Win 7, Datenträger neuerdings 100% Auslastung

DeSergo · 18.09.2015, 15:20

Hallo liebe Leute,

seit 1-2 Wochen habe ich mit dem Problem zu kämpfen, dass mein Laptop (HP Pavilion g6) immer wieder stockt/"laggt". Nach einigem Suchen und Reinigen usw habe ich das Problem unter Taskmanager/Resourcenmonitor insofern entdeckt, dass meine Festplatte bei einer Lese-/und Schreibrate von 2-3MB/s auf 100 % ist.

Ich spiele die meiste Zeit auf dem "Kasten", schreibe aber auch Briefe, arbeite mit Excel usw.
So ist es nunmal, dass der Laptop unabdingbar für mich ist. Jedoch ruckelt es nicht nur im Spiel, was verkraftbar gewesen wäre, sondern bei sämtlichen Aktionen.

Laptop ist 4 oder 5 Jahre alt.

Habe bereits soweit wie möglich demontiert und gereinigt (an den Lüfter bin ich nicht gekommen, war mir dann zu heikel) und habe mir auch ein Coolpad besorgt, welches meinen CPU, sowie die Festplatte ordentlich kühlt. Bringt jedoch nichts.

Virenscan mit Avira war Clean (1 versteckte Datei, die jedoch nach Reparatur immernoch da war), Microsoft Security Essentials ist aktiv und hatte auch auf höchster Suchstufe nichts gefunden.

Eckdaten:

HP Pavilion g6
Alter ca 4-5 Jahre
Win 7 Home Premium 64-bit SP1
Intel Core i5-2450M CPU @ 2,5GHz
6.0GB RAM
Intel HD Graphics Family
Festplatte: TOSHIBA MK5076GSX (System C : 163GB Frei von 440GB --> Rest sind 2 Parts [Recovery 20,6GB und HP-Tools 3,95GB)

Chkdsk habe ich gestartet, Fenster ist jedoch nun einfach verschwunden.

Starte gerade neu, kopiere alles was soweit durchläuft.

Zitat:

Der Typ des Dateisystems ist NTFS.

WARNUNG! Der Parameter F wurde nicht angegeben.
CHKDSK wird im schreibgeschützten Modus ausgeführt.

CHKDSK überprüft Dateien (Phase 1 von 3)...
445696 Datensätze verarbeitet.
Dateiüberprüfung beendet.
1160 große Datensätze verarbeitet.
0 ungültige Datensätze verarbeitet.
0 E/A-Datensätze verarbeitet.
72 Analysedatensätze verarbeitet.
CHKDSK überprüft Indizes (Phase 2 von 3)...
530022 Indexeinträge verarbeitet.
Indexüberprüfung beendet.
0 nicht indizierte Dateien überprüft.
0 nicht indizierte Dateien wiederhergestellt.
CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
445696 SDs/SIDs verarbeitet.
Überprüfung der Sicherheitsbeschreibungen beendet.
42164 Datendateien verarbeitet.
CHKDSK überprüft USN-Journal...

dann kamen noch 1-2 Zeilen und dann war es weg. USN-Journal wurde abgeschlossen, das konnte ich noch sehen.

Beim Stöbern der letzten Tage habe ich gelesen, dass RegisteryCleaner "doof" sind, habe ich bisher regelmäßig genutzt (CCleaner), werde davon aber die Finger lassen...

So, wenn mir irgendwer helfen könnte, wie ich mein System wieder flüssig bekomme, ohne alles neu aufzuspielen, oder gar eine neue Festplatte zu kaufen, wäre ich euch sehr Dankbar.

Freu mich sowieso über jegliche Hilfe.

Mit freundlichen Grüßen

Sergo

CrystalDiskInfo:

Zitat:

----------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 (C) 2008-2015 hiyohiyo
Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2015/09/18 16:27:50

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- TOSHIBA MK5076GSX
- hp CDDVDW SN-208BB
- Virtual CloneDrive [SCSI]
- A639CHL6 IDE Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK5076GSX : 500.1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MK5076GSX
----------------------------------------------------------------------------
Model : TOSHIBA MK5076GSX
Firmware : GS001C
Serial Number : 1297S83FS
Disk Size : 500.1 GB (8.4/137.4/500.1/500.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 13590 Std.
Power On Count : 1601 mal
Temperature : 34 C (93 F)
Health Status : Gut
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Lesefehlerrate
02 100 100 _50 000000000000 Datendurchsatz-Leistung
03 100 100 __2 000000000840 Mittlere Anlaufzeit
04 100 100 __0 000000000643 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 100 _50 000000000000 Suchfehler
08 100 100 _50 000000000000 Güte der Suchoperationen
09 _67 _67 __0 000000003516 Betriebsstunden
0A 132 100 _30 000000000000 Misslungene Spindelanläufe
0C 100 100 __0 000000000641 Geräte-Einschaltvorgänge
B7 100 100 __1 000000000000 Herstellerspezifisch
B8 100 100 _97 000000000000 Ende-zu-Ende-Fehler
B9 100 100 __1 00000000FFFF Herstellerspezifisch
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC 100 _99 __0 000000000001 Befehlszeitüberschreitung
BD 100 100 __1 000000000000 Übergeordnete Schreibvorgänge
BE _66 _39 _40 000422160022 Luftstromtemperatur
BF 100 100 __0 0000000010F9 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 000000180018 Ausschaltungsabbrüche
C1 _88 _88 __0 00000001E8AB Laden/Entladen-Zyklen
C4 100 100 __0 000000000000 Wiederzuweisungsereignisse
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2031 3239 3753 3833 4653
020: 0000 4000 0004 4753 3030 3143 2020 544F 5348 4942
030: 4120 4D4B 3530 3736 4753 5820 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0004 004C 004C
080: 01F8 0000 706B 7C09 6123 7069 BC09 6123 203F 0045
090: 0045 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 4000 0000 5000 0393
110: C590 2D67 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 87A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 27
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 64 64 40
020: 08 00 00 00 00 00 04 32 00 64 64 43 06 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 43 43 16 35 00 00 00
060: 00 00 0A 33 00 84 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 41 06 00 00 00 00 00 B7 32 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 B9 32 00 64 64 FF FF 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 63 01
0B0: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
0C0: 00 00 BE 22 00 42 27 22 00 16 22 04 00 00 BF 32
0D0: 00 64 64 F9 10 00 00 00 00 00 C0 22 00 64 64 18
0E0: 00 18 00 00 00 00 C1 32 00 58 58 AB E8 01 00 00
0F0: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C5 32
100: 00 64 64 00 00 00 00 00 00 00 C7 32 00 C8 C8 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 51
170: 03 00 01 00 02 8A 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 02 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 01 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 B9 01 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BD 01 00 00 00 00 00 00 00 00
0C0: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0F0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
100: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8B

Deathkid535 · 18.09.2015, 15:26

Hi,

bitte mal 2 Sachen machen

Schritt # 1: FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt # 2: Festplattencheck

Bitte diese Anleitung durchführen: Zustand der Festplatte herausfinden - so gehts - Anleitungen

DeSergo · 18.09.2015, 15:39

CrystalDiskInfo steht oben. Ist das so richtig reinzitiert?

Mache dies hier nochmal mit dem #-Symbol

Code:

ATTFilter

----------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 (C) 2008-2015 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
  Date : 2015/09/18 16:27:50

-- Controller Map ----------------------------------------------------------
 + Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
   - TOSHIBA MK5076GSX
   - hp CDDVDW SN-208BB
 - Virtual CloneDrive [SCSI]
 - A639CHL6 IDE Controller [SCSI]

-- Disk List ---------------------------------------------------------------
 (1) TOSHIBA MK5076GSX : 500.1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
 (1) TOSHIBA MK5076GSX
----------------------------------------------------------------------------
           Model : TOSHIBA MK5076GSX
        Firmware : GS001C
   Serial Number : 1297S83FS
       Disk Size : 500.1 GB (8.4/137.4/500.1/500.1)
     Buffer Size : 8192 KB
     Queue Depth : 32
    # of Sectors : 976773168
   Rotation Rate : 5400 RPM
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ----
   Transfer Mode : SATA/300 | SATA/300
  Power On Hours : 13590 Std.
  Power On Count : 1601 mal
     Temperature : 34 C (93 F)
   Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
       APM Level : 0080h [ON]
       AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Lesefehlerrate
02 100 100 _50 000000000000 Datendurchsatz-Leistung
03 100 100 __2 000000000840 Mittlere Anlaufzeit
04 100 100 __0 000000000643 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 100 _50 000000000000 Suchfehler
08 100 100 _50 000000000000 Güte der Suchoperationen
09 _67 _67 __0 000000003516 Betriebsstunden
0A 132 100 _30 000000000000 Misslungene Spindelanläufe
0C 100 100 __0 000000000641 Geräte-Einschaltvorgänge
B7 100 100 __1 000000000000 Herstellerspezifisch
B8 100 100 _97 000000000000 Ende-zu-Ende-Fehler
B9 100 100 __1 00000000FFFF Herstellerspezifisch
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC 100 _99 __0 000000000001 Befehlszeitüberschreitung
BD 100 100 __1 000000000000 Übergeordnete Schreibvorgänge
BE _66 _39 _40 000422160022 Luftstromtemperatur
BF 100 100 __0 0000000010F9 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 000000180018 Ausschaltungsabbrüche
C1 _88 _88 __0 00000001E8AB Laden/Entladen-Zyklen
C4 100 100 __0 000000000000 Wiederzuweisungsereignisse
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2031 3239 3753 3833 4653
020: 0000 4000 0004 4753 3030 3143 2020 544F 5348 4942
030: 4120 4D4B 3530 3736 4753 5820 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0004 004C 004C
080: 01F8 0000 706B 7C09 6123 7069 BC09 6123 203F 0045
090: 0045 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 4000 0000 5000 0393
110: C590 2D67 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 87A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 27
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 64 64 40
020: 08 00 00 00 00 00 04 32 00 64 64 43 06 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 43 43 16 35 00 00 00
060: 00 00 0A 33 00 84 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 41 06 00 00 00 00 00 B7 32 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 B9 32 00 64 64 FF FF 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 63 01
0B0: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
0C0: 00 00 BE 22 00 42 27 22 00 16 22 04 00 00 BF 32
0D0: 00 64 64 F9 10 00 00 00 00 00 C0 22 00 64 64 18
0E0: 00 18 00 00 00 00 C1 32 00 58 58 AB E8 01 00 00
0F0: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C5 32
100: 00 64 64 00 00 00 00 00 00 00 C7 32 00 C8 C8 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 51
170: 03 00 01 00 02 8A 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 02 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 01 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 B9 01 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BD 01 00 00 00 00 00 00 00 00
0C0: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0F0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
100: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8B

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Silvio (Administrator) auf SERGO (18-09-2015 16:33:08)
Gestartet von C:\Users\Silvio\Downloads
Geladene Profile: Silvio (Verfügbare Profile: Silvio)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Silvio\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Silvio\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(IObit) C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-15] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-04-04] (CANON INC.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Silvio\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8DC32674-8AEF-4B5F-B86E-3009C22E3F44}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ABD444E2-4354-47E4-8228-42011B05332F}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CAF95D7F-15A4-4324-9590-8A32120C8CC2}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{F09464EE-70DA-47EE-8F4E-0B8D23C6B6FE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FE594C77-0B17-4E2C-A8A6-7F92A376538E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2046019297-940583845-634688912-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
HKU\S-1-5-21-2046019297-940583845-634688912-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {88AEA96D-C839-4D40-9888-4DC0F37C806E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {88AEA96D-C839-4D40-9888-4DC0F37C806E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> {88AEA96D-C839-4D40-9888-4DC0F37C806E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-01] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-19] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-01] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-19] (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default
FF NewTab: 
FF Homepage: hxxp://sacreddarkbloods.0fees.net/forum/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN32865267281328231&UM=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-22] ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-06-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-22] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2012-05-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\user.js [2012-06-12]
FF Extension: Bloody Red - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2013-08-18]
FF Extension: InnoGames  - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677} [2015-07-16]
FF Extension: DSTimer - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\jid0-Ke6nJ8ztKzfA4ZFro0yoD2cIEgo@jetpack.xpi [2013-08-03]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: Adblock Plus - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-15]
FF Extension: Greasemonkey - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-28]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-08-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bfmogjcijkfeahcajecmmegieipfbdcc] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-08-18]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [Datei ist nicht signiert]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-07-21] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-24] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-07-21] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-21] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U3 a639chl6; C:\Windows\System32\Drivers\a639chl6.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-18 16:33 - 2015-09-18 16:34 - 00019982 _____ C:\Users\Silvio\Downloads\FRST.txt
2015-09-18 16:32 - 2015-09-18 16:33 - 00000000 ____D C:\FRST
2015-09-18 16:30 - 2015-09-18 16:31 - 02191360 _____ (Farbar) C:\Users\Silvio\Downloads\FRST64.exe
2015-09-18 16:25 - 2015-09-18 16:26 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2015-09-18 16:25 - 2015-09-18 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-09-18 16:23 - 2015-09-18 16:24 - 03908184 _____ (Crystal Dew World ) C:\Users\Silvio\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-09-18 16:23 - 2015-09-18 16:24 - 00511764 _____ C:\Users\Silvio\Downloads\openhardwaremonitor-v0.7.1-beta.zip
2015-09-18 15:34 - 2015-09-18 15:34 - 00000356 _____ C:\Windows\PFRO.log
2015-09-18 15:34 - 2015-09-18 15:34 - 00000056 _____ C:\Windows\setupact.log
2015-09-18 15:34 - 2015-09-18 15:34 - 00000000 _____ C:\Windows\setuperr.log
2015-09-16 19:39 - 2015-09-17 22:44 - 00007625 _____ C:\Users\Silvio\AppData\Local\Resmon.ResmonCfg
2015-09-15 19:23 - 2015-09-15 19:23 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\Windows Live Writer
2015-09-15 19:23 - 2015-09-15 19:23 - 00000000 ____D C:\Users\Silvio\AppData\Local\Windows Live Writer
2015-09-15 18:59 - 2015-09-15 18:59 - 00001185 _____ C:\Users\Silvio\Desktop\fxlaunch - Verknüpfung.lnk
2015-09-03 20:51 - 2015-09-03 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-28 01:27 - 2015-08-29 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-18 16:04 - 2015-04-25 11:49 - 01606158 _____ C:\Windows\WindowsUpdate.log
2015-09-18 15:52 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-18 15:52 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-18 15:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-17 22:53 - 2012-04-18 14:04 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\TS3Client
2015-09-17 22:22 - 2013-12-26 21:13 - 00011264 ___SH C:\Users\Silvio\Thumbs.db
2015-09-17 22:13 - 2012-04-13 17:59 - 00000000 ___RD C:\Users\Silvio\Desktop\Laptop alt
2015-09-17 22:12 - 2012-04-13 17:47 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{444BB6B4-811B-4C44-8F10-9485636B5280}
2015-09-17 21:52 - 2012-05-27 22:32 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-09-15 20:29 - 2012-04-16 16:20 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\vlc
2015-09-15 19:23 - 2014-10-30 20:56 - 00000000 ____D C:\Users\Silvio\AppData\Local\Windows Live
2015-09-15 17:57 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-13 16:15 - 2011-11-04 13:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-13 15:10 - 2015-01-28 17:32 - 00000000 ____D C:\Users\Silvio\Desktop\Screens AOW
2015-09-13 10:43 - 2014-12-20 18:46 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForSilvio.job
2015-09-12 17:42 - 2014-12-20 18:46 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSilvio
2015-09-11 06:24 - 2012-04-15 21:00 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\Skype
2015-09-05 00:52 - 2013-01-27 21:16 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\SoftGrid Client
2015-09-03 20:51 - 2011-11-04 13:40 - 00000000 ____D C:\ProgramData\Skype
2015-08-30 12:34 - 2012-05-03 18:11 - 00000000 ____D C:\Users\Silvio\AppData\Local\CrashDumps
2015-08-29 10:59 - 2012-05-06 15:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 13:58 - 2013-09-01 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-25 21:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-05-22 21:22 - 2010-10-21 02:00 - 0436736 _____ (MinecraftSistem) C:\Users\Silvio\AppData\Roaming\Launcher.exe
2015-09-16 19:39 - 2015-09-17 22:44 - 0007625 _____ () C:\Users\Silvio\AppData\Local\Resmon.ResmonCfg
2013-05-08 23:55 - 2013-05-08 23:55 - 0000003 _____ () C:\Users\Silvio\AppData\Local\updater.log
2013-05-08 23:55 - 2015-04-23 15:59 - 0000424 _____ () C:\Users\Silvio\AppData\Local\UserProducts.xml
2013-04-24 17:47 - 2013-04-28 09:55 - 0000138 _____ () C:\ProgramData\lmabscan.log

Einige Dateien in TEMP:
====================
C:\Users\Silvio\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-13 11:54

==================== Ende von FRST.txt ============================

Hätte ich auch gleich meinen Namen als Nicknamen nutzen können

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Silvio (2015-09-18 16:35:54)
Gestartet von C:\Users\Silvio\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-13 15:42:48)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2046019297-940583845-634688912-500 - Administrator - Disabled)
Gast (S-1-5-21-2046019297-940583845-634688912-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2046019297-940583845-634688912-1005 - Limited - Enabled)
Silvio (S-1-5-21-2046019297-940583845-634688912-1000 - Administrator - Enabled) => C:\Users\Silvio

