_msn.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\roblox.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\schueler.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\segundamano.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\shopping.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\skype.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\skyrock.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\subito.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\t-online.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\t-online.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\tagged.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\taringa.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\taringa.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\terra.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\tibiabr.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\tiscali.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\tripadvisor.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\twitter.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\twitter.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ultrasurf.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\uol.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\v9.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\virgilio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\voila.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\walmart.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\weather.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\web.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\wordpress.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\wp-admin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\xvideos.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yahoo.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yahoo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yammer.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yellowpages.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yelp.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\youtube.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\youtube.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\lokalisten.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\lokalisten.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\schueler.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\schueler.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\stayfriends.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\stayfriends.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\studivz.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\studivz.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\wer-kennt-wen.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\wer-kennt-wen.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\aol.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\aol.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\gmail.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\gmail.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\hotmail.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\hotmail.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\orange.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\outlook.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\drivingitalia.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\guiadohardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\meebo.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\poptropica.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\01net.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\amazon.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\antronio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ask.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\autoscout.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\avmagazine.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\banners-test.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\basecamphq.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\blog.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\blogger.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\bomnegocio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ciao.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\conduit.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\craigslist.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\dailymotion.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\dailymotion.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\diretta.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ebay.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ebayit.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ehow.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\everyeye.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\facebook.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\facebook.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\flickr.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\forum.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\forumVB.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\foxsports.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\france_hardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\friv.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\funutilities.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\gamekult.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\gamesvillage.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\globo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\google-map.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\google-map.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\gumtree.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\hardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\hi5.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\hi5.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ilmeteo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\imdb.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\imdb.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\iminent_default.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\inbox.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\indeed.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\infos_du_net.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\jappy.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\leboncoin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\libero.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\linkedin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\lokalisten.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\macitynet.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\marca.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\meebo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\meteonetwork.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\milanuncios.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\movie2k.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\mundoanuncio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\myspace.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\myspace.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\netlog.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\nexopia.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\nexopia.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\nirvam.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ohmydollz.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\orkut.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\orkut.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\pagesjaunes.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\photobucket.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\pinterest.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\pof.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\prodigy_msn.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\roblox.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\schueler.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\segundamano.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\shopping.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\skype.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\skyrock.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\subito.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\t-online.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\t-online.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\tagged.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\taringa.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\taringa.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\terra.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\tibiabr.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\tiscali.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\tripadvisor.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\twitter.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\twitter.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ultrasurf.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\uol.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\v9.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\virgilio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\voila.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\walmart.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\weather.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\web.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\wordpress.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\wp-admin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\xvideos.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yahoo.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yahoo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yammer.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yellowpages.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yelp.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\youtube.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\youtube.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\lokalisten.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\lokalisten.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\schueler.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\schueler.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\stayfriends.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\stayfriends.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\studivz.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\studivz.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\wer-kennt-wen.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\wer-kennt-wen.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\aol.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\aol.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\gmail.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\gmail.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\hotmail.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\hotmail.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\orange.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\outlook.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\advertising\AdFrame.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\advertising\adsmanagement.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\advertising\rmx.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\led_background.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\blink.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\flip.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\led.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\rainbow.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\typed.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\wave.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\blink.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\flip.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\led.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\rainbow.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\typed.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\wave.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\googleimagesbuttonNEW.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\arrow.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ArrowExpandBar.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\BkgExpandBar.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\btnPinterest.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\close.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\default_icon.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\default_icon_states.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\Expand-26x24.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\fb-bg-sprite.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\fbcoverimage.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\fbimagenotheater.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\fbimageview.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\FB_Share.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\FB_Share_Tiny.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\gifts.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\googleimagesbutton.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\help.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\home.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin1_409daae67f73f4fb84c27d6d70463f2b.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin_bg.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin_hf.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin_vf.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\iminentbutton.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\iminentbutton_bg.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\InviteFriends.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\LeftExpandBar.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\leftTooltip.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\Line.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\Line2.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\logo48.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\mailfooter.jpg, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\Minibar_buttons.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\new.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\notification.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ql_popup3.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\RightExpandBar.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\rightTooltip.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\s10.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\search.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\separator.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\social_games.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\TellAFriendBackground.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\toolbarbutton_bg.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\toolbar_bg.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\tooltipArrow.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ui-check-box-checked.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ui-check-box.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B0.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9299.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\E29ABD.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\E29BB5.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8C99.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8C9F.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8CB9.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8D80.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8DBB.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8E81.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8E89.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8EB1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8EB6.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8EB8.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F908D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90A7.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90AC.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90AE.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90AF.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B4.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B6.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B7.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B9.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F918C.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F918D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F918E.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F91BD.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9280.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9284.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F928B.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F928D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F928F.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9293.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9294.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9297.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F929B.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F929C.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F929D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F92A4.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F92A9.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F92AA.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F93B1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F94A5.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9881.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9882.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9884.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9889.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F988A.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F988C.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F988D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9892.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9893.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9894.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9896.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9898.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F989A.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F989C.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F98A1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F98AD.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F98B2.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F98B3.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9A97.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9ABD.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ql\add-icon.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ql\close-icon.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ql\logo.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\gameiframe1.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\gameiframe2.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\gameiframe3.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\gameiframe4.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\games.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\games.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1031.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1033.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1036.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1040.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1048.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1055.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\2070.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\3082.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\ShareMenu.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\_locales\en\messages.json, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\_locales\fr\messages.json, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], 
PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (   "homepage": "hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91",), Ersetzt,[0fb3b49b572483b3ec1aa7c82fd5fb05]
PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91", "hxxp://www.google.com" ],), Ersetzt,[caf8e06f5e1ddb5b1523fe71f60eb44c]