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Wulin (HKLM-x32\...\{30B26714-3C49-4E6E-B236-3313B1257DE9}) (Version: 0.0.1.032 - Webzen)
Akamai NetSession Interface (HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{70F55D70-7E5F-6291-4924-2F7640F19BFE}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AuthenTec TrueAPI (Version: 1.3.0.139 - AuthenTec, Inc.) Hidden
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
Canon iP4500 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series) (Version:  - )
Canon iP4500 series Benutzerregistrierung (HKLM-x32\...\Canon iP4500 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3243 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cossacks - Back To War (HKLM-x32\...\Cossacks : Back To War) (Version:  - )
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dethkarz (HKLM-x32\...\Dethkarz) (Version:  - )
D-Fend Reloaded 1.2.1 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.2.1 - Alexander Herzog)
Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version:  - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GrandFantasia-DE (HKLM-x32\...\GrandFantasia-DE) (Version:  - )
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Documentation (HKLM-x32\...\{BC6CB499-9F29-4B41-8B8B-FA7248525256}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}) (Version: 2.5.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{562608FE-2051-4488-BF22-8CE4C03046AC}) (Version: 1.0.12 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{4741965C-AFD0-4D00-81D1-1039F96D4DC3}) (Version: 5.3.0.264 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{0718D10B-12A0-452F-ACD7-5E6A54E38B8E}) (Version: 4.5.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kingsoft Presentation  (8.1.0.3030) (HKLM-x32\...\Kingsoft Presentation) (Version: 8.1.0.3030 - Kingsoft Corp.)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
o.tel.o (HKLM-x32\...\o.tel.o) (Version: 16.001.06.07.35 - Huawei Technologies Co.,Ltd)
Objekteditor Version 2.0 (HKLM-x32\...\Objekteditor 2000_is1) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Port Royale 2 (HKLM-x32\...\Port Royale 2) (Version:  - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.02.0 - Ralink)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
RTPatch Update (HKLM-x32\...\RTPatch_is1) (Version:  - PocketSoft)
Sacred (HKLM-x32\...\Sacred_is1) (Version:  - Ascaron Entertainment GmbH)
Sacred 2 - Fallen Angel (HKLM-x32\...\{7D0AEAD8-07FA-4C4D-9347-E7FBC5534B73}) (Version: 2.43.0.0 - Deep Silver)
Sacred DarkBloods Version 3.0 (HKLM-x32\...\{B2FA9E12-1D53-48CC-B18A-A811833B217B}_is1) (Version: 3.0 - DarkBloods)
Scorched3D 43.3d (HKLM-x32\...\Scorched3D) (Version: 43.3d - Scorched)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1 (HKLM-x32\...\VGhlIEVsZGVyIFNjcm9sbHMgViBTa3lyaW0gRHJhZ29uYm9y~2F14EC6B_is1) (Version: 1 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Tunngle Version Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

17-09-2015 19:31:20 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01631D93-6566-4EB2-9F8E-78CCE7CE5468} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {093A4160-4C4A-4DCA-9B87-3AEF72479E7A} - System32\Tasks\{D4C78BD9-87AF-4218-923A-CC912BF6C955} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/440
Task: {0BCC97F0-CE2C-4AC6-AB83-C75F7BED0A2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {124807E7-C971-42BA-B7D8-157AEBE44F2B} - System32\Tasks\{FEFA4635-F586-41D5-95D6-0BE0E8CC7EE5} => pcalua.exe -a F:\fwlan.usb\setup.exe -d F:\fwlan.usb
Task: {16C6C3CD-930F-4CBC-9250-90DCB094C03F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {2AF83BEA-231A-45AD-AC44-ADACF0FDFFAA} - System32\Tasks\WpsUpdateTask_Silvio => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03] (Zhuhai Kingsoft Office-software Co.,Ltd)
Task: {31786DB2-0A89-4B68-AE36-99DE70527ABC} - System32\Tasks\{0DBB72E0-E33C-42C4-9FFF-88D70BF24169} => pcalua.exe -a "C:\Sacred DarkBloods\Sacred DarkBloods Fonts Installer.exe" -d "C:\Sacred DarkBloods"
Task: {387D1DC5-A563-44B8-8C74-E8EF67476CB7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {61F2070A-A1DB-41DC-AD5C-92C48A9AD0C6} - System32\Tasks\{85593F45-7898-4F8F-B1DD-56C127B0C393} => pcalua.exe -a "C:\Users\Silvio\Desktop\Laptop alt\Neuer Ordner\setup.exe" -d "C:\Users\Silvio\Desktop\Laptop alt\Neuer Ordner"
Task: {710E9364-52CF-4A8C-9FD0-8C51C068D09A} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {78FFC2B7-FC63-4506-8629-47AA20D542B0} - System32\Tasks\{2D325D57-0CBF-4C72-85F7-B76252373320} => F:\INSTALL.EXE
Task: {823E1786-69D9-4F34-8847-8D19534EBB83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {9CD08C01-31AB-4D7F-90BF-54BE0B7FEE63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {AB482B0E-9D58-4739-B063-53CCCC48E73D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {BC46EB7F-C1C3-4A78-AD70-CDD4676BBB56} - System32\Tasks\update-S-1-5-21-2046019297-940583845-634688912-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {BE3ABEB9-C96B-4648-8D78-D09AAE23A5AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {D2EE6E03-BE14-4F2E-9F87-3963B0C91184} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {E0D0F8CE-017E-42C2-8A64-D123340E029D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-25] ()
Task: {E2CAA89A-4D81-4CBB-8896-7944BD0FCDEF} - System32\Tasks\HPCeeScheduleForSilvio => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {F7B9A6FA-235F-4A52-9DCB-DE3227B66C00} - System32\Tasks\{0EA1CFDC-5AE6-41D8-8822-582A28747F8C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {F7EF089A-36A0-47D7-B735-BD5A08F392AA} - System32\Tasks\{87B8507B-B6D8-4623-A302-F17C6D6050D7} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {FD8EFBED-70CB-4B0E-934F-9F2FC7746580} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\HPCeeScheduleForSilvio.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2046019297-940583845-634688912-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Silvio.job => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-08-09 17:44 - 2011-08-09 17:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-08-17 23:14 - 2011-08-17 23:14 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-09-02 11:49 - 2011-09-02 11:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-08-15 14:21 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\Silvio\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-10-16 18:37 - 2014-10-16 18:37 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-12-12 02:35 - 2011-04-30 01:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\aeriagames.com -> hxxp://aeriagames.com


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2046019297-940583845-634688912-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Silvio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FFFBF8AA-77A4-4AB3-BAC9-91C3B59A37F5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6196027C-5BDE-47B7-8D0B-D7F36763F731}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{322F9F86-C177-4401-B766-9CB3010D98EB}] => (Allow) LPort=2869
FirewallRules: [{36BA1AF3-BA38-45DD-8BD0-A548D6412114}] => (Allow) LPort=1900
FirewallRules: [{0B7F65B5-6CF3-49C0-9630-1E88AF8A1CE1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F4918033-EED8-45E7-946E-7507ACBD8385}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{DE618D39-6E05-4C2B-9FC0-367532434E8F}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [TCP Query User{17A90E03-20F2-4BEC-AF09-6D234D163B73}C:\users\silvio\desktop\laptop alt\tactical ops\system\tacticalops.exe] => (Allow) C:\users\silvio\desktop\laptop alt\tactical ops\system\tacticalops.exe
FirewallRules: [UDP Query User{5C77BFD5-EC05-4E26-97A1-ADD0D74101E0}C:\users\silvio\desktop\laptop alt\tactical ops\system\tacticalops.exe] => (Allow) C:\users\silvio\desktop\laptop alt\tactical ops\system\tacticalops.exe
FirewallRules: [TCP Query User{A6BFC520-9382-4E14-AF29-AAFA3532DA16}C:\users\silvio\downloads\utorrent_1.5.exe] => (Allow) C:\users\silvio\downloads\utorrent_1.5.exe
FirewallRules: [UDP Query User{E2158D13-BB74-45CF-BF98-31FBE652DFAB}C:\users\silvio\downloads\utorrent_1.5.exe] => (Allow) C:\users\silvio\downloads\utorrent_1.5.exe
FirewallRules: [TCP Query User{277855B6-97B7-48AF-8C2F-4299953995ED}C:\program files (x86)\cossacks - back to war\dmcr.exe] => (Allow) C:\program files (x86)\cossacks - back to war\dmcr.exe
FirewallRules: [UDP Query User{B414294A-B10F-4D5E-851F-5980E746EAB7}C:\program files (x86)\cossacks - back to war\dmcr.exe] => (Allow) C:\program files (x86)\cossacks - back to war\dmcr.exe
FirewallRules: [TCP Query User{7854D757-6A6A-4A05-900D-03D344898264}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{F7BE8B44-4513-42DC-BF76-6E31DA56BAB6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{E6172DB2-4D6A-474F-93D8-190D01D74412}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{9FD41BEE-7BB8-4022-9D2A-4FABA7CF7E53}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{92A753BB-CD73-4E3E-A968-1FE6A4F10EB5}C:\program files (x86)\melbourne house\dethkarz\dethkarz.exe] => (Block) C:\program files (x86)\melbourne house\dethkarz\dethkarz.exe
FirewallRules: [UDP Query User{EE05E8F4-BE37-47BA-9BDA-DCC3DBE354AD}C:\program files (x86)\melbourne house\dethkarz\dethkarz.exe] => (Block) C:\program files (x86)\melbourne house\dethkarz\dethkarz.exe
FirewallRules: [TCP Query User{04CF3023-8C62-4452-ABFD-3E636E42232B}C:\users\silvio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\silvio\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{03DABF95-3A8B-490F-80BD-5E56FBDBBB07}C:\users\silvio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\silvio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{0C781AAC-23CC-41B1-86CF-032699E77F17}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{CB112C6E-A5FD-4C00-9E2A-32FDD20D66F4}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{158C7820-C3B4-4CC1-8B88-649832823694}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun.exe
FirewallRules: [UDP Query User{C1873587-9991-4933-B64F-1BD6B905E8D5}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun.exe
FirewallRules: [TCP Query User{48A8FAC9-A47F-4AB7-8676-E4B12E6E66C1}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods extrem\sacred darkbloods extrem.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods extrem\sacred darkbloods extrem.exe
FirewallRules: [UDP Query User{8EF10811-1D31-4BB8-90BC-8903D507F6D5}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods extrem\sacred darkbloods extrem.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods extrem\sacred darkbloods extrem.exe
FirewallRules: [TCP Query User{4B2B6E4A-D782-4294-A256-6E32FB5E0F5F}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun gameserver.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun gameserver.exe
FirewallRules: [UDP Query User{6EEC6D54-51E3-4493-8D2F-3CC618D182CF}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun gameserver.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun gameserver.exe
FirewallRules: [{104E13D9-E8D6-48EE-AF79-9C94FE76EFD4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{07510DAE-F7D8-4FCE-8F3C-B499BC0A4A48}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4665DA57-E0CB-4400-9B23-4A2F69F90EBB}C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [UDP Query User{2E3A8954-42E8-4979-BD9E-045F7760A82D}C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [TCP Query User{18C85C79-DC88-477D-9665-CAA8BE9F0166}C:\users\silvio\desktop\laptop alt\huhn\ct.exe] => (Allow) C:\users\silvio\desktop\laptop alt\huhn\ct.exe
FirewallRules: [UDP Query User{56F8F8EB-05C0-4436-84D7-4387A5490494}C:\users\silvio\desktop\laptop alt\huhn\ct.exe] => (Allow) C:\users\silvio\desktop\laptop alt\huhn\ct.exe
FirewallRules: [TCP Query User{17564EC9-4792-4E1D-A3E3-FF119FCA90E4}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [UDP Query User{DEB10622-11F2-4CA8-87F0-8DE1566DE35F}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [{F242D196-8CDF-4B72-A2F1-A598CDC4F238}] => (Allow) F:\FSetup.exe
FirewallRules: [{45E1A7C0-FF4B-41E8-88FC-DFE90CA714E2}] => (Allow) F:\FSetup.exe
FirewallRules: [{DDFA65F9-0DD5-4739-BF9C-3522B5EAFFE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{539FB3A9-A717-4B0C-BB37-305219EE4D95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{57BE4E92-9D03-4EF6-9D63-CD5B7CE64BEF}C:\users\silvio\desktop\laptop alt\call of duty 4\iw3mp.exe] => (Allow) C:\users\silvio\desktop\laptop alt\call of duty 4\iw3mp.exe
FirewallRules: [UDP Query User{D03901E3-6BD6-4F3F-9865-2CB9E8A3EF61}C:\users\silvio\desktop\laptop alt\call of duty 4\iw3mp.exe] => (Allow) C:\users\silvio\desktop\laptop alt\call of duty 4\iw3mp.exe
FirewallRules: [TCP Query User{FCDAA67E-9D1E-4651-BE33-422D696D75A1}C:\users\silvio\desktop\laptop alt\cod 4\iw3mp.exe] => (Allow) C:\users\silvio\desktop\laptop alt\cod 4\iw3mp.exe
FirewallRules: [UDP Query User{7543BA3E-C674-4867-A9A7-2F33C0C55C03}C:\users\silvio\desktop\laptop alt\cod 4\iw3mp.exe] => (Allow) C:\users\silvio\desktop\laptop alt\cod 4\iw3mp.exe
FirewallRules: [TCP Query User{8ADB47AE-3240-44D4-8D2B-995FD76E289D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A93750EE-7F24-4B36-B0CE-7629E323E5A2}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{66B8F69F-DC15-4437-B784-F16BACC5D898}] => (Allow) C:\Users\Silvio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C7C87BFE-16DB-4FEE-BAE2-104E4E5DC2D4}] => (Allow) C:\Users\Silvio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7797BCC1-B688-46CA-8E26-954D5BF78DEE}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{291B41F0-2ADA-4313-92B0-F7DA79DB72BB}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4F5E401D-17E9-4BB8-B91A-5D39BD02E1F3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{862F50AA-F5B5-4391-99F9-C8DF944F9BB0}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{4997D207-E61A-4A90-BAFA-BF76E06E7D4F}C:\program files (x86)\ascaron entertainment\sacred\sacred.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred\sacred.exe
FirewallRules: [UDP Query User{EB5072FD-B32C-405F-A426-F976B64F7933}C:\program files (x86)\ascaron entertainment\sacred\sacred.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred\sacred.exe
FirewallRules: [TCP Query User{EB9A121D-8E1D-4780-9722-01B0C2D5B501}C:\program files (x86)\ascaron entertainment\sacred\gameserver.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred\gameserver.exe
FirewallRules: [UDP Query User{A15EAC35-EF5A-4532-B31F-27725CAE8AA5}C:\program files (x86)\ascaron entertainment\sacred\gameserver.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred\gameserver.exe
FirewallRules: [TCP Query User{62A9E4F9-A02C-4ED5-AC80-D5F16F5BECF0}C:\sacred\sacred.exe] => (Allow) C:\sacred\sacred.exe
FirewallRules: [UDP Query User{86098B97-6552-4088-85F7-5658046DDDDD}C:\sacred\sacred.exe] => (Allow) C:\sacred\sacred.exe
FirewallRules: [TCP Query User{AF131C36-36D5-42B1-BDF4-66EE7BD7DE2F}C:\sacred\gameserver.exe] => (Allow) C:\sacred\gameserver.exe
FirewallRules: [UDP Query User{440BAFC2-35FA-454D-AA38-436C372D75D0}C:\sacred\gameserver.exe] => (Allow) C:\sacred\gameserver.exe
FirewallRules: [{4F8279F1-D8C6-4CEE-852D-628688AFC8C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8D88A385-BB50-467A-A476-84CC8148312C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{841257F8-26B8-48AA-AC84-4E7E944FFAF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F26F05D8-2D46-4E2A-8BD8-FBC13CF8A80E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/18/2015 03:36:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x7f0
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3

Error: (09/18/2015 03:36:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.BadImageFormatException
Stapel:
   bei Avira.OE.WinCore.ProcessProtector+NativeMethods.ProtectCurrentProcess()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/18/2015 03:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x172c
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3

Error: (09/18/2015 03:36:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.BadImageFormatException
Stapel:
   bei Avira.OE.WinCore.ProcessProtector+NativeMethods.ProtectCurrentProcess()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/18/2015 03:35:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x78c
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3

Error: (09/18/2015 03:35:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2015 03:35:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.BadImageFormatException
Stapel:
   bei Avira.OE.WinCore.ProcessProtector+NativeMethods.ProtectCurrentProcess()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/17/2015 06:58:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1770
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3

Error: (09/17/2015 06:58:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.BadImageFormatException
Stapel:
   bei Avira.OE.WinCore.ProcessProtector+NativeMethods.ProtectCurrentProcess()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/17/2015 06:58:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1638
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3


Systemfehler:
=============
Error: (09/18/2015 03:36:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (09/18/2015 03:36:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2015 03:36:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2015 09:52:43 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 

Error: (09/17/2015 08:21:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2015 08:21:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2015 08:21:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/17/2015 08:16:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2015 06:58:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (09/17/2015 06:58:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 6091.86 MB
Verfügbarer physikalischer RAM: 3832.18 MB
Summe virtueller Speicher: 12181.92 MB
Verfügbarer virtueller Speicher: 9383.48 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:440.99 GB) (Free:175.68 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Recovery) (Fixed) (Total:20.61 GB) (Free:2.2 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 257422C2)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

Deathkid535 · 18.09.2015, 15:54

OK, ich seh da Malware. Ich übernehm dich mal

Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst.

Ich bedanke mich für deine Geduld

DeSergo · 18.09.2015, 15:56

Danke,

dafür habe ich mich hier ja auch angemeldet und ich danke Dir/Euch schonmal.

MfG
Sergo

Deathkid535 · 18.09.2015, 18:04

Hi,

Schritt # 1: TDSSKiller

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Schritt # 2: Bitte Posten

Das Log von TDSSKiller

DeSergo · 18.09.2015, 21:28

MBAR

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.09.18.07
  rootkit: v2015.08.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17959
Silvio :: SERGO [administrator]

18.09.2015 19:26:15
mbar-log-2015-09-18 (19-26-15).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 376260
Time elapsed: 50 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSSKILLER

Code:

ATTFilter

20:24:06.0873 0x07a4  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:24:09.0275 0x07a4  ============================================================
20:24:09.0275 0x07a4  Current date / time: 2015/09/18 20:24:09.0275
20:24:09.0275 0x07a4  SystemInfo:
20:24:09.0275 0x07a4  
20:24:09.0275 0x07a4  OS Version: 6.1.7601 ServicePack: 1.0
20:24:09.0275 0x07a4  Product type: Workstation
20:24:09.0275 0x07a4  ComputerName: SERGO
20:24:09.0275 0x07a4  UserName: Silvio
20:24:09.0276 0x07a4  Windows directory: C:\Windows
20:24:09.0276 0x07a4  System windows directory: C:\Windows
20:24:09.0276 0x07a4  Running under WOW64
20:24:09.0276 0x07a4  Processor architecture: Intel x64
20:24:09.0276 0x07a4  Number of processors: 4
20:24:09.0276 0x07a4  Page size: 0x1000
20:24:09.0276 0x07a4  Boot type: Normal boot
20:24:09.0276 0x07a4  ============================================================
20:24:09.0660 0x07a4  KLMD registered as C:\Windows\system32\drivers\43510660.sys
20:24:13.0043 0x07a4  System UUID: {869C39C6-11BA-03B4-05D2-8903E0907E67}
20:24:14.0500 0x07a4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:24:14.0504 0x07a4  ============================================================
20:24:14.0504 0x07a4  \Device\Harddisk0\DR0:
20:24:14.0504 0x07a4  MBR partitions:
20:24:14.0504 0x07a4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:24:14.0504 0x07a4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x371FB800
20:24:14.0504 0x07a4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3725F800, BlocksNum 0x2936800
20:24:14.0504 0x07a4  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF800
20:24:14.0504 0x07a4  ============================================================
20:24:14.0529 0x07a4  C: <-> \Device\Harddisk0\DR0\Partition2
20:24:14.0567 0x07a4  D: <-> \Device\Harddisk0\DR0\Partition3
20:24:14.0639 0x07a4  E: <-> \Device\Harddisk0\DR0\Partition4
20:24:14.0639 0x07a4  ============================================================
20:24:14.0639 0x07a4  Initialize success
20:24:14.0639 0x07a4  ============================================================
20:24:46.0990 0x1124  ============================================================
20:24:46.0990 0x1124  Scan started
20:24:46.0990 0x1124  Mode: Manual; SigCheck; TDLFS; 
20:24:46.0991 0x1124  ============================================================
20:24:46.0991 0x1124  KSN ping started
20:24:49.0552 0x1124  KSN ping finished: true
20:24:51.0453 0x1124  ================ Scan system memory ========================
20:24:51.0453 0x1124  System memory - ok
20:24:51.0453 0x1124  ================ Scan services =============================
20:24:51.0631 0x1124  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:24:51.0713 0x1124  1394ohci - ok
20:24:51.0761 0x1124  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:24:51.0791 0x1124  ACPI - ok
20:24:51.0829 0x1124  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:24:51.0938 0x1124  AcpiPmi - ok
20:24:52.0073 0x1124  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:52.0104 0x1124  AdobeARMservice - ok
20:24:52.0169 0x1124  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:24:52.0191 0x1124  adp94xx - ok
20:24:52.0266 0x1124  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:24:52.0283 0x1124  adpahci - ok
20:24:52.0302 0x1124  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:24:52.0316 0x1124  adpu320 - ok
20:24:52.0344 0x1124  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:24:52.0397 0x1124  AeLookupSvc - ok
20:24:52.0450 0x1124  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
20:24:52.0498 0x1124  AFD - ok
20:24:52.0537 0x1124  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:24:52.0548 0x1124  agp440 - ok
20:24:52.0577 0x1124  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:24:52.0621 0x1124  ALG - ok
20:24:52.0657 0x1124  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:24:52.0666 0x1124  aliide - ok
20:24:52.0703 0x1124  [ 6807D94E8148771263308521E8CADE5E, C8B6E45CF0B33C97BF1F0C6F2F8CD31A9105D945932D1A8B659D5CBEE093BBED ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:24:52.0809 0x1124  AMD External Events Utility - ok
20:24:52.0842 0x1124  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:24:52.0852 0x1124  amdide - ok
20:24:52.0902 0x1124  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:24:52.0925 0x1124  AmdK8 - ok
20:24:53.0289 0x1124  [ F784F9BF32E708C71A63220E89A58496, A39750F1839763313CFFAB4AC897EA088DC02EA3BF84D58DE1504E5FF40AB828 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:24:53.0692 0x1124  amdkmdag - ok
20:24:53.0742 0x1124  [ 43FD45C0DFE0A0FF2B8BE0D4AC165E18, CAFA1E5D0C3474E862B51A379CB8C5491C1E12803741AAA45CA46365E112C991 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:24:53.0779 0x1124  amdkmdap - ok
20:24:53.0816 0x1124  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:24:53.0858 0x1124  AmdPPM - ok
20:24:53.0879 0x1124  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:24:53.0891 0x1124  amdsata - ok
20:24:53.0921 0x1124  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:24:53.0935 0x1124  amdsbs - ok
20:24:53.0952 0x1124  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:24:53.0962 0x1124  amdxata - ok
20:24:54.0045 0x1124  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:24:54.0169 0x1124  AntiVirMailService - ok
20:24:54.0225 0x1124  [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:24:54.0243 0x1124  AntiVirSchedulerService - ok
20:24:54.0321 0x1124  [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:24:54.0339 0x1124  AntiVirService - ok
20:24:54.0411 0x1124  [ B667AB46FA82FC246F9069D81BB1065C, CC3ADE01E745B6A4F425E41C5C380BF0D06121B3823BDF0A8DF2973DA59F86EA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:24:54.0519 0x1124  AntiVirWebService - ok
20:24:54.0577 0x1124  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
20:24:54.0632 0x1124  AppID - ok
20:24:54.0651 0x1124  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:24:54.0684 0x1124  AppIDSvc - ok
20:24:54.0739 0x1124  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
20:24:54.0798 0x1124  Appinfo - ok
20:24:54.0843 0x1124  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
20:24:54.0854 0x1124  arc - ok
20:24:54.0895 0x1124  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:24:54.0906 0x1124  arcsas - ok
20:24:55.0035 0x1124  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:24:55.0075 0x1124  aspnet_state - ok
20:24:55.0112 0x1124  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:24:55.0215 0x1124  AsyncMac - ok
20:24:55.0266 0x1124  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:24:55.0275 0x1124  atapi - ok
20:24:55.0347 0x1124  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
20:24:55.0363 0x1124  atksgt - ok
20:24:55.0442 0x1124  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:55.0497 0x1124  AudioEndpointBuilder - ok
20:24:55.0515 0x1124  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:24:55.0539 0x1124  AudioSrv - ok
20:24:55.0611 0x1124  [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:24:55.0639 0x1124  avgntflt - ok
20:24:55.0687 0x1124  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:24:55.0718 0x1124  avipbb - ok
20:24:55.0786 0x1124  [ B127AC7651D0C088E4A239EED92F8AF8, 2958F81C06C46E147E8022F3B7E9C26F1D47C729ADD336D68DCCFEB363CB09FF ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
20:24:55.0827 0x1124  Avira.OE.ServiceHost - ok
20:24:55.0885 0x1124  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:24:55.0894 0x1124  avkmgr - ok
20:24:55.0984 0x1124  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
20:24:55.0997 0x1124  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
20:24:58.0618 0x1124  Detect skipped due to KSN trusted
20:24:58.0787 0x1124  AVM WLAN Connection Service - ok
20:24:58.0831 0x1124  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
20:24:58.0840 0x1124  avmeject - ok
20:24:59.0008 0x1124  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
20:24:59.0029 0x1124  avnetflt - ok
20:24:59.0107 0x1124  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:24:59.0226 0x1124  AxInstSV - ok
20:24:59.0267 0x1124  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:24:59.0336 0x1124  b06bdrv - ok
20:24:59.0391 0x1124  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:59.0431 0x1124  b57nd60a - ok
20:24:59.0503 0x1124  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
20:24:59.0560 0x1124  BCM43XX - ok
20:24:59.0599 0x1124  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:24:59.0643 0x1124  BDESVC - ok
20:24:59.0675 0x1124  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:24:59.0719 0x1124  Beep - ok
20:24:59.0786 0x1124  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:24:59.0854 0x1124  BFE - ok
20:24:59.0908 0x1124  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:25:00.0068 0x1124  BITS - ok
20:25:00.0111 0x1124  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:25:00.0159 0x1124  blbdrive - ok
20:25:00.0197 0x1124  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:25:00.0233 0x1124  bowser - ok
20:25:00.0259 0x1124  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:25:00.0285 0x1124  BrFiltLo - ok
20:25:00.0305 0x1124  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:25:00.0332 0x1124  BrFiltUp - ok
20:25:00.0380 0x1124  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:25:00.0417 0x1124  Browser - ok
20:25:00.0454 0x1124  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:25:00.0514 0x1124  Brserid - ok
20:25:00.0541 0x1124  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:25:00.0567 0x1124  BrSerWdm - ok
20:25:00.0592 0x1124  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:25:00.0619 0x1124  BrUsbMdm - ok
20:25:00.0672 0x1124  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:25:00.0696 0x1124  BrUsbSer - ok
20:25:00.0750 0x1124  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:25:00.0790 0x1124  BTHMODEM - ok
20:25:00.0832 0x1124  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:25:00.0863 0x1124  bthserv - ok
20:25:00.0879 0x1124  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:25:00.0928 0x1124  cdfs - ok
20:25:00.0969 0x1124  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:25:01.0004 0x1124  cdrom - ok
20:25:01.0048 0x1124  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:25:01.0115 0x1124  CertPropSvc - ok
20:25:01.0150 0x1124  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:25:01.0177 0x1124  circlass - ok
20:25:01.0221 0x1124  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
20:25:01.0248 0x1124  CLFS - ok
20:25:01.0302 0x1124  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:25:01.0313 0x1124  clr_optimization_v2.0.50727_32 - ok
20:25:01.0343 0x1124  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:25:01.0355 0x1124  clr_optimization_v2.0.50727_64 - ok
20:25:01.0422 0x1124  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:25:01.0448 0x1124  clr_optimization_v4.0.30319_32 - ok
20:25:01.0464 0x1124  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:25:01.0582 0x1124  clr_optimization_v4.0.30319_64 - ok
20:25:01.0604 0x1124  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
20:25:01.0613 0x1124  clwvd - ok
20:25:01.0641 0x1124  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:25:01.0669 0x1124  CmBatt - ok
20:25:01.0709 0x1124  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:25:01.0726 0x1124  cmdide - ok
20:25:01.0773 0x1124  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
20:25:01.0809 0x1124  CNG - ok
20:25:01.0828 0x1124  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:25:01.0848 0x1124  Compbatt - ok
20:25:01.0904 0x1124  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:25:01.0930 0x1124  CompositeBus - ok
20:25:01.0950 0x1124  COMSysApp - ok
20:25:02.0019 0x1124  [ 4FB7BF1054684A3E32EDE8FBA6F48C1C, 923AAF269A1FC90C6E0144148664B5FFD66B7195AAF9D5763DCFD500ABF81E66 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:25:02.0048 0x1124  cphs - ok
20:25:02.0092 0x1124  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:25:02.0102 0x1124  crcdisk - ok
20:25:02.0151 0x1124  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:25:02.0192 0x1124  CryptSvc - ok
20:25:02.0321 0x1124  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:25:02.0347 0x1124  cvhsvc - ok
20:25:02.0397 0x1124  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:25:02.0459 0x1124  DcomLaunch - ok
20:25:02.0524 0x1124  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:25:02.0580 0x1124  defragsvc - ok
20:25:02.0618 0x1124  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:25:02.0676 0x1124  DfsC - ok
20:25:02.0720 0x1124  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:25:02.0786 0x1124  Dhcp - ok
20:25:02.0903 0x1124  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:25:02.0984 0x1124  DiagTrack - ok
20:25:03.0010 0x1124  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:25:03.0040 0x1124  discache - ok
20:25:03.0069 0x1124  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
20:25:03.0080 0x1124  Disk - ok
20:25:03.0112 0x1124  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:25:03.0169 0x1124  Dnscache - ok
20:25:03.0196 0x1124  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:25:03.0243 0x1124  dot3svc - ok
20:25:03.0263 0x1124  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:25:03.0295 0x1124  DPS - ok
20:25:03.0329 0x1124  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:25:03.0372 0x1124  drmkaud - ok
20:25:03.0431 0x1124  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:25:03.0445 0x1124  dtsoftbus01 - ok
20:25:03.0507 0x1124  [ F59E2FE2687A5C30598F9099F318EB73, 80A0B1CC758BD3C4AEAB8E5804120D8A145F918B527F41DEF02A0E4EBE170F37 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:25:03.0540 0x1124  DXGKrnl - ok
20:25:03.0570 0x1124  EagleX64 - ok
20:25:03.0612 0x1124  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:25:03.0664 0x1124  EapHost - ok
20:25:03.0794 0x1124  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:25:03.0899 0x1124  ebdrv - ok
20:25:03.0942 0x1124  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS             C:\Windows\System32\lsass.exe
20:25:03.0999 0x1124  EFS - ok
20:25:04.0073 0x1124  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:25:04.0112 0x1124  ehRecvr - ok
20:25:04.0133 0x1124  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:25:04.0165 0x1124  ehSched - ok
20:25:04.0202 0x1124  [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
20:25:04.0211 0x1124  ElbyCDIO - ok
20:25:04.0253 0x1124  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:25:04.0275 0x1124  elxstor - ok
20:25:04.0295 0x1124  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:25:04.0321 0x1124  ErrDev - ok
20:25:04.0389 0x1124  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:25:04.0445 0x1124  EventSystem - ok
20:25:04.0499 0x1124  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:25:04.0548 0x1124  exfat - ok
20:25:04.0571 0x1124  ezSharedSvc - ok
20:25:04.0592 0x1124  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:25:04.0644 0x1124  fastfat - ok
20:25:04.0695 0x1124  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:25:04.0758 0x1124  Fax - ok
20:25:04.0789 0x1124  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
20:25:04.0818 0x1124  fdc - ok
20:25:04.0852 0x1124  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:25:04.0892 0x1124  fdPHost - ok
20:25:04.0917 0x1124  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:25:04.0946 0x1124  FDResPub - ok
20:25:04.0963 0x1124  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:25:04.0974 0x1124  FileInfo - ok
20:25:04.0991 0x1124  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:25:05.0041 0x1124  Filetrace - ok
20:25:05.0066 0x1124  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:25:05.0078 0x1124  flpydisk - ok
20:25:05.0101 0x1124  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:25:05.0117 0x1124  FltMgr - ok
20:25:05.0190 0x1124  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
20:25:05.0272 0x1124  FontCache - ok
20:25:05.0326 0x1124  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:25:05.0335 0x1124  FontCache3.0.0.0 - ok
20:25:05.0393 0x1124  [ EC3949088F617ACC056FC1AB54A6A13B, 4E850D8DCACF4B825936A114A1B25D0940C8EE735509167A9709671E20FD5155 ] FPLService      C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
20:25:05.0406 0x1124  FPLService - ok
20:25:05.0437 0x1124  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:25:05.0447 0x1124  FsDepends - ok
20:25:05.0485 0x1124  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:25:05.0495 0x1124  Fs_Rec - ok
20:25:05.0534 0x1124  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:25:05.0551 0x1124  fvevol - ok
20:25:05.0597 0x1124  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
20:25:05.0627 0x1124  FWLANUSB - ok
20:25:05.0665 0x1124  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:25:05.0677 0x1124  gagp30kx - ok
20:25:05.0727 0x1124  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:25:05.0740 0x1124  GamesAppService - ok
20:25:05.0791 0x1124  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:25:05.0837 0x1124  gpsvc - ok
20:25:05.0872 0x1124  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
20:25:05.0881 0x1124  hamachi - ok
20:25:05.0901 0x1124  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:25:05.0923 0x1124  hcw85cir - ok
20:25:05.0970 0x1124  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:25:06.0012 0x1124  HdAudAddService - ok
20:25:06.0035 0x1124  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:25:06.0069 0x1124  HDAudBus - ok
20:25:06.0084 0x1124  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:25:06.0112 0x1124  HidBatt - ok
20:25:06.0143 0x1124  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:25:06.0158 0x1124  HidBth - ok
20:25:06.0210 0x1124  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:25:06.0246 0x1124  HidIr - ok
20:25:06.0291 0x1124  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:25:06.0320 0x1124  hidserv - ok
20:25:06.0375 0x1124  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:25:06.0405 0x1124  HidUsb - ok
20:25:06.0416 0x1124  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:25:06.0460 0x1124  hkmsvc - ok
20:25:06.0498 0x1124  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:25:06.0527 0x1124  HomeGroupListener - ok
20:25:06.0563 0x1124  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:25:06.0595 0x1124  HomeGroupProvider - ok
20:25:06.0689 0x1124  [ 13BB1114451C63BFB41BA7DAA4D70A29, A07D27DCD1D5F333973DDF7E91BF902307088C48696EE1D1970A0152A507231B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:25:06.0698 0x1124  HP Support Assistant Service - ok
20:25:06.0793 0x1124  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:25:06.0807 0x1124  HPClientSvc - ok
20:25:06.0882 0x1124  [ E6AB9E7FF923928E9F549FDDFCEDB28A, 1280E40B1D4888684532654FD16A8FC1390B77C1EFBF76A8C492C32361B58649 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:25:06.0894 0x1124  HPDrvMntSvc.exe - ok
20:25:06.0952 0x1124  [ DBDC0581D4506C13E6BEF48D14B1C55B, 264F8F225EB1CD0240EC3195A595CF057A5081725121A2DE56909D2E73BDD207 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:25:06.0994 0x1124  hpqwmiex - ok
20:25:07.0115 0x1124  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:25:07.0126 0x1124  HpSAMD - ok
20:25:07.0290 0x1124  [ 491CE9B6321FB74E4B37AF2C47F98434, DCB996386B10A3198D7EACEAB74D838399908FD443577918B7E55D47930165A0 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:25:07.0297 0x1124  HPWMISVC - ok
20:25:07.0340 0x1124  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:25:07.0418 0x1124  HTCAND64 - ok
20:25:07.0471 0x1124  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
20:25:07.0480 0x1124  htcnprot - ok
20:25:07.0581 0x1124  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:25:07.0643 0x1124  HTTP - ok
20:25:07.0710 0x1124  [ D969D0E26C5B1E813B17066A8318D5D4, 27308902D216CD38F40B9341F40AFDCFEC09EA3122FB88E7C7A5C42D0433315D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:25:07.0765 0x1124  hwdatacard - ok
20:25:07.0788 0x1124  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:25:07.0799 0x1124  hwpolicy - ok
20:25:07.0866 0x1124  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:25:07.0881 0x1124  i8042prt - ok
20:25:07.0926 0x1124  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:25:07.0954 0x1124  iaStor - ok
20:25:07.0997 0x1124  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:25:08.0005 0x1124  IAStorDataMgrSvc - ok
20:25:08.0047 0x1124  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:25:08.0067 0x1124  iaStorV - ok
20:25:08.0110 0x1124  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:25:08.0122 0x1124  ICCS - ok
20:25:08.0234 0x1124  [ D3090576412EC63E0C6271D8B0974D73, 0E7EB7818FE248DCA5FE6CDFBD540A862B39E0A88609141FB3D7D1F82E0521D6 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:25:08.0292 0x1124  IconMan_R - ok
20:25:08.0352 0x1124  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:25:08.0382 0x1124  idsvc - ok
20:25:08.0417 0x1124  IEEtwCollectorService - ok
20:25:08.0818 0x1124  [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:25:09.0286 0x1124  igfx - ok
20:25:09.0327 0x1124  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:25:09.0338 0x1124  iirsp - ok
20:25:09.0392 0x1124  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:25:09.0435 0x1124  IKEEXT - ok
20:25:09.0494 0x1124  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:25:09.0549 0x1124  IntcDAud - ok
20:25:09.0583 0x1124  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:25:09.0593 0x1124  intelide - ok
20:25:10.0000 0x1124  [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
20:25:10.0442 0x1124  intelkmd - ok
20:25:13.0491 0x1124  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:25:13.0515 0x1124  intelppm - ok
20:25:13.0546 0x1124  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:25:13.0576 0x1124  IPBusEnum - ok
20:25:13.0605 0x1124  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:25:13.0653 0x1124  IpFilterDriver - ok
20:25:13.0702 0x1124  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:25:13.0760 0x1124  iphlpsvc - ok
20:25:13.0792 0x1124  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:25:13.0823 0x1124  IPMIDRV - ok
20:25:13.0844 0x1124  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:25:13.0874 0x1124  IPNAT - ok
20:25:13.0902 0x1124  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:25:13.0937 0x1124  IRENUM - ok
20:25:13.0959 0x1124  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:25:13.0968 0x1124  isapnp - ok
20:25:14.0007 0x1124  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:25:14.0024 0x1124  iScsiPrt - ok
20:25:14.0077 0x1124  [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
20:25:14.0104 0x1124  jhi_service - ok
20:25:14.0133 0x1124  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:25:14.0144 0x1124  kbdclass - ok
20:25:14.0174 0x1124  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:25:14.0185 0x1124  kbdhid - ok
20:25:14.0198 0x1124  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso          C:\Windows\system32\lsass.exe
20:25:14.0209 0x1124  KeyIso - ok
20:25:14.0238 0x1124  [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:25:14.0260 0x1124  KSecDD - ok
20:25:14.0293 0x1124  [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:25:14.0307 0x1124  KSecPkg - ok
20:25:14.0343 0x1124  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:25:14.0372 0x1124  ksthunk - ok
20:25:14.0409 0x1124  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:25:14.0483 0x1124  KtmRm - ok
20:25:14.0528 0x1124  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:25:14.0577 0x1124  LanmanServer - ok
20:25:14.0603 0x1124  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:25:14.0679 0x1124  LanmanWorkstation - ok
20:25:14.0752 0x1124  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
20:25:14.0762 0x1124  lirsgt - ok
20:25:14.0796 0x1124  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:25:14.0849 0x1124  lltdio - ok
20:25:14.0880 0x1124  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:25:14.0933 0x1124  lltdsvc - ok
20:25:14.0947 0x1124  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:25:14.0992 0x1124  lmhosts - ok
20:25:15.0059 0x1124  [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:25:15.0073 0x1124  LMS - ok
20:25:15.0119 0x1124  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:25:15.0132 0x1124  LSI_FC - ok
20:25:15.0153 0x1124  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:25:15.0165 0x1124  LSI_SAS - ok
20:25:15.0181 0x1124  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:25:15.0192 0x1124  LSI_SAS2 - ok
20:25:15.0203 0x1124  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:25:15.0215 0x1124  LSI_SCSI - ok
20:25:15.0254 0x1124  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:25:15.0309 0x1124  luafv - ok
20:25:15.0342 0x1124  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:25:15.0355 0x1124  Mcx2Svc - ok
20:25:15.0375 0x1124  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:25:15.0385 0x1124  megasas - ok
20:25:15.0427 0x1124  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:25:15.0443 0x1124  MegaSR - ok
20:25:15.0483 0x1124  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
20:25:15.0493 0x1124  MEIx64 - ok
20:25:15.0515 0x1124  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:25:15.0546 0x1124  MMCSS - ok
20:25:15.0567 0x1124  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:25:15.0617 0x1124  Modem - ok
20:25:15.0659 0x1124  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:25:15.0683 0x1124  monitor - ok
20:25:15.0714 0x1124  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:25:15.0724 0x1124  mouclass - ok
20:25:15.0744 0x1124  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:25:15.0755 0x1124  mouhid - ok
20:25:15.0789 0x1124  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:25:15.0801 0x1124  mountmgr - ok
20:25:15.0870 0x1124  [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:25:15.0882 0x1124  MozillaMaintenance - ok
20:25:15.0951 0x1124  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
20:25:15.0969 0x1124  MpFilter - ok
20:25:15.0991 0x1124  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:25:16.0004 0x1124  mpio - ok
20:25:16.0016 0x1124  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:25:16.0046 0x1124  mpsdrv - ok
20:25:16.0099 0x1124  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:25:16.0164 0x1124  MpsSvc - ok
20:25:16.0199 0x1124  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:25:16.0242 0x1124  MRxDAV - ok
20:25:16.0271 0x1124  [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:25:16.0317 0x1124  mrxsmb - ok
20:25:16.0356 0x1124  [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:25:16.0404 0x1124  mrxsmb10 - ok
20:25:16.0438 0x1124  [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:25:16.0473 0x1124  mrxsmb20 - ok
20:25:16.0500 0x1124  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:25:16.0510 0x1124  msahci - ok
20:25:16.0542 0x1124  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:25:16.0554 0x1124  msdsm - ok
20:25:16.0591 0x1124  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:25:16.0621 0x1124  MSDTC - ok
20:25:16.0662 0x1124  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:25:16.0711 0x1124  Msfs - ok
20:25:16.0732 0x1124  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:25:16.0776 0x1124  mshidkmdf - ok
20:25:16.0791 0x1124  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:25:16.0800 0x1124  msisadrv - ok
20:25:16.0846 0x1124  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:25:16.0905 0x1124  MSiSCSI - ok
20:25:16.0908 0x1124  msiserver - ok
20:25:16.0941 0x1124  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:25:16.0990 0x1124  MSKSSRV - ok
20:25:17.0115 0x1124  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:25:17.0125 0x1124  MsMpSvc - ok
20:25:17.0179 0x1124  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:25:17.0206 0x1124  MSPCLOCK - ok
20:25:17.0217 0x1124  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:25:17.0267 0x1124  MSPQM - ok
20:25:17.0294 0x1124  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:25:17.0312 0x1124  MsRPC - ok
20:25:17.0346 0x1124  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:25:17.0355 0x1124  mssmbios - ok
20:25:17.0386 0x1124  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:25:17.0413 0x1124  MSTEE - ok
20:25:17.0428 0x1124  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:25:17.0438 0x1124  MTConfig - ok
20:25:17.0470 0x1124  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:25:17.0481 0x1124  Mup - ok
20:25:17.0514 0x1124  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:25:17.0572 0x1124  napagent - ok
20:25:17.0637 0x1124  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:25:17.0679 0x1124  NativeWifiP - ok
20:25:17.0739 0x1124  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:25:17.0772 0x1124  NDIS - ok
20:25:17.0798 0x1124  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:25:17.0841 0x1124  NdisCap - ok
20:25:17.0884 0x1124  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:25:17.0929 0x1124  NdisTapi - ok
20:25:17.0950 0x1124  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:25:17.0999 0x1124  Ndisuio - ok
20:25:18.0024 0x1124  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:25:18.0055 0x1124  NdisWan - ok