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Geändert von trojakick (10.05.2014 um 22:55 Uhr) Grund: ... hat irgenwie nicht funktioniert...

Alt 10.05.2014, 22:56   #11
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



MBR Master:

Code:
ATTFilter
Detected Windows version: 6.2 Build 9200 
Installing direct disk access driver ...
Driver connection handle: 0x00000154
1 valid drive(s) found.

Details for Disk 0 - ST500LM012 HN-M500MBB Rev 2AR10002:
  Device name              : \\.\PhysicalDrive0
  Geometry (C/H/S)         : 60801/255/63
  Boot loader reputation   : Unknown
  Cross view comparison    : Passed
  Partition table integrity: Passed

  Boot loader hashes
    SHA-1                  : 639AC5CDF8A5CF3245975932C6A4215450A7B98F
    MD5                    : 5FB38429D5D77768867C76DCBDB35194
         
https://www.virustotal.com/de/file/6b95a410e1873b809f46880b416653016a5aa8fa1f08445ddd12c9b965dc709d/analysis/1399757679/

checkup.txt:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Google Chrome 34.0.1847.116  
 Google Chrome 34.0.1847.131  
````````Process Check: objlist.exe by Laurent````````  
 Intel iCLS Client AvastSvc.exe -?-  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
So, hier also die aktuellen Ergebnisse...

Alt 10.05.2014, 23:02   #12
Machiavelli
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Du solltest noch das Adwarecleaner Lösch Log posten, es sollte hier zu finden sein: C:\AdwCleaner\AdwCleaner[Sx].txt

Wenn nicht, mache das nochmal, und beachte die Anweisungen gründlich:
  • Schließe alle offenen Programme und Browser.
  • Starte bitte Adwarecleaner.
  • Akzeptiere die Nutzungsbedingungen.
  • Klicke auf Suchen und warte, bis der Suchlauf abgeschlossen ist.
  • Klicke nun auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
    Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Sx].txt. (x = fortlaufende Nummer).

Wie läuft Dein PC?

Alt 10.05.2014, 23:03   #13
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Sorry, da hab ich vorhin wohl nicht richtig aufgepasst...

Hier nun die ADW-Logdatei nach dem soeben erfolgten Neustart:

Code:
ATTFilter
# AdwCleaner v3.207 - Bericht erstellt am 10/05/2014 um 23:59:07
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : mip-admin - ESMERALDA
# Gestartet von : C:\Users\mip-admin\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SearchAnonymizer

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Chef\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Chef\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Chef\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Chef\AppData\Roaming\OCS

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\80dc8fb73bec48
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gelöscht [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl

[ Datei : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl

*************************

AdwCleaner[R0].txt - [12428 octets] - [10/05/2014 21:58:45]
AdwCleaner[R1].txt - [10523 octets] - [10/05/2014 23:58:11]
AdwCleaner[S0].txt - [10255 octets] - [10/05/2014 23:59:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10316 octets] ##########
         

Alt 10.05.2014, 23:06   #14
Machiavelli
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Wie läuft der PC?

Alt 10.05.2014, 23:12   #15
trojakick
 
Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Standard

Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B



Ich würde sagen aktuell keine Auffälligkeiten.

Avast ist auch noch vorhanden.