20:25:18.0067 0x1124  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:25:18.0111 0x1124  NDProxy - ok
20:25:18.0143 0x1124  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:25:18.0189 0x1124  NetBIOS - ok
20:25:18.0217 0x1124  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:25:18.0267 0x1124  NetBT - ok
20:25:18.0288 0x1124  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon        C:\Windows\system32\lsass.exe
20:25:18.0299 0x1124  Netlogon - ok
20:25:18.0333 0x1124  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:25:18.0391 0x1124  Netman - ok
20:25:18.0462 0x1124  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:18.0475 0x1124  NetMsmqActivator - ok
20:25:18.0481 0x1124  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:18.0493 0x1124  NetPipeActivator - ok
20:25:18.0530 0x1124  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:25:18.0570 0x1124  netprofm - ok
20:25:18.0699 0x1124  [ 2EED549279D7FBD10B846B5397573967, 4F7EBB6C1AC58D1EFFA7A86AC799137FC88F5CCA3AC27E563B4EE2AF1EAE4ECC ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
20:25:18.0763 0x1124  netr28x - ok
20:25:18.0784 0x1124  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:18.0796 0x1124  NetTcpActivator - ok
20:25:18.0802 0x1124  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:18.0814 0x1124  NetTcpPortSharing - ok
20:25:18.0860 0x1124  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:25:18.0870 0x1124  nfrd960 - ok
20:25:18.0922 0x1124  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:25:18.0935 0x1124  NisDrv - ok
20:25:18.0971 0x1124  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
20:25:18.0989 0x1124  NisSrv - ok
20:25:19.0020 0x1124  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:25:19.0070 0x1124  NlaSvc - ok
20:25:19.0130 0x1124  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:25:19.0176 0x1124  Npfs - ok
20:25:19.0212 0x1124  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:25:19.0241 0x1124  nsi - ok
20:25:19.0247 0x1124  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:25:19.0297 0x1124  nsiproxy - ok
20:25:19.0382 0x1124  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:25:19.0432 0x1124  Ntfs - ok
20:25:19.0452 0x1124  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:25:19.0480 0x1124  Null - ok
20:25:19.0515 0x1124  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
20:25:19.0549 0x1124  NVENETFD - ok
20:25:19.0572 0x1124  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:25:19.0585 0x1124  nvraid - ok
20:25:19.0603 0x1124  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:25:19.0616 0x1124  nvstor - ok
20:25:19.0657 0x1124  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:25:19.0668 0x1124  nv_agp - ok
20:25:19.0694 0x1124  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:25:19.0721 0x1124  ohci1394 - ok
20:25:19.0779 0x1124  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:25:19.0791 0x1124  ose - ok
20:25:20.0009 0x1124  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:25:20.0215 0x1124  osppsvc - ok
20:25:20.0259 0x1124  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:25:20.0308 0x1124  p2pimsvc - ok
20:25:20.0338 0x1124  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:25:20.0373 0x1124  p2psvc - ok
20:25:20.0399 0x1124  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
20:25:20.0425 0x1124  Parport - ok
20:25:20.0458 0x1124  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:25:20.0468 0x1124  partmgr - ok
20:25:20.0560 0x1124  [ AFADA8B97BE3C9398DC6C770409C3544, 670451D08AD1534D424D7D6B9BD7D2C71F526313FE2DD34B1F277D7CD403F39B ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:25:20.0615 0x1124  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
20:25:23.0223 0x1124  Detect skipped due to KSN trusted
20:25:23.0223 0x1124  PassThru Service - ok
20:25:23.0948 0x1124  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:25:23.0975 0x1124  PcaSvc - ok
20:25:23.0999 0x1124  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:25:24.0013 0x1124  pci - ok
20:25:24.0041 0x1124  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:25:24.0051 0x1124  pciide - ok
20:25:24.0070 0x1124  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:25:24.0084 0x1124  pcmcia - ok
20:25:24.0115 0x1124  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:25:24.0125 0x1124  pcw - ok
20:25:24.0177 0x1124  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:25:24.0204 0x1124  PEAUTH - ok
20:25:24.0260 0x1124  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:25:24.0288 0x1124  PerfHost - ok
20:25:24.0361 0x1124  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:25:24.0421 0x1124  pla - ok
20:25:24.0463 0x1124  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:25:24.0519 0x1124  PlugPlay - ok
20:25:24.0548 0x1124  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:25:24.0559 0x1124  PNRPAutoReg - ok
20:25:24.0581 0x1124  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:25:24.0598 0x1124  PNRPsvc - ok
20:25:24.0640 0x1124  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:25:24.0678 0x1124  PolicyAgent - ok
20:25:24.0700 0x1124  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:25:24.0753 0x1124  Power - ok
20:25:24.0800 0x1124  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:25:24.0842 0x1124  PptpMiniport - ok
20:25:24.0867 0x1124  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
20:25:24.0895 0x1124  Processor - ok
20:25:24.0937 0x1124  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:25:24.0994 0x1124  ProfSvc - ok
20:25:25.0010 0x1124  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:25:25.0021 0x1124  ProtectedStorage - ok
20:25:25.0091 0x1124  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:25:25.0137 0x1124  ql2300 - ok
20:25:25.0153 0x1124  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:25:25.0165 0x1124  ql40xx - ok
20:25:25.0192 0x1124  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:25:25.0212 0x1124  QWAVE - ok
20:25:25.0239 0x1124  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:25:25.0254 0x1124  QWAVEdrv - ok
20:25:25.0263 0x1124  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:25:25.0291 0x1124  RasAcd - ok
20:25:25.0326 0x1124  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:25:25.0355 0x1124  RasAgileVpn - ok
20:25:25.0385 0x1124  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:25:25.0427 0x1124  RasAuto - ok
20:25:25.0452 0x1124  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:25:25.0502 0x1124  Rasl2tp - ok
20:25:25.0533 0x1124  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:25:25.0584 0x1124  RasMan - ok
20:25:25.0606 0x1124  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:25:25.0647 0x1124  RasPppoe - ok
20:25:25.0690 0x1124  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:25:25.0720 0x1124  RasSstp - ok
20:25:25.0747 0x1124  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:25:25.0799 0x1124  rdbss - ok
20:25:25.0823 0x1124  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:25:25.0847 0x1124  rdpbus - ok
20:25:25.0862 0x1124  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:25:25.0901 0x1124  RDPCDD - ok
20:25:25.0931 0x1124  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:25:25.0980 0x1124  RDPENCDD - ok
20:25:25.0985 0x1124  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:25:26.0012 0x1124  RDPREFMP - ok
20:25:26.0089 0x1124  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:25:26.0148 0x1124  RdpVideoMiniport - ok
20:25:26.0189 0x1124  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:25:26.0247 0x1124  RDPWD - ok
20:25:26.0301 0x1124  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:25:26.0316 0x1124  rdyboost - ok
20:25:26.0344 0x1124  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:25:26.0375 0x1124  RemoteAccess - ok
20:25:26.0405 0x1124  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:25:26.0437 0x1124  RemoteRegistry - ok
20:25:26.0456 0x1124  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:25:26.0487 0x1124  RpcEptMapper - ok
20:25:26.0516 0x1124  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:25:26.0544 0x1124  RpcLocator - ok
20:25:26.0576 0x1124  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:25:26.0615 0x1124  RpcSs - ok
20:25:26.0648 0x1124  [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F, DED50163906A86A55E299AAEE127B00EFCCEA7DF26AC962568C91935A13A1562 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
20:25:26.0664 0x1124  RSPCIESTOR - ok
20:25:26.0705 0x1124  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:25:26.0761 0x1124  rspndr - ok
20:25:26.0818 0x1124  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:25:26.0840 0x1124  RTL8167 - ok
20:25:26.0855 0x1124  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs           C:\Windows\system32\lsass.exe
20:25:26.0865 0x1124  SamSs - ok
20:25:26.0877 0x1124  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:25:26.0889 0x1124  sbp2port - ok
20:25:26.0917 0x1124  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:25:26.0950 0x1124  SCardSvr - ok
20:25:26.0968 0x1124  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:25:26.0996 0x1124  scfilter - ok
20:25:27.0040 0x1124  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:25:27.0095 0x1124  Schedule - ok
20:25:27.0127 0x1124  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:25:27.0156 0x1124  SCPolicySvc - ok
20:25:27.0200 0x1124  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:25:27.0215 0x1124  sdbus - ok
20:25:27.0244 0x1124  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:25:27.0270 0x1124  SDRSVC - ok
20:25:27.0293 0x1124  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:25:27.0321 0x1124  secdrv - ok
20:25:27.0333 0x1124  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:25:27.0380 0x1124  seclogon - ok
20:25:27.0411 0x1124  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:25:27.0463 0x1124  SENS - ok
20:25:27.0496 0x1124  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:25:27.0519 0x1124  SensrSvc - ok
20:25:27.0541 0x1124  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:25:27.0552 0x1124  Serenum - ok
20:25:27.0585 0x1124  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
20:25:27.0611 0x1124  Serial - ok
20:25:27.0632 0x1124  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:25:27.0658 0x1124  sermouse - ok
20:25:27.0693 0x1124  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:25:27.0737 0x1124  SessionEnv - ok
20:25:27.0769 0x1124  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:25:27.0782 0x1124  sffdisk - ok
20:25:27.0791 0x1124  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:25:27.0803 0x1124  sffp_mmc - ok
20:25:27.0817 0x1124  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:25:27.0829 0x1124  sffp_sd - ok
20:25:27.0863 0x1124  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:25:27.0895 0x1124  sfloppy - ok
20:25:27.0966 0x1124  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
20:25:27.0993 0x1124  Sftfs - ok
20:25:28.0090 0x1124  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:25:28.0110 0x1124  sftlist - ok
20:25:28.0157 0x1124  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:25:28.0173 0x1124  Sftplay - ok
20:25:28.0200 0x1124  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:25:28.0210 0x1124  Sftredir - ok
20:25:28.0219 0x1124  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
20:25:28.0228 0x1124  Sftvol - ok
20:25:28.0279 0x1124  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:25:28.0291 0x1124  sftvsa - ok
20:25:28.0347 0x1124  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:25:28.0383 0x1124  SharedAccess - ok
20:25:28.0420 0x1124  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:25:28.0476 0x1124  ShellHWDetection - ok
20:25:28.0510 0x1124  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:25:28.0520 0x1124  SiSRaid2 - ok
20:25:28.0543 0x1124  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:25:28.0554 0x1124  SiSRaid4 - ok
20:25:28.0630 0x1124  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:25:28.0648 0x1124  SkypeUpdate - ok
20:25:28.0677 0x1124  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:25:28.0725 0x1124  Smb - ok
20:25:28.0763 0x1124  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:25:28.0795 0x1124  SNMPTRAP - ok
20:25:28.0817 0x1124  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:25:28.0826 0x1124  spldr - ok
20:25:28.0878 0x1124  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:25:28.0918 0x1124  Spooler - ok
20:25:29.0045 0x1124  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:25:29.0157 0x1124  sppsvc - ok
20:25:29.0186 0x1124  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:25:29.0215 0x1124  sppuinotify - ok
20:25:29.0303 0x1124  [ A15860E920B02C9A7CE8F3A6C2FF1E3A, EC88ACD75D1423553C66E6706AD640A4BECD09E436172058FE137B0D7D339FB7 ] sptd            C:\Windows\System32\Drivers\sptd.sys
20:25:29.0325 0x1124  sptd - ok
20:25:29.0361 0x1124  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:25:29.0393 0x1124  srv - ok
20:25:29.0414 0x1124  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:25:29.0434 0x1124  srv2 - ok
20:25:29.0483 0x1124  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:25:29.0519 0x1124  SrvHsfHDA - ok
20:25:29.0576 0x1124  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:25:29.0641 0x1124  SrvHsfV92 - ok
20:25:29.0682 0x1124  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:25:29.0725 0x1124  SrvHsfWinac - ok
20:25:29.0756 0x1124  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:25:29.0770 0x1124  srvnet - ok
20:25:29.0798 0x1124  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:25:29.0831 0x1124  SSDPSRV - ok
20:25:29.0845 0x1124  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:25:29.0889 0x1124  SstpSvc - ok
20:25:29.0961 0x1124  [ 7BF818B11C1FEDC3E76D233124470A30, 77CEF8CBAECB30FC3487830CEAD272287D2A4400B5059DB8930A37EE5F5F7E7E ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
20:25:30.0018 0x1124  STacSV - ok
20:25:30.0111 0x1124  [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:25:33.0430 0x1124  Steam Client Service - ok
20:25:33.0459 0x1124  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:25:33.0469 0x1124  stexstor - ok
20:25:33.0539 0x1124  [ EBC1A5E076A9BE314D3D9E8ED19ABB0A, 7ED7AE9EEEC492D7176E093F6E080E5B3DC6F342041FD88F5848E8522EA06742 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
20:25:33.0586 0x1124  STHDA - ok
20:25:33.0646 0x1124  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:25:33.0675 0x1124  stisvc - ok
20:25:33.0698 0x1124  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:25:33.0707 0x1124  swenum - ok
20:25:33.0746 0x1124  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:25:33.0809 0x1124  swprv - ok
20:25:33.0861 0x1124  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:25:33.0879 0x1124  SynTP - ok
20:25:33.0964 0x1124  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
20:25:34.0061 0x1124  SysMain - ok
20:25:34.0087 0x1124  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:25:34.0125 0x1124  TabletInputService - ok
20:25:34.0183 0x1124  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
20:25:34.0223 0x1124  tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
20:25:36.0834 0x1124  Detect skipped due to KSN trusted
20:25:36.0834 0x1124  tap0901t - ok
20:25:37.0124 0x1124  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:25:37.0160 0x1124  TapiSrv - ok
20:25:37.0176 0x1124  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:25:37.0230 0x1124  TBS - ok
20:25:37.0329 0x1124  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:25:37.0385 0x1124  Tcpip - ok
20:25:37.0436 0x1124  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:25:37.0484 0x1124  TCPIP6 - ok
20:25:37.0515 0x1124  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:25:37.0526 0x1124  tcpipreg - ok
20:25:37.0550 0x1124  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:25:37.0586 0x1124  TDPIPE - ok
20:25:37.0615 0x1124  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:25:37.0625 0x1124  TDTCP - ok
20:25:37.0659 0x1124  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:25:37.0678 0x1124  tdx - ok
20:25:37.0705 0x1124  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:25:37.0716 0x1124  TermDD - ok
20:25:37.0773 0x1124  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
20:25:37.0838 0x1124  TermService - ok
20:25:37.0868 0x1124  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:25:37.0896 0x1124  Themes - ok
20:25:37.0927 0x1124  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:25:37.0957 0x1124  THREADORDER - ok
20:25:37.0971 0x1124  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:25:38.0019 0x1124  TrkWks - ok
20:25:38.0077 0x1124  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:25:38.0123 0x1124  TrustedInstaller - ok
20:25:38.0164 0x1124  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:25:38.0189 0x1124  tssecsrv - ok
20:25:38.0244 0x1124  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:25:38.0290 0x1124  TsUsbFlt - ok
20:25:38.0321 0x1124  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:25:38.0368 0x1124  TsUsbGD - ok
20:25:38.0410 0x1124  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:25:38.0458 0x1124  tunnel - ok
20:25:38.0541 0x1124  [ A96BE6F92EDE53BA5997B2AE7367EACD, D2CE331F0BBA15C19A66BEF91FBDA96536F656C89DC9FE1A2F88D0C368986BB2 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
20:25:38.0801 0x1124  TunngleService - ok
20:25:38.0821 0x1124  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:25:38.0834 0x1124  uagp35 - ok
20:25:38.0868 0x1124  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:25:38.0909 0x1124  udfs - ok
20:25:38.0944 0x1124  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:25:38.0972 0x1124  UI0Detect - ok
20:25:38.0994 0x1124  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:25:39.0005 0x1124  uliagpkx - ok
20:25:39.0048 0x1124  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:25:39.0060 0x1124  umbus - ok
20:25:39.0087 0x1124  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:25:39.0102 0x1124  UmPass - ok
20:25:39.0245 0x1124  [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:25:39.0311 0x1124  UNS - ok
20:25:39.0337 0x1124  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:25:39.0378 0x1124  upnphost - ok
20:25:39.0423 0x1124  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:25:39.0469 0x1124  usbaudio - ok
20:25:39.0498 0x1124  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:25:39.0544 0x1124  usbccgp - ok
20:25:39.0574 0x1124  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:25:39.0629 0x1124  usbcir - ok
20:25:39.0661 0x1124  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:25:39.0697 0x1124  usbehci - ok
20:25:39.0738 0x1124  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:25:39.0780 0x1124  usbhub - ok
20:25:39.0806 0x1124  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:25:39.0836 0x1124  usbohci - ok
20:25:39.0860 0x1124  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:25:39.0886 0x1124  usbprint - ok
20:25:39.0931 0x1124  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
20:25:39.0984 0x1124  usbscan - ok
20:25:40.0014 0x1124  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:25:40.0068 0x1124  USBSTOR - ok
20:25:40.0102 0x1124  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:25:40.0134 0x1124  usbuhci - ok
20:25:40.0204 0x1124  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:25:40.0222 0x1124  usbvideo - ok
20:25:40.0279 0x1124  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
20:25:40.0316 0x1124  usb_rndisx - ok
20:25:40.0346 0x1124  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:25:40.0393 0x1124  UxSms - ok
20:25:40.0412 0x1124  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc        C:\Windows\system32\lsass.exe
20:25:40.0422 0x1124  VaultSvc - ok
20:25:40.0449 0x1124  [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
20:25:40.0499 0x1124  VClone - ok
20:25:40.0526 0x1124  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:25:40.0538 0x1124  vdrvroot - ok
20:25:40.0583 0x1124  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:25:40.0635 0x1124  vds - ok
20:25:40.0660 0x1124  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:25:40.0676 0x1124  vga - ok
20:25:40.0695 0x1124  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:25:40.0744 0x1124  VgaSave - ok
20:25:40.0775 0x1124  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:25:40.0790 0x1124  vhdmp - ok
20:25:40.0818 0x1124  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:25:40.0828 0x1124  viaide - ok
20:25:40.0853 0x1124  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:25:40.0864 0x1124  volmgr - ok
20:25:40.0903 0x1124  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:25:40.0921 0x1124  volmgrx - ok
20:25:40.0953 0x1124  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:25:40.0968 0x1124  volsnap - ok
20:25:40.0989 0x1124  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:25:41.0002 0x1124  vsmraid - ok
20:25:41.0083 0x1124  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:25:41.0167 0x1124  VSS - ok
20:25:41.0194 0x1124  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:25:41.0208 0x1124  vwifibus - ok
20:25:41.0238 0x1124  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:25:41.0255 0x1124  vwififlt - ok
20:25:41.0288 0x1124  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:25:41.0317 0x1124  vwifimp - ok
20:25:41.0356 0x1124  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:25:41.0410 0x1124  W32Time - ok
20:25:41.0447 0x1124  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:25:41.0471 0x1124  WacomPen - ok
20:25:41.0517 0x1124  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:25:41.0564 0x1124  WANARP - ok
20:25:41.0568 0x1124  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:25:41.0599 0x1124  Wanarpv6 - ok
20:25:41.0684 0x1124  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:25:41.0761 0x1124  wbengine - ok
20:25:41.0785 0x1124  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:25:41.0825 0x1124  WbioSrvc - ok
20:25:41.0857 0x1124  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:25:41.0901 0x1124  wcncsvc - ok
20:25:41.0939 0x1124  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:25:42.0000 0x1124  WcsPlugInService - ok
20:25:42.0025 0x1124  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
20:25:42.0039 0x1124  Wd - ok
20:25:42.0100 0x1124  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:25:42.0133 0x1124  Wdf01000 - ok
20:25:42.0165 0x1124  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:25:42.0188 0x1124  WdiServiceHost - ok
20:25:42.0192 0x1124  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:25:42.0207 0x1124  WdiSystemHost - ok
20:25:42.0250 0x1124  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
20:25:42.0306 0x1124  WebClient - ok
20:25:42.0335 0x1124  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:25:42.0371 0x1124  Wecsvc - ok
20:25:42.0388 0x1124  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:25:42.0432 0x1124  wercplsupport - ok
20:25:42.0464 0x1124  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:25:42.0496 0x1124  WerSvc - ok
20:25:42.0539 0x1124  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:25:42.0570 0x1124  WfpLwf - ok
20:25:42.0579 0x1124  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:25:42.0591 0x1124  WIMMount - ok
20:25:42.0612 0x1124  WinDefend - ok
20:25:42.0629 0x1124  WinHttpAutoProxySvc - ok
20:25:42.0709 0x1124  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:25:42.0749 0x1124  Winmgmt - ok
20:25:42.0827 0x1124  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
20:25:42.0855 0x1124  WinRing0_1_2_0 - ok
20:25:42.0944 0x1124  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
20:25:43.0020 0x1124  WinRM - ok
20:25:43.0088 0x1124  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
20:25:43.0103 0x1124  WinUsb - ok
20:25:43.0148 0x1124  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:25:43.0186 0x1124  Wlansvc - ok
20:25:43.0229 0x1124  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:25:43.0240 0x1124  wlcrasvc - ok
20:25:43.0378 0x1124  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:25:43.0436 0x1124  wlidsvc - ok
20:25:43.0462 0x1124  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:25:43.0493 0x1124  WmiAcpi - ok
20:25:43.0525 0x1124  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:25:43.0545 0x1124  wmiApSrv - ok
20:25:43.0594 0x1124  WMPNetworkSvc - ok
20:25:43.0625 0x1124  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:25:43.0653 0x1124  WPCSvc - ok
20:25:43.0671 0x1124  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:25:43.0702 0x1124  WPDBusEnum - ok
20:25:43.0735 0x1124  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:25:43.0769 0x1124  ws2ifsl - ok
20:25:43.0794 0x1124  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:25:43.0828 0x1124  wscsvc - ok
20:25:43.0831 0x1124  WSearch - ok
20:25:43.0946 0x1124  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:25:44.0040 0x1124  wuauserv - ok
20:25:44.0074 0x1124  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:25:44.0121 0x1124  WudfPf - ok
20:25:44.0156 0x1124  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:25:44.0190 0x1124  WUDFRd - ok
20:25:44.0229 0x1124  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:25:44.0242 0x1124  wudfsvc - ok
20:25:44.0277 0x1124  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:25:44.0321 0x1124  WwanSvc - ok
20:25:44.0366 0x1124  ================ Scan global ===============================
20:25:44.0396 0x1124  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
20:25:44.0435 0x1124  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
20:25:44.0447 0x1124  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
20:25:44.0475 0x1124  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:25:44.0508 0x1124  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:25:44.0516 0x1124  [ Global ] - ok
20:25:44.0516 0x1124  ================ Scan MBR ==================================
20:25:44.0539 0x1124  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:25:45.0561 0x1124  \Device\Harddisk0\DR0 - ok
20:25:45.0562 0x1124  ================ Scan VBR ==================================
20:25:45.0574 0x1124  [ 4FF61C067DF2163C426FF66457F97287 ] \Device\Harddisk0\DR0\Partition1
20:25:45.0576 0x1124  \Device\Harddisk0\DR0\Partition1 - ok
20:25:45.0590 0x1124  [ 43562CF4845821172D97D2CC07887423 ] \Device\Harddisk0\DR0\Partition2
20:25:45.0591 0x1124  \Device\Harddisk0\DR0\Partition2 - ok
20:25:45.0615 0x1124  [ E08899571D705957F813BCA9E0B9755A ] \Device\Harddisk0\DR0\Partition3
20:25:45.0617 0x1124  \Device\Harddisk0\DR0\Partition3 - ok
20:25:45.0634 0x1124  [ C9DEEDF5F5CB234C80B44EBDC77E7BF7 ] \Device\Harddisk0\DR0\Partition4
20:25:45.0634 0x1124  \Device\Harddisk0\DR0\Partition4 - ok
20:25:45.0635 0x1124  ================ Scan generic autorun ======================
20:25:45.0635 0x1124  SynTPEnh - ok
20:25:45.0758 0x1124  [ FEDB6110D3E0A7EFE6996F93CD8C48E7, 719F6B648AE9841B03C8FB9FC9D0CB1233FDD3030FBD3C420C3E8CEB59A12214 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
20:25:45.0783 0x1124  CanonSolutionMenu - ok
20:25:45.0866 0x1124  [ B28AD85B8C199CB573621FCE54D7E19C, 42FFD67529592C5F349936C175E0C40E4E116E20B041042AB1E05FF164AEDD17 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
20:25:45.0919 0x1124  CanonMyPrinter - ok
20:25:45.0947 0x1124  [ 31F52459AA89317FFB57EBAF9B4DD8BC, 05DA7048451BEF06B059A86D7FB3084942724F3359BD67A0DFADFB3FFFF6990A ] C:\Windows\system32\igfxtray.exe
20:25:45.0960 0x1124  IgfxTray - ok
20:25:46.0010 0x1124  [ 6E8957E9E803060893FA7D7C02B3F7B2, DAF0B7132AA48C29B0AE3DEEE8F93861CAC15D22B916F952388EBDDE944F4F9D ] C:\Windows\system32\hkcmd.exe
20:25:46.0027 0x1124  HotKeysCmds - ok
20:25:46.0056 0x1124  [ 7CA105C4CCDFCA407859B2DF3D05A645, 36EEE251B2A221F1974A5BE3A743135EB317FF95A32A8B31DA3791573DB7D6BE ] C:\Windows\system32\igfxpers.exe
20:25:46.0071 0x1124  Persistence - ok
20:25:46.0176 0x1124  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
20:25:46.0216 0x1124  MSC - ok
20:25:46.0291 0x1124  [ F3A2D14972B46AE8AF11E72493B0031C, F862A4AC88426480EBE8CCD7840A91155C887413B30B1E18499F973390886E29 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:25:46.0321 0x1124  StartCCC - ok
20:25:46.0399 0x1124  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:25:46.0454 0x1124  Sidebar - ok
20:25:46.0480 0x1124  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:25:46.0496 0x1124  mctadmin - ok
20:25:46.0524 0x1124  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:25:46.0566 0x1124  Sidebar - ok
20:25:46.0576 0x1124  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:25:46.0594 0x1124  mctadmin - ok
20:25:46.0841 0x1124  [ 5721B5C4CBEBBD0C85AE311366783386, C2A780D6F49A0F75CF53C6A032BC9C4494D6F0FB5A0B767845AE5052179C7C40 ] C:\Users\Silvio\AppData\Local\Akamai\netsession_win.exe
20:25:46.0959 0x1124  Akamai NetSession Interface - ok
20:25:47.0227 0x1124  [ 845799C9874B68BEAE3B64059653C7E3, 2E0B9DD46569A6449989E2D7C60B88B46352A178019B4BD840C166674E798CFD ] C:\Program Files\CCleaner\CCleaner64.exe
20:25:47.0385 0x1124  CCleaner Monitoring - ok
20:25:47.0392 0x1124  Waiting for KSN requests completion. In queue: 198
20:25:48.0392 0x1124  Waiting for KSN requests completion. In queue: 198
20:25:49.0393 0x1124  Waiting for KSN requests completion. In queue: 198
20:25:50.0393 0x1124  Waiting for KSN requests completion. In queue: 198
20:25:53.0170 0x1124  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.420 ), 0x41000 ( enabled : updated )
20:25:53.0184 0x1124  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
20:25:53.0207 0x1124  Win FW state via NFP2: enabled ( trusted )
20:25:55.0758 0x1124  ============================================================
20:25:55.0758 0x1124  Scan finished
20:25:55.0758 0x1124  ============================================================
20:25:55.0763 0x1104  Detected object count: 0
20:25:55.0763 0x1104  Actual detected object count: 0

keine Funde

----------------------------------------------------------------------------------------

Haben die vllt damit was zu tun?

Ich weiß, doppelposting ist nicht erwünscht, aber da ich nun mich langsam mal ins Bett bewegen muss, wollte ich gerne noch das anfügen:

Code:

ATTFilter

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten.

C:\Windows\system32>chdksk
Der Befehl "chdksk" ist entweder falsch geschrieben oder
konnte nicht gefunden werden.

C:\Windows\system32>chkdsk
Der Typ des Dateisystems ist NTFS.

WARNUNG! Der Parameter F wurde nicht angegeben.
CHKDSK wird im schreibgeschützten Modus ausgeführt.

CHKDSK überprüft Dateien (Phase 1 von 3)...
  445696 Datensätze verarbeitet.
Dateiüberprüfung beendet.
  1155 große Datensätze verarbeitet.
  0 ungültige Datensätze verarbeitet.
  0 E/A-Datensätze verarbeitet.
  72 Analysedatensätze verarbeitet.
CHKDSK überprüft Indizes (Phase 2 von 3)...
  530018 Indexeinträge verarbeitet.
Indexüberprüfung beendet.
  0 nicht indizierte Dateien überprüft.
  0 nicht indizierte Dateien wiederhergestellt.
CHKDSK überprüft Sicherheitsbeschreibungen (Phase 3 von 3)...
  445696 SDs/SIDs verarbeitet.
Überprüfung der Sicherheitsbeschreibungen beendet.
  42162 Datendateien verarbeitet.
CHKDSK überprüft USN-Journal...
100 Prozent abgeschlossen. (33988608 von 33993280 USN-Bytes verarbeitet)
  33993280 USN-Bytes verarbeitet.
Die Überprüfung von USN-Journal ist abgeschlossen.
Das Dateisystem wurde überprüft. Es wurden keine Probleme festgestellt.