Vorhin (einige Zeit vor dem Neustart) hatte ich eine Phase von ein paar Minuten, da gab griff der PC sehr viel auf die Platte zu, obwohl weder ein Scan, noch sonst irgendwas lief.

Momentan ist diesbezüglich aber keine erhöhte Aktivität festzustellen.

Antwort

Themen zu Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B
acrobat update, association, branding, canon, device driver, iexplore.exe, pup.bprotector, pup.optional.babylon.a, pup.optional.babylontoolbar.a, pup.optional.bprotector.a, pup.optional.conduit, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.filescout.a, pup.optional.iminent, pup.optional.iminent.a, rojaner gefunden, services.exe, svchost.exe, trojan-fdxu!4f37bb0a5e3b, win32/toolbar.babylon.i, win32/toolbar.escort.a, win32/toolbar.montiera.a, win32/toolbar.montiera.b, win32/toolbar.montiera.f, win32/toolbar.montiera.j, windows 8, windowsapps




Ähnliche Themen: Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B


  1. Windows 7: Trojan.Zmutzy.36 gefunden
    Log-Analyse und Auswertung - 27.11.2015 (11)
  2. Windows 7, Avast hat Win32: Trojan-gen gefunden.
    Plagegeister aller Art und deren Bekämpfung - 24.06.2015 (22)
  3. Windows 7: Trojan.GenericKD.2460578 (B) gefunden
    Log-Analyse und Auswertung - 05.06.2015 (10)
  4. Trojaner Trojan.download gefunden
    Log-Analyse und Auswertung - 28.01.2014 (5)
  5. Windows Vista: MBAM hat 15 infizierte Objekte gefunden u.a. Trojan.Agent
    Plagegeister aller Art und deren Bekämpfung - 02.11.2013 (9)
  6. Trojaner gefunden - trojan.Zaccess
    Log-Analyse und Auswertung - 03.09.2013 (19)
  7. Trojaner gefunden (Trojan.Spyeyes,Trojan.Agent.Gen...): wie gehe ich vor?
    Plagegeister aller Art und deren Bekämpfung - 25.02.2013 (11)
  8. Trojaner gefunden: Win 32:Patcher [Trj], Win.Trojan.Agent-36124, Win.Trojan.Agent-44393
    Log-Analyse und Auswertung - 02.02.2013 (7)
  9. Trojan.Agent, Trojan.FakeAltert, Trojan.Hiloti.Gen gefunden und gelöscht,aber wirklich weg?
    Log-Analyse und Auswertung - 27.04.2011 (11)
  10. Trojan.BHO, Spyware.Passwords.XGen, Trojan.Dropper und Trojan.Agent mit Malware gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (9)
  11. C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) ua mit mwbam gefunden...
    Plagegeister aller Art und deren Bekämpfung - 15.11.2010 (1)
  12. TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\d3dsrv.dll gefunden
    Plagegeister aller Art und deren Bekämpfung - 31.03.2010 (35)
  13. TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\sysayg.dll gefunden
    Plagegeister aller Art und deren Bekämpfung - 31.03.2010 (32)
  14. TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\d3dsloak.dll gefunden
    Plagegeister aller Art und deren Bekämpfung - 30.03.2010 (6)
  15. C:\Windows\system32\twext.exe TR/Spy.ZBot.dp.6 Trojan gefunden
    Log-Analyse und Auswertung - 29.09.2009 (2)
  16. Windows Security Alert / Mehrere Trojaner gefunden u.a. Trojan-Spy.Win32.GreenScreen
    Plagegeister aller Art und deren Bekämpfung - 01.09.2008 (12)
  17. Trojaner gefunden : TR/Wimad.A.Gen - Trojan
    Log-Analyse und Auswertung - 27.06.2008 (11)

Zum Thema Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B - Hallo zusammen, nachdem ich vor einiger Zeit schon mal Hilfe bei euch gefunden habe, hoffe ich auch dieses mal wieder auf eure Unterstützung. Vielen Dank dafür schon mal im Voraus! - Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B...
Archiv
Du betrachtest: Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.