 462412799 KB Speicherplatz auf dem Datenträger insgesamt
 252263608 KB in 269893 Dateien
    147220 KB in 42163 Indizes
         0 KB in fehlerhaften Sektoren
    561579 KB vom System benutzt
     65536 KB von der Protokolldatei belegt
 209440392 KB auf dem Datenträger verfügbar

      4096 Bytes in jeder Zuordnungseinheit
 115603199 Zuordnungseinheiten auf dem Datenträger insgesamt
  52360098 Zuordnungseinheiten auf dem Datenträger verfügbar

C:\Windows\system32>

Gute Nacht und bis morgen

Deathkid535 · 19.09.2015, 12:41

Hi,

nein, das ist normal

Schritt # 1: Programme deinstallieren

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Game Booster 3
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Game Booster beschleunigen deine Spiele nicht, können aber zu Instabilitäten auf deinem System führen: Benchmarked: Will a ?Game Booster? Improve Your PC Gaming Performance?.

Schritt # 2: MBAM

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt # 3: AdwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt # 4: JRT

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt # 5: ESET

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt # 6: FRST

Bitte noch ein FRST-Log erstellen.

Schritt # 7: Bitte Posten

Das Logfile von MBAM
Das Logfile von AdwCleaner
Das Logfile von JRT
Das Logfile von ESET
Das Logfile von FRST

DeSergo · 19.09.2015, 19:18

Ui ui sobald ich zuhause bin, werde ich mich dann darauf stürzen^^

LG

das kam beim Deinstallieren von JDownloader, das habe ich nebenbei auch gleich entfernt ( zusätzlich zum GameBooster)

Beim Verschieben der Bedrohungen in die Quarantäne hat Avira nen Zugriff auf die Registry gestoppt ( mbam )

Deathkid535 · 19.09.2015, 20:51

Hi,

das von Avira ist ein Fehlalarm. Wenn JDownloader nicht mehr in der Installiert-Liste auftaucht passt das schon

DeSergo · 19.09.2015, 21:38

Naja ESET läuft gerade durch (bin am Handy)

Bei Mbam waren die Dateien noch in der Quarantäne, das ist soweit io?

Logs poste ich nach dem scan von ESET
13% nach 43:34 & 88247 Dateien

-------------------------------------------------------------------------------
ADW

Code:

ATTFilter

# AdwCleaner v5.008 - Bericht erstellt am 19/09/2015 um 20:36:38
# Aktualisiert am 18/09/2015 von Xplode
# Datenbank : 2015-09-17.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Silvio - SERGO
# Gestartet von : C:\Users\Silvio\Desktop\adwcleaner_5.008.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\ParetoLogic
[-] Ordner Gelöscht : C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
[-] Ordner Gelöscht : C:\Users\Silvio\AppData\Roaming\DriverCure
[-] Ordner Gelöscht : C:\Users\Silvio\AppData\Roaming\ParetoLogic
[-] Ordner Gelöscht : C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Smartbar

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\user.js

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : update-sys
[-] Task Gelöscht : update-S-1-5-21-2046019297-940583845-634688912-1000
[-] Task Gelöscht : update-sys
[-] Task Gelöscht : update-S-1-5-21-2046019297-940583845-634688912-1000
[-] Task Gelöscht : update-sys

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\ParetoLogic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Conduit
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ParetoLogic
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2046019297-940583845-634688912-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

***** [ Internetbrowser ] *****

[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.129219291115406421.isToggled_item0_11", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.129258349557489521.APP_WIN_FEATURES", "%F8%EB%F9%EF%u0100%E7%E8%F2%EB%C3%F4%F5%B2%A6%F9%E7%FC%EB%F8%EB%F9%EF%u0100%EB%EA%F9%EF%u0100%EB%C3%F4%F5%B2%A6%EE%F9%E9%F8%F5%F2%F2%C3%F4%F[...]
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.FF19Solved", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.FirstTime", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.FirstTimeFF3", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.RestartDialogFirstTime", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.RestartDialogShouldDisplay", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.TrusteLinkUrl", "");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.UserID", "UN32865267281328231");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.activeToolbar.enc", "c3RhZW1tZQ==");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.addressBarTakeOverEnabledInHidden", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.addressUrlXPETakeover", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.autoDisableScopes", 10);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.countryCode", "DE");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.defaultSearch", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.defaultSearchUrl", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.enableAlerts", "always");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.enableFix404ByUser", "FALSE");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.enableSearchFromAddressBar", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.firstTimeDialogOpened", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.fixPageNotFoundError", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.fixPageNotFoundErrorByUser", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.fixPageNotFoundErrorInHidden", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.fixUrls", true);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.fullUserID", "UN32865267281328231.UP.20130625191840");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.homepageuserchanged", true);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.hxxp___toolbar_innogames_de_toolbars_flags.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPW5vLCBzYXZlcmVzaXplZHNpemU9bm8sIGhzY3JvbGw9bm8sIHZzY3JvbGw9bm8sIHRpdGxlYmFyPW5vLCBjbG9zZWJ1dHRvbj1u[...]
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.hxxp___toolbar_innogames_de_toolbars_staemme.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPW5vLCBzYXZlcmVzaXplZHNpemU9bm8sIGhzY3JvbGw9bm8sIHZzY3JvbGw9bm8sIHRpdGxlYmFyPW5vLCBjbG9zZWJ1dHRvbj[...]
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.hxxp___toolbar_innogames_de_toolbars_switch.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPW5vLCBzYXZlcmVzaXplZHNpemU9bm8sIGhzY3JvbGw9bm8sIHZzY3JvbGw9bm8sIHRpdGxlYmFyPW5vLCBjbG9zZW9uZXh0ZXJ[...]
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.installDate", "27/2/2013 19:48:36");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.installId", "dm");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.installSessionId", "2595193c-b354-4c9f-9347-9c33b9c2d2b6");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.installSp", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.installType", "conduitnsisintegration");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.installUsage", "30/06/2013 20:45:16");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.installUsageEarly", "30/06/2013 20:45:16");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.installerVersion", "1.5.4.1");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.isCheckedStartAsHidden", true);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.isFirstTimeToolbarLoading", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.keyword", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://www.trovigo.com/?gd=&ctid=CT2682599&octid=CT2682599&ISID=ISID_ID&SearchSource=15&CUI=UN32865267281328231&Lay=1&UM[...]
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.lastVersion", "10.38.0.509");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.migrateAppsAndComponents", true);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.trojaner-board.de%2F171273-win-7-datentraeger-neuerdings-100-auslastung.html\",\"EB_MAIN_FRAME_TITLE\":\"Win%207[...]
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.openThankYouPage", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.openUninstallPage", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN32865267281328231&UM=UM_ID&q=");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.performedDomainChangesMigration", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.revertSettingsEnabled", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.search.searchAppId", "129219291115718929");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.search.searchCount", "2");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.searchAddressUrl", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.searchInNewTabEnabledByUser", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.searchInNewTabEnabledInHidden", "true");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.searchRevert", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.searchSuggestEnabledByUser", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.searchUserMode", "1");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.selectToSearchBoxEnabledByUser", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.sendUsageEnabled", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2682599\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://InnoGames.OurToolbar.com//xpi\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"InnoGames \"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_Configuration_lastUpdate", "1442678829810");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1389119450262");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_appsMetadata_lastUpdate", "1389210968261");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1388770231471");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_location_lastUpdate", "1372175957063");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364249722013");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.15.0.562_lastUpdate", "1372175956346");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.15.2.523_lastUpdate", "1369424666193");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374595764210");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377721078533");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378832354038");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.20.0.513_lastUpdate", "1380446501190");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.20.1.508_lastUpdate", "1382570089086");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384467765219");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385085601822");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386882828403");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.23.0.822_lastUpdate", "1390058053393");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.29.0.520_lastUpdate", "1399219886363");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.30.1.502_lastUpdate", "1400789639903");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.31.0.526_lastUpdate", "1401379699740");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.31.2.501_lastUpdate", "1404416581591");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.33.0.505_lastUpdate", "1408613999852");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.33.0.517_lastUpdate", "1411925687163");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.34.0.503_lastUpdate", "1415732391957");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.35.0.503_lastUpdate", "1424105188633");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.37.0.508_lastUpdate", "1436987210347");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_login_10.38.0.509_lastUpdate", "1442678825936");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1388770231471");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_searchAPI_lastUpdate", "1442678829717");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_serviceMap_lastUpdate", "1442678829565");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_setupAPI_lastUpdate", "1364249777035");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_toolbarContextMenu_lastUpdate", "1389210968146");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_toolbarSettings_lastUpdate", "1442686029971");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.serviceLayer_services_translation_lastUpdate", "1442678827057");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.settingsINI", true);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.shouldFirstTimeDialog", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.showToolbarPermission", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.smartbar.CTID", "CT2682599");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.smartbar.Uninstall", "0");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.smartbar.homepage", true);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.smartbar.isHidden", false);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.smartbar.toolbarName", "InnoGames ");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.staemme_world_de.enc", "ZGU4Mg==");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.startPage", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.startPageUrl", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.toolbarBornServerTime", "27-2-2013");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.toolbarCurrentServerTime", "19-9-2015");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.toolbarLoginClientTime", "Tue Mar 26 2013 09:28:10 GMT+0100");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.toolbarUrl.enc", "aHR0cDovL3Rvb2xiYXIuaW5ub2dhbWVzLmRlL3Rvb2xiYXJzL3N0YWVtbWUvdG9vbGJhci5waHA=");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.toolbar_market.enc", "ZGU=");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599.versionFromInstaller", "10.16.4.19");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("CT2682599_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1442680594964,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN32865267281328231&UM=UM_ID&q=");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN32865267281328231&UM=1&q=");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("plugin.state.npconduitfirefoxplugin", 2);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT2682599");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.conduitHomepageList", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "false,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN32865267281328231&UM=1&q=");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.homepageList", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.machineId", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.originalHomepage", "false");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.originalSearchAddressUrl", "");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.searchAddressUrlList", "false,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN32865267281328231&UM=1&q=");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("valueApps.CT2682599.mam_gk_currentVersion", "312E31332E302E3137");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("valueApps.CT2682599.mam_gk_currentVersion.storedInFile", false);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("valueApps.CT2682599.mam_gk_globalKeysMigratedToLocalStorage", "31");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("valueApps.CT2682599.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("valueApps.CT2682599.mam_gk_migrated_from_ls", "31");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("valueApps.CT2682599.mam_gk_migrated_from_ls.storedInFile", false);
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("valueApps.CT2682599.mam_gk_userBornDate", "4E2F41");
[-] [C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js] [Preference] Gelöscht : user_pref("valueApps.CT2682599.mam_gk_userBornDate.storedInFile", false);

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [31994 Bytes] ##########

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 7 Home Premium x64
Ran by Silvio on 19.09.2015 at 20:42:12.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{88AEA96D-C839-4D40-9888-4DC0F37C806E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{88AEA96D-C839-4D40-9888-4DC0F37C806E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}



~~~ Files

Successfully deleted: [File] C:\Windows\SysWOW64\sho3237.tmp



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Silvio\Appdata\Local\{9631A135-0747-433F-AC5F-9194573FCDDB}
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin



~~~ FireFox

Successfully deleted the following from C:\Users\Silvio\AppData\Roaming\mozilla\firefox\profiles\wboikx2j.default\prefs.js

user_pref(valueApps.storage.mam_gk_userId, 66346663353662372D396466302D343136652D386262382D306631613262643362373162);
Emptied folder: C:\Users\Silvio\AppData\Roaming\mozilla\firefox\profiles\wboikx2j.default\minidumps [355 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.09.2015 at 20:45:59.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MBAM1

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 19.09.2015
Suchlaufzeit: 19:37
Protokolldatei: mbamsuchlauf.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.19.05
Rootkit-Datenbank: v2015.09.18.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Silvio

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 369281
Abgelaufene Zeit: 34 Min., 41 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 2
PUP.Optional.ClientConnect, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Plugins\npFirefoxPlugin.dll, Löschen bei Neustart, [fdc43cf5bfcc02348c367bacbd44d927], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\ctypes\FirefoxCtype.dll, Löschen bei Neustart, [c100ad84f19a7abc0579aff97e8745bb], 

Registrierungsschlüssel: 12
PUP.Optional.PriceGong, HKLM\SOFTWARE\CLASSES\APPID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}, In Quarantäne, [952cce632f5ce3538b3f4d9ac63c30d0], 
PUP.Optional.PriceGong, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}, In Quarantäne, [952cce632f5ce3538b3f4d9ac63c30d0], 
PUP.Optional.PriceGong, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}, In Quarantäne, [952cce632f5ce3538b3f4d9ac63c30d0], 
PUP.Optional.PriceGong, HKLM\SOFTWARE\CLASSES\APPID\PriceGongIE.DLL, In Quarantäne, [398836fb99f29c9a6945cfe13ec62ad6], 
PUP.Optional.PriceGong, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\PriceGongIE.DLL, In Quarantäne, [e1e082af5734c472f0be634ddd27a759], 
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\SweetIM, In Quarantäne, [6d5410210f7c41f5fd97239a1fe5a759], 
PUP.Optional.PriceGong, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\PriceGongIE.DLL, In Quarantäne, [4c75ad84197258ded2dc298727dd1de3], 
PUP.Optional.1ClickDownload, HKU\S-1-5-21-2046019297-940583845-634688912-1000\SOFTWARE\1ClickDownload, In Quarantäne, [07bae64bb3d84fe7d97e72109b69619f], 
PUP.Optional.SweetIM, HKU\S-1-5-21-2046019297-940583845-634688912-1000\SOFTWARE\SweetIM, In Quarantäne, [229fbe7377145adc543b5e5f7292eb15], 
PUP.Optional.PriceGong, HKU\S-1-5-21-2046019297-940583845-634688912-1000\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [a61b91a0f893c47201af2b8534d06799], 
PUP.Optional.Conduit, HKU\S-1-5-21-2046019297-940583845-634688912-1000\SOFTWARE\CONDUIT\FF, In Quarantäne, [c001270a8dfeed491d5b1d7042c28977], 
PUP.Optional.ValueApps, HKU\S-1-5-21-2046019297-940583845-634688912-1000\SOFTWARE\CONDUIT\ValueApps, In Quarantäne, [635e1c15d3b8e1554ec36b579c6823dd], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 118
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.ValueApps, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\valueApps, In Quarantäne, [dce539f8cbc085b12e7880a924df857b], 
PUP.Optional.ValueApps, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\valueApps\CT2682599, In Quarantäne, [dce539f8cbc085b12e7880a924df857b], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}, Löschen bei Neustart, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\res, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\api, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\msd, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\js\resources, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spsd, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spsd\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gadgetFrame, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\img, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\img, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\APPLICATION_BUTTON, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\APPLICATION_BUTTON\Js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\APPLICATION_BUTTON\resources, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\img, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\js\resources, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\dark, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\light, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\Optimizer, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\Optimizer\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\agreement, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\css\custom-theme, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb],

DeSergo · 19.09.2015, 21:39

MBAM2

Code:

ATTFilter

PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\css\custom-theme, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\resources, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\buildSettings, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\Css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\resources, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\view, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\view\script, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\view\style, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\view\style\rsx, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\img, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\core, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.alerts, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.alerts\images, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.jscrollpane, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\sl, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\lib, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\components, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\components\mam, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\ctypes, Löschen bei Neustart, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\defaults, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\defaults\preferences, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\lib, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\META-INF, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\modules, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Plugins, Löschen bei Neustart, [c100ad84f19a7abc0579aff97e8745bb], 

Dateien: 430
PUP.Optional.ClientConnect, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Plugins\npFirefoxPlugin.dll, Löschen bei Neustart, [fdc43cf5bfcc02348c367bacbd44d927], 
PUP.Optional.DVDVideoSoft, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi, In Quarantäne, [cff2032e503b2c0a0a6c6c29f90b817f], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\1.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\16137.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\1728.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\2229.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\2260.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\371.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\7152.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\a.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\b.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\c.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\d.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\e.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\f.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\g.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\h.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\i.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\j.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\k.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\l.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\m.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\mru.xml, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\n.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\o.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\p.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\q.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\r.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\s.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\t.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\u.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\v.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\w.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\wlu.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\x.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\y.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.PriceGong, C:\Users\Silvio\AppData\LocalLow\PriceGong\Data\z.txt, In Quarantäne, [6a57af821b707fb7c4f374ac38cbf40c], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\chrome.manifest, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\install.rdf, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\sspv.txt, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\version.txt, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\AbstractionLayer.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\AbstractionLayerBack.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\AbstractionLayerFront.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\BrowserContextMenuManager.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\popup.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\popup.xul, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\popupTransparent.xul, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\preferences.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\preferences.xul, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\toolbaroverlay.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\toolbaroverlay.xul, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tooltips.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\version.xul, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\autoComplete.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\priceGongMigration.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\MozillaRetentionDialog.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\RetentionDialog.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\css\MozillaRetentionDialog.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\css\RetentionDialog.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\images\2.0--spec--kicker.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\images\content-pattern.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\images\content-sep.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\images\OK-Button-Default.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\images\OK-Button-MouseOver.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\images\OK-Button-OnClick.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\images\x.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\js\MozillaRetentionDialog.view.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\logic\uninstall\dialog\js\RetentionDialog.view.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\backstage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\version.txt, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\al.view.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\aboutBox.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\images\logo.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\images\OK-Button-Default.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\images\OK-Button-MouseOver.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\images\OK-Button-OnClick.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\images\truste.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\images\x.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\aboutBox\js\aboutBox.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\appManager.controller.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\appManager.model.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\appManager.view.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\css\toolbar.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\ajax-loader.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\buttonSprites.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\chevron_sprites.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\fallback24.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\ie8_mouseover_button.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\ie8_onclick_button.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\loader-icon.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\menu_arrow.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\minibrowser.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\minibrowser24.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\mp_sprites.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\new_chevron_sprites.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\rounded_corners_left_transparent.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\rounded_corners_left_white.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\rounded_corners_left_white_34.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\rounded_corners_right_transparent.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\rounded_corners_right_white.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\rounded_corners_right_white_34.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\separator.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\separator_hover.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\img\uus.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ac\res\yoxscroll.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\api\toolbarapi.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\api\webAppApi.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\api\webAppApiFront.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\msd\excanvas.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\msd\trusted.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\msd\trusted.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\msd\untrusted.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\msd\untrusted.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\msd\untrusted.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\options.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\css\jquery.jscrollpane.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\css\options.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\css\reset.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\bg-hide-click.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\bg-hide.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\checkbox-check-off.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\checkbox-check-on.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\ic_Closer.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\ic_Closer_hover.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\logo.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\minibrowser.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\scroller.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\sprite-ok-button.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\truste.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\images\x.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\js\html5SupportIe.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\js\options.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\js\resources\html5shiv.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\js\resources\jquery.jscrollpane.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\options\js\resources\jquery.mousewheel.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\js\searchProtectorManager.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\bubble.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\bubble.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\main.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\images\information.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\images\x-default-LTR.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\images\x-default-RTL.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\images\x-mouseover-LTR.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spbd\images\x-mouseover-RTL.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spsd\main.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spsd\SearchProtector.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spsd\settings.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spsd\images\ok-button.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spsd\images\separation-line.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\sp\spsd\images\warning.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menus.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\popups.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\DialogsAPI.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\excanvas.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\generalDialogStyle.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\PIE.htc, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\settings.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\main.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\app-store-icon.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\arrow.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\dialog_tip_left.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\dialog_tip_right.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\divider.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\emailNotifier.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\facebook.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\radio.GIF, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\Thumbs.db, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\truste_welcome.GIF, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\ftd\images\weather.GIF, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\main.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\restartDialog.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\restartDialog.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\images\2.0--spec--kicker.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\images\content-pattern.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\images\content-sep.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\images\OK-Button-Default.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\images\OK-Button-MouseOver.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\images\OK-Button-OnClick.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\dlg\restart\images\x.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gadgetFrame\gf.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gadgetFrame\lgf.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\gf.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\lgf.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\css\gf.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\css\gf_ie.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\img\ie_back.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\img\loader.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\img\resize.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\img\sprites.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\js\gf.view.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\gf\js\lgf.view.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\popup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\css\menu.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\img\arrow-down-strong.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\img\arrow-down.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\img\arrow-left-strong.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\img\arrow-left.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\img\arrow-right-strong.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\img\arrow-right.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\img\arrows.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\js\jquery.ellipsis.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\js\jquery.scrollTo-1.4.2-min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\js\menu.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\js\renderHandler.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\js\scrollers.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\ui\menu\js\showHandler.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\browserAppApi.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\APPLICATION_BUTTON\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\APPLICATION_BUTTON\Js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\APPLICATION_BUTTON\resources\defaultEngineImage.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\bgPage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\popup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\css\en.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\css\en_rtl.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\css\jquery.jscrollpane.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\AccountManager.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\bgPage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\EN.model.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\IMAPExecuter.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\Inboxer.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\Invoker.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\MailDecoder.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\MailMerger.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\POP3Executer.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\Popup.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\providerHelper.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\Providers.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\SettingsManager.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\Timer.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\Translation.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\EMAIL_NOTIFIER\js\Utils.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\embedded.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\popup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\css\embedded.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\css\popup.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\css\reset.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\js\embedded.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\js\higlighter_script.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\HIGHLIGHTER\js\popup.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\popup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\css\popup.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\img\arrows.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\img\badges.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\img\icons.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\js\popup.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\MULTI_RSS\js\resources\webAppUtils.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\embedded.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\NotificationPopup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\Settings.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\css\gadget.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\css\general.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\css\Main.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\css\newMain.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\css\settings.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\css\ui.stepper.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\closeIcon.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\downArrow.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\settingsIcon.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\upArrow.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\dark\close.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\dark\Next.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\dark\Next_hover.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\dark\powered-by.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\dark\Prev.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\dark\Prev_hover.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\dark\settings.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\light\close.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\light\Next.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\light\Next_hover.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\light\powered-by.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\light\Prev.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\light\Prev_hover.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\images\light\settings.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\AppName.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\bgpageEarly.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\commons.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\jquery.ezmark.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\notification.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\NotificationSettings.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\notificationUIManger.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\Settings.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\stepper.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\NOTIFICATION\js\ToolbarAndAppsSettings.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\Optimizer\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\Optimizer\js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\pg_offers.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\pg_offers.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\agreement\agree.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\agreement\agree.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\agreement\Close.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\agreement\Image.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\agreement\Logo.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\agreement\OK_Btn.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\agreement\Topbg.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\css\gadget.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\css\ie7styles.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\css\iestyle.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\css\custom-theme\jquery-ui-1.8.10.custom.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\PRICE_GONG\images\icon.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\embedded.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\popup2.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\css\gadget.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\css\jquery.jscrollpane.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\css\reset.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\css\stations.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\css\custom-theme\jquery-ui-1.8.10.custom.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\bgpageEarly.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\embedded.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\embeddedEarly.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\localization.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\player.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\popup.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\resources\BrowserDetect.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery-ui-1.8.10.custom.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.jscrollpane.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.scrollTo-1.4.2-min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\resources\radioCommon.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\resources\system.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\RADIO_PLAYER\js\resources\utils.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\embedded.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\information.popup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\buildSettings\SearchApp_Ant.xml, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\Css\information.popup.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\common.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\contentManager.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\historyProvider.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\information.popup.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\layoutManager.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\searchListener.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\selectionListener.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\js\suggestProvider.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\resources\history--x-default.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\resources\history--x-mouseover.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\resources\menu.icon.apps.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\view\script\view.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\view\style\default.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\view\style\rsx\dd-arrow.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\SEARCH\view\style\rsx\ie8.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\popup.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\popup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\img\icons.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\img\inbox.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\img\scroll_down.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\img\scroll_up.png, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\js\localization.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\TWITTER\js\popup.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\bgpage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\popup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\css\gadget.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\css\ie7styles.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\css\iestyle.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\bgpage.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\common.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\date-functions.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\gadget.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\jquery.autocomplete.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\jquery.textshadow.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\logic.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\main.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\al\wa\WEATHER\js\xPath.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\core\corelibs.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\core\framework.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\core\utils.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\al.view.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\al.viewPerformanceLog.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\background.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\ie_fix.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.mousewheel.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.text-overflow.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.tmpl.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.xml2json.custom.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.xml2json.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\json2.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\json2.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\script2injectEmbedded.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\script2injectPopup.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\sdk.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.alerts\jquery.alerts.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.alerts\jquery.alerts.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.alerts\images\help.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.alerts\images\important.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.alerts\images\info.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.alerts\images\title.gif, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.jscrollpane\jquery.jscrollpane.css, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\lib\jquery.jscrollpane\jquery.jscrollpane.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\tb\sl\serviceLayer.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\backstage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\frontstage.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\navigationTests.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\popup.html, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\js\framework.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\lib\jquery-1.4.1.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\lib\jquery-1.5.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\lib\jquery-1.6.2.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\lib\json2.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\lib\LAB.min.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\lib\log4javascript.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Chrome\CT2682599\content\test\toolbar\lib\log4javascriptStub4Release.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\components\autoCompleteManager.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\components\mam\mamModule.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\ctypes\FirefoxCtype.dll, Löschen bei Neustart, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\defaults\preferences\defaults.js, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\lib\log4conduit.jsm, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\lib\log4moz.jsm, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\META-INF\manifest.mf, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\META-INF\zigbert.rsa, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\META-INF\zigbert.sf, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\modules\BackStage.jsm, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\modules\Commons.jsm, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\modules\FrontStage.jsm, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}\Plugins\np-mswmp.dll, In Quarantäne, [c100ad84f19a7abc0579aff97e8745bb], 
PUP.Optional.Conduit, C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN32865267281328231&UM=1&q=");), Ersetzt,[ac15cd6473185fd70b8a09a0b4513fc1]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

-------------------------------------------------------------------------------

rest folgt wie gesagt nach ESET .. scheint wohl noch ~4h zu brauchen

Deathkid535 · 19.09.2015, 23:22

Ja, ESET braucht sehr lange

DeSergo · 19.09.2015, 23:31

Schneller als gedacht^^

ESET

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=bfb9a0f26d87394fa0d1f24c876b23d2
# end=init
# utc_time=2015-09-19 06:48:20
# local_time=2015-09-19 08:48:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 25847
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=bfb9a0f26d87394fa0d1f24c876b23d2
# end=updated
# utc_time=2015-09-19 07:16:46
# local_time=2015-09-19 09:16:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=bfb9a0f26d87394fa0d1f24c876b23d2
# engine=25847
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-19 10:21:29
# local_time=2015-09-20 12:21:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 9109013 65681683 0 0
# scanned=304773
# found=3
# cleaned=0
# scan_time=11082
sh=3FC0194F5C0DC4AA9D0204670739C2668F1D893B ft=1 fh=5975ff0d17167e7c vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Silvio\AppData\Roaming\uTorrent\uTorrent.exe"
sh=3FC0194F5C0DC4AA9D0204670739C2668F1D893B ft=1 fh=5975ff0d17167e7c vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Silvio\AppData\Roaming\uTorrent\updates\3.3.2_30586.exe"
sh=79443021B3C387F74917D44CB51F7CFA632A0325 ft=0 fh=0000000000000000 vn="Win32/RiskWare.HackAV.MQ Anwendung" ac=I fn="C:\Users\Silvio\Desktop\Sicherheit und Clean\Eset.zip"

FRST - Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Silvio (2015-09-20 00:29:55)
Gestartet von C:\Users\Silvio\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-13 15:42:48)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2046019297-940583845-634688912-500 - Administrator - Disabled)
Gast (S-1-5-21-2046019297-940583845-634688912-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2046019297-940583845-634688912-1005 - Limited - Enabled)
Silvio (S-1-5-21-2046019297-940583845-634688912-1000 - Administrator - Enabled) => C:\Users\Silvio

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Wulin (HKLM-x32\...\{30B26714-3C49-4E6E-B236-3313B1257DE9}) (Version: 0.0.1.032 - Webzen)
Akamai NetSession Interface (HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{70F55D70-7E5F-6291-4924-2F7640F19BFE}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AuthenTec TrueAPI (Version: 1.3.0.139 - AuthenTec, Inc.) Hidden
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
Canon iP4500 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series) (Version:  - )
Canon iP4500 series Benutzerregistrierung (HKLM-x32\...\Canon iP4500 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3243 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cossacks - Back To War (HKLM-x32\...\Cossacks : Back To War) (Version:  - )
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dethkarz (HKLM-x32\...\Dethkarz) (Version:  - )
D-Fend Reloaded 1.2.1 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.2.1 - Alexander Herzog)
Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version:  - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
GrandFantasia-DE (HKLM-x32\...\GrandFantasia-DE) (Version:  - )
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Documentation (HKLM-x32\...\{BC6CB499-9F29-4B41-8B8B-FA7248525256}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}) (Version: 2.5.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{562608FE-2051-4488-BF22-8CE4C03046AC}) (Version: 1.0.12 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{4741965C-AFD0-4D00-81D1-1039F96D4DC3}) (Version: 5.3.0.264 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{0718D10B-12A0-452F-ACD7-5E6A54E38B8E}) (Version: 4.5.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kingsoft Presentation  (8.1.0.3030) (HKLM-x32\...\Kingsoft Presentation) (Version: 8.1.0.3030 - Kingsoft Corp.)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
o.tel.o (HKLM-x32\...\o.tel.o) (Version: 16.001.06.07.35 - Huawei Technologies Co.,Ltd)
Objekteditor Version 2.0 (HKLM-x32\...\Objekteditor 2000_is1) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Port Royale 2 (HKLM-x32\...\Port Royale 2) (Version:  - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.02.0 - Ralink)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RTPatch Update (HKLM-x32\...\RTPatch_is1) (Version:  - PocketSoft)
Sacred (HKLM-x32\...\Sacred_is1) (Version:  - Ascaron Entertainment GmbH)
Sacred 2 - Fallen Angel (HKLM-x32\...\{7D0AEAD8-07FA-4C4D-9347-E7FBC5534B73}) (Version: 2.43.0.0 - Deep Silver)
Sacred DarkBloods Version 3.0 (HKLM-x32\...\{B2FA9E12-1D53-48CC-B18A-A811833B217B}_is1) (Version: 3.0 - DarkBloods)
Scorched3D 43.3d (HKLM-x32\...\Scorched3D) (Version: 43.3d - Scorched)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1 (HKLM-x32\...\VGhlIEVsZGVyIFNjcm9sbHMgViBTa3lyaW0gRHJhZ29uYm9y~2F14EC6B_is1) (Version: 1 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Tunngle Version Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

19-09-2015 18:38:53 Revo Uninstaller's restore point - Game Booster 3
19-09-2015 18:43:37 Revo Uninstaller's restore point - JDownloader 0.9
19-09-2015 20:42:16 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01631D93-6566-4EB2-9F8E-78CCE7CE5468} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {093A4160-4C4A-4DCA-9B87-3AEF72479E7A} - System32\Tasks\{D4C78BD9-87AF-4218-923A-CC912BF6C955} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/440
Task: {0BCC97F0-CE2C-4AC6-AB83-C75F7BED0A2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {124807E7-C971-42BA-B7D8-157AEBE44F2B} - System32\Tasks\{FEFA4635-F586-41D5-95D6-0BE0E8CC7EE5} => pcalua.exe -a F:\fwlan.usb\setup.exe -d F:\fwlan.usb
Task: {16C6C3CD-930F-4CBC-9250-90DCB094C03F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {2AF83BEA-231A-45AD-AC44-ADACF0FDFFAA} - System32\Tasks\WpsUpdateTask_Silvio => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03] (Zhuhai Kingsoft Office-software Co.,Ltd)
Task: {31786DB2-0A89-4B68-AE36-99DE70527ABC} - System32\Tasks\{0DBB72E0-E33C-42C4-9FFF-88D70BF24169} => pcalua.exe -a "C:\Sacred DarkBloods\Sacred DarkBloods Fonts Installer.exe" -d "C:\Sacred DarkBloods"
Task: {387D1DC5-A563-44B8-8C74-E8EF67476CB7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {61F2070A-A1DB-41DC-AD5C-92C48A9AD0C6} - System32\Tasks\{85593F45-7898-4F8F-B1DD-56C127B0C393} => pcalua.exe -a "C:\Users\Silvio\Desktop\Laptop alt\Neuer Ordner\setup.exe" -d "C:\Users\Silvio\Desktop\Laptop alt\Neuer Ordner"
Task: {78FFC2B7-FC63-4506-8629-47AA20D542B0} - System32\Tasks\{2D325D57-0CBF-4C72-85F7-B76252373320} => F:\INSTALL.EXE
Task: {823E1786-69D9-4F34-8847-8D19534EBB83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {9CD08C01-31AB-4D7F-90BF-54BE0B7FEE63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {AB482B0E-9D58-4739-B063-53CCCC48E73D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {BE3ABEB9-C96B-4648-8D78-D09AAE23A5AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {D2EE6E03-BE14-4F2E-9F87-3963B0C91184} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {E0D0F8CE-017E-42C2-8A64-D123340E029D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {E2CAA89A-4D81-4CBB-8896-7944BD0FCDEF} - System32\Tasks\HPCeeScheduleForSilvio => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {F7B9A6FA-235F-4A52-9DCB-DE3227B66C00} - System32\Tasks\{0EA1CFDC-5AE6-41D8-8822-582A28747F8C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {F7EF089A-36A0-47D7-B735-BD5A08F392AA} - System32\Tasks\{87B8507B-B6D8-4623-A302-F17C6D6050D7} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {FD8EFBED-70CB-4B0E-934F-9F2FC7746580} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\HPCeeScheduleForSilvio.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Silvio.job => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-08-05 09:40 - 2015-08-05 09:40 - 00670520 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\fxgame.exe
2014-10-13 04:01 - 2014-10-13 04:01 - 00630320 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxRes.exe
2014-08-15 14:21 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\Silvio\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-10-16 18:37 - 2014-10-16 18:37 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-12-12 02:35 - 2011-04-30 01:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-03-10 20:12 - 2012-08-07 16:22 - 00701800 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\GPKitClt.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00626224 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxCore.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00388656 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxTool.dll
2015-02-05 14:27 - 2015-02-05 14:27 - 00338560 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxNet2.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 01911424 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxGui.dll
2015-01-12 03:34 - 2015-01-12 03:34 - 00514688 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxRender.dll
2015-07-13 12:12 - 2015-07-13 12:12 - 01063552 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxTerrain.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00343600 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxSpecial.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00989824 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxWorld.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00079920 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\PhysXHwFinder.dll
2015-01-12 03:34 - 2015-01-12 03:34 - 01494576 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxSound.dll
2015-08-05 09:42 - 2015-08-05 09:42 - 15895352 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxGameLogic.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00029232 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\SDRS_Encrypt.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00253488 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxModel.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00409136 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxModelAdv.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00204336 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxPackage.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 03964464 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxGnugo.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00441904 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxPlugin.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00912944 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxPhysics8.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00175664 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxVideo.dll
2015-08-05 09:44 - 2015-08-05 09:44 - 01739576 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxProtect.dll
2015-01-12 03:34 - 2015-01-12 03:34 - 00055344 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\ScreenRecorder.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 00581168 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\HttpInfoRequest.dll
2015-01-12 03:35 - 2015-01-12 03:35 - 01138224 _____ () C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\FxCli.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\aeriagames.com -> hxxp://aeriagames.com


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2046019297-940583845-634688912-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Silvio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FFFBF8AA-77A4-4AB3-BAC9-91C3B59A37F5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6196027C-5BDE-47B7-8D0B-D7F36763F731}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{322F9F86-C177-4401-B766-9CB3010D98EB}] => (Allow) LPort=2869
FirewallRules: [{36BA1AF3-BA38-45DD-8BD0-A548D6412114}] => (Allow) LPort=1900
FirewallRules: [{0B7F65B5-6CF3-49C0-9630-1E88AF8A1CE1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F4918033-EED8-45E7-946E-7507ACBD8385}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{DE618D39-6E05-4C2B-9FC0-367532434E8F}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [TCP Query User{17A90E03-20F2-4BEC-AF09-6D234D163B73}C:\users\silvio\desktop\laptop alt\tactical ops\system\tacticalops.exe] => (Allow) C:\users\silvio\desktop\laptop alt\tactical ops\system\tacticalops.exe
FirewallRules: [UDP Query User{5C77BFD5-EC05-4E26-97A1-ADD0D74101E0}C:\users\silvio\desktop\laptop alt\tactical ops\system\tacticalops.exe] => (Allow) C:\users\silvio\desktop\laptop alt\tactical ops\system\tacticalops.exe
FirewallRules: [TCP Query User{A6BFC520-9382-4E14-AF29-AAFA3532DA16}C:\users\silvio\downloads\utorrent_1.5.exe] => (Allow) C:\users\silvio\downloads\utorrent_1.5.exe
FirewallRules: [UDP Query User{E2158D13-BB74-45CF-BF98-31FBE652DFAB}C:\users\silvio\downloads\utorrent_1.5.exe] => (Allow) C:\users\silvio\downloads\utorrent_1.5.exe
FirewallRules: [TCP Query User{277855B6-97B7-48AF-8C2F-4299953995ED}C:\program files (x86)\cossacks - back to war\dmcr.exe] => (Allow) C:\program files (x86)\cossacks - back to war\dmcr.exe
FirewallRules: [UDP Query User{B414294A-B10F-4D5E-851F-5980E746EAB7}C:\program files (x86)\cossacks - back to war\dmcr.exe] => (Allow) C:\program files (x86)\cossacks - back to war\dmcr.exe
FirewallRules: [TCP Query User{7854D757-6A6A-4A05-900D-03D344898264}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{F7BE8B44-4513-42DC-BF76-6E31DA56BAB6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{E6172DB2-4D6A-474F-93D8-190D01D74412}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{9FD41BEE-7BB8-4022-9D2A-4FABA7CF7E53}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{92A753BB-CD73-4E3E-A968-1FE6A4F10EB5}C:\program files (x86)\melbourne house\dethkarz\dethkarz.exe] => (Block) C:\program files (x86)\melbourne house\dethkarz\dethkarz.exe
FirewallRules: [UDP Query User{EE05E8F4-BE37-47BA-9BDA-DCC3DBE354AD}C:\program files (x86)\melbourne house\dethkarz\dethkarz.exe] => (Block) C:\program files (x86)\melbourne house\dethkarz\dethkarz.exe
FirewallRules: [TCP Query User{04CF3023-8C62-4452-ABFD-3E636E42232B}C:\users\silvio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\silvio\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{03DABF95-3A8B-490F-80BD-5E56FBDBBB07}C:\users\silvio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\silvio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{0C781AAC-23CC-41B1-86CF-032699E77F17}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{CB112C6E-A5FD-4C00-9E2A-32FDD20D66F4}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{158C7820-C3B4-4CC1-8B88-649832823694}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun.exe
FirewallRules: [UDP Query User{C1873587-9991-4933-B64F-1BD6B905E8D5}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun.exe
FirewallRules: [TCP Query User{48A8FAC9-A47F-4AB7-8676-E4B12E6E66C1}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods extrem\sacred darkbloods extrem.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods extrem\sacred darkbloods extrem.exe
FirewallRules: [UDP Query User{8EF10811-1D31-4BB8-90BC-8903D507F6D5}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods extrem\sacred darkbloods extrem.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods extrem\sacred darkbloods extrem.exe
FirewallRules: [TCP Query User{4B2B6E4A-D782-4294-A256-6E32FB5E0F5F}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun gameserver.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun gameserver.exe
FirewallRules: [UDP Query User{6EEC6D54-51E3-4493-8D2F-3CC618D182CF}C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun gameserver.exe] => (Allow) C:\sacred darkbloods\sacred darkbloods\sacred darkbloods fun\sacred darkbloods fun gameserver.exe
FirewallRules: [{104E13D9-E8D6-48EE-AF79-9C94FE76EFD4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{07510DAE-F7D8-4FCE-8F3C-B499BC0A4A48}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4665DA57-E0CB-4400-9B23-4A2F69F90EBB}C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [UDP Query User{2E3A8954-42E8-4979-BD9E-045F7760A82D}C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [TCP Query User{18C85C79-DC88-477D-9665-CAA8BE9F0166}C:\users\silvio\desktop\laptop alt\huhn\ct.exe] => (Allow) C:\users\silvio\desktop\laptop alt\huhn\ct.exe
FirewallRules: [UDP Query User{56F8F8EB-05C0-4436-84D7-4387A5490494}C:\users\silvio\desktop\laptop alt\huhn\ct.exe] => (Allow) C:\users\silvio\desktop\laptop alt\huhn\ct.exe
FirewallRules: [TCP Query User{17564EC9-4792-4E1D-A3E3-FF119FCA90E4}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [UDP Query User{DEB10622-11F2-4CA8-87F0-8DE1566DE35F}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [{F242D196-8CDF-4B72-A2F1-A598CDC4F238}] => (Allow) F:\FSetup.exe
FirewallRules: [{45E1A7C0-FF4B-41E8-88FC-DFE90CA714E2}] => (Allow) F:\FSetup.exe
FirewallRules: [{DDFA65F9-0DD5-4739-BF9C-3522B5EAFFE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{539FB3A9-A717-4B0C-BB37-305219EE4D95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{57BE4E92-9D03-4EF6-9D63-CD5B7CE64BEF}C:\users\silvio\desktop\laptop alt\call of duty 4\iw3mp.exe] => (Allow) C:\users\silvio\desktop\laptop alt\call of duty 4\iw3mp.exe
FirewallRules: [UDP Query User{D03901E3-6BD6-4F3F-9865-2CB9E8A3EF61}C:\users\silvio\desktop\laptop alt\call of duty 4\iw3mp.exe] => (Allow) C:\users\silvio\desktop\laptop alt\call of duty 4\iw3mp.exe
FirewallRules: [TCP Query User{FCDAA67E-9D1E-4651-BE33-422D696D75A1}C:\users\silvio\desktop\laptop alt\cod 4\iw3mp.exe] => (Allow) C:\users\silvio\desktop\laptop alt\cod 4\iw3mp.exe
FirewallRules: [UDP Query User{7543BA3E-C674-4867-A9A7-2F33C0C55C03}C:\users\silvio\desktop\laptop alt\cod 4\iw3mp.exe] => (Allow) C:\users\silvio\desktop\laptop alt\cod 4\iw3mp.exe
FirewallRules: [TCP Query User{8ADB47AE-3240-44D4-8D2B-995FD76E289D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A93750EE-7F24-4B36-B0CE-7629E323E5A2}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{66B8F69F-DC15-4437-B784-F16BACC5D898}] => (Allow) C:\Users\Silvio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C7C87BFE-16DB-4FEE-BAE2-104E4E5DC2D4}] => (Allow) C:\Users\Silvio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7797BCC1-B688-46CA-8E26-954D5BF78DEE}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{291B41F0-2ADA-4313-92B0-F7DA79DB72BB}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4F5E401D-17E9-4BB8-B91A-5D39BD02E1F3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{862F50AA-F5B5-4391-99F9-C8DF944F9BB0}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{4997D207-E61A-4A90-BAFA-BF76E06E7D4F}C:\program files (x86)\ascaron entertainment\sacred\sacred.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred\sacred.exe
FirewallRules: [UDP Query User{EB5072FD-B32C-405F-A426-F976B64F7933}C:\program files (x86)\ascaron entertainment\sacred\sacred.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred\sacred.exe
FirewallRules: [TCP Query User{EB9A121D-8E1D-4780-9722-01B0C2D5B501}C:\program files (x86)\ascaron entertainment\sacred\gameserver.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred\gameserver.exe
FirewallRules: [UDP Query User{A15EAC35-EF5A-4532-B31F-27725CAE8AA5}C:\program files (x86)\ascaron entertainment\sacred\gameserver.exe] => (Allow) C:\program files (x86)\ascaron entertainment\sacred\gameserver.exe
FirewallRules: [TCP Query User{62A9E4F9-A02C-4ED5-AC80-D5F16F5BECF0}C:\sacred\sacred.exe] => (Allow) C:\sacred\sacred.exe
FirewallRules: [UDP Query User{86098B97-6552-4088-85F7-5658046DDDDD}C:\sacred\sacred.exe] => (Allow) C:\sacred\sacred.exe
FirewallRules: [TCP Query User{AF131C36-36D5-42B1-BDF4-66EE7BD7DE2F}C:\sacred\gameserver.exe] => (Allow) C:\sacred\gameserver.exe
FirewallRules: [UDP Query User{440BAFC2-35FA-454D-AA38-436C372D75D0}C:\sacred\gameserver.exe] => (Allow) C:\sacred\gameserver.exe
FirewallRules: [{4F8279F1-D8C6-4CEE-852D-628688AFC8C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8D88A385-BB50-467A-A476-84CC8148312C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{841257F8-26B8-48AA-AC84-4E7E944FFAF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F26F05D8-2D46-4E2A-8BD8-FBC13CF8A80E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/20/2015 12:22:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/19/2015 08:47:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/19/2015 08:47:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/19/2015 08:47:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/19/2015 08:40:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xb44
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3

Error: (09/19/2015 08:40:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.BadImageFormatException
Stapel:
   bei Avira.OE.WinCore.ProcessProtector+NativeMethods.ProtectCurrentProcess()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/19/2015 08:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x17ec
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3

Error: (09/19/2015 08:40:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.BadImageFormatException
Stapel:
   bei Avira.OE.WinCore.ProcessProtector+NativeMethods.ProtectCurrentProcess()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/19/2015 08:39:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2015 08:39:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xdcc
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3


Systemfehler:
=============
Error: (09/19/2015 09:16:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/19/2015 09:16:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Silvio\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/19/2015 09:16:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/19/2015 09:16:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Silvio\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/19/2015 09:16:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/19/2015 09:16:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Silvio\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/19/2015 09:09:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/19/2015 09:09:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Silvio\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/19/2015 09:09:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/19/2015 09:09:17 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Silvio\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 6091.86 MB
Verfügbarer physikalischer RAM: 2134.48 MB
Summe virtueller Speicher: 12181.92 MB
Verfügbarer virtueller Speicher: 7717.46 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:440.99 GB) (Free:204.35 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Recovery) (Fixed) (Total:20.61 GB) (Free:2.2 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 257422C2)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

FRST - FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Silvio (Administrator) auf SERGO (20-09-2015 00:28:26)
Gestartet von C:\Users\Silvio\Desktop
Geladene Profile: Silvio (Verfügbare Profile: Silvio)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\fxgame.exe
() C:\Program Files (x86)\Webzen\Age of Wulin (DE)\bin\fxres.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-15] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-04-04] (CANON INC.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Silvio\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2046019297-940583845-634688912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8DC32674-8AEF-4B5F-B86E-3009C22E3F44}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ABD444E2-4354-47E4-8228-42011B05332F}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CAF95D7F-15A4-4324-9590-8A32120C8CC2}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{F09464EE-70DA-47EE-8F4E-0B8D23C6B6FE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FE594C77-0B17-4E2C-A8A6-7F92A376538E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2046019297-940583845-634688912-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
HKU\S-1-5-21-2046019297-940583845-634688912-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {88AEA96D-C839-4D40-9888-4DC0F37C806E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-01] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-19] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-01] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-19] (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-2046019297-940583845-634688912-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default
FF NewTab: 
FF Homepage: hxxp://sacreddarkbloods.0fees.net/forum/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-22] ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-06-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-22] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2012-05-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Bloody Red - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2013-08-18]
FF Extension: DSTimer - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\jid0-Ke6nJ8ztKzfA4ZFro0yoD2cIEgo@jetpack.xpi [2013-08-03]
FF Extension: Adblock Plus - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-15]
FF Extension: Greasemonkey - C:\Users\Silvio\AppData\Roaming\Mozilla\Firefox\Profiles\wboikx2j.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-28]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-08-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bfmogjcijkfeahcajecmmegieipfbdcc] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-08-18]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
S2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [Datei ist nicht signiert]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-07-21] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-24] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-07-21] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-21] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U3 a3hy7fid; C:\Windows\System32\Drivers\a3hy7fid.sys [0 ] (Elaborate Bytes AG) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-20 00:28 - 2015-09-20 00:29 - 00015909 _____ C:\Users\Silvio\Desktop\FRST.txt
2015-09-19 20:45 - 2015-09-19 20:45 - 00001663 _____ C:\Users\Silvio\Desktop\JRT.txt
2015-09-19 20:39 - 2015-09-19 20:39 - 00032114 _____ C:\Users\Silvio\Desktop\AdwCleaner[C1].txt
2015-09-19 20:35 - 2015-09-19 20:35 - 00141307 _____ C:\Users\Silvio\Desktop\mbamsuchlauf.txt
2015-09-19 20:34 - 2015-09-19 20:34 - 00001480 _____ C:\Users\Silvio\Desktop\mbamtxt.txt
2015-09-19 18:55 - 2015-09-19 18:55 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-19 18:55 - 2015-09-19 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-19 18:54 - 2015-09-19 18:55 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-19 18:54 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-19 18:54 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-19 18:37 - 2015-09-19 18:37 - 00001264 _____ C:\Users\Silvio\Desktop\Revo Uninstaller.lnk
2015-09-19 18:37 - 2015-09-19 18:37 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-19 18:25 - 2015-09-19 19:54 - 00000000 ____D C:\Users\Silvio\Desktop\Sicherheit und Clean
2015-09-19 18:18 - 2015-09-19 18:21 - 02870984 _____ (ESET) C:\Users\Silvio\Desktop\esetsmartinstaller_deu.exe
2015-09-19 18:18 - 2015-09-19 18:19 - 01798976 _____ (Malwarebytes) C:\Users\Silvio\Desktop\JRT.exe
2015-09-19 18:15 - 2015-09-19 18:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Silvio\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-19 18:14 - 2015-09-19 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Silvio\Desktop\revosetup95.exe
2015-09-18 20:37 - 2015-09-19 20:36 - 00000000 ____D C:\AdwCleaner
2015-09-18 20:36 - 2015-09-18 20:36 - 01662976 _____ C:\Users\Silvio\Desktop\adwcleaner_5.008.exe
2015-09-18 19:26 - 2015-09-19 18:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-18 19:25 - 2015-09-19 20:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-18 19:25 - 2015-09-19 20:30 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-18 19:21 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-18 16:35 - 2015-09-18 16:36 - 00051208 _____ C:\Users\Silvio\Downloads\Addition.txt
2015-09-18 16:33 - 2015-09-18 16:36 - 00026118 _____ C:\Users\Silvio\Downloads\FRST.txt
2015-09-18 16:32 - 2015-09-20 00:28 - 00000000 ____D C:\FRST
2015-09-18 16:30 - 2015-09-18 16:31 - 02191360 _____ (Farbar) C:\Users\Silvio\Desktop\FRST64.exe
2015-09-18 16:25 - 2015-09-18 16:26 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2015-09-18 16:25 - 2015-09-18 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-09-18 16:23 - 2015-09-18 16:24 - 03908184 _____ (Crystal Dew World ) C:\Users\Silvio\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-09-18 16:23 - 2015-09-18 16:24 - 00511764 _____ C:\Users\Silvio\Downloads\openhardwaremonitor-v0.7.1-beta.zip
2015-09-18 15:34 - 2015-09-19 20:38 - 00183448 _____ C:\Windows\PFRO.log
2015-09-18 15:34 - 2015-09-19 20:38 - 00000448 _____ C:\Windows\setupact.log
2015-09-18 15:34 - 2015-09-18 15:34 - 00000000 _____ C:\Windows\setuperr.log
2015-09-16 19:39 - 2015-09-20 00:24 - 00007627 _____ C:\Users\Silvio\AppData\Local\Resmon.ResmonCfg
2015-09-15 19:23 - 2015-09-15 19:23 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\Windows Live Writer
2015-09-15 19:23 - 2015-09-15 19:23 - 00000000 ____D C:\Users\Silvio\AppData\Local\Windows Live Writer
2015-09-15 18:59 - 2015-09-15 18:59 - 00001185 _____ C:\Users\Silvio\Desktop\fxlaunch - Verknüpfung.lnk
2015-09-03 20:51 - 2015-09-03 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-28 01:27 - 2015-08-29 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-19 20:50 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-19 20:50 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-19 20:48 - 2015-04-25 11:49 - 01720209 _____ C:\Windows\WindowsUpdate.log
2015-09-19 20:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-19 20:15 - 2012-04-18 14:04 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\TS3Client
2015-09-19 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Web
2015-09-19 18:43 - 2012-10-20 16:40 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-19 18:08 - 2012-04-13 17:47 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{444BB6B4-811B-4C44-8F10-9485636B5280}
2015-09-18 21:50 - 2012-04-13 17:59 - 00000000 ___RD C:\Users\Silvio\Desktop\Laptop alt
2015-09-18 20:43 - 2013-12-26 21:13 - 00011264 ___SH C:\Users\Silvio\Thumbs.db
2015-09-17 21:52 - 2012-05-27 22:32 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-09-15 20:29 - 2012-04-16 16:20 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\vlc
2015-09-15 19:23 - 2014-10-30 20:56 - 00000000 ____D C:\Users\Silvio\AppData\Local\Windows Live
2015-09-15 17:57 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-13 16:15 - 2011-11-04 13:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-13 15:10 - 2015-01-28 17:32 - 00000000 ____D C:\Users\Silvio\Desktop\Screens AOW
2015-09-13 10:43 - 2014-12-20 18:46 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForSilvio.job
2015-09-12 17:42 - 2014-12-20 18:46 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSilvio
2015-09-11 06:24 - 2012-04-15 21:00 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\Skype
2015-09-05 00:52 - 2013-01-27 21:16 - 00000000 ____D C:\Users\Silvio\AppData\Roaming\SoftGrid Client
2015-09-03 20:51 - 2011-11-04 13:40 - 00000000 ____D C:\ProgramData\Skype
2015-08-30 12:34 - 2012-05-03 18:11 - 00000000 ____D C:\Users\Silvio\AppData\Local\CrashDumps
2015-08-29 10:59 - 2012-05-06 15:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 13:58 - 2013-09-01 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-25 21:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-05-22 21:22 - 2010-10-21 02:00 - 0436736 _____ (MinecraftSistem) C:\Users\Silvio\AppData\Roaming\Launcher.exe
2015-09-16 19:39 - 2015-09-20 00:24 - 0007627 _____ () C:\Users\Silvio\AppData\Local\Resmon.ResmonCfg
2013-05-08 23:55 - 2013-05-08 23:55 - 0000003 _____ () C:\Users\Silvio\AppData\Local\updater.log
2013-05-08 23:55 - 2015-04-23 15:59 - 0000424 _____ () C:\Users\Silvio\AppData\Local\UserProducts.xml
2013-04-24 17:47 - 2013-04-28 09:55 - 0000138 _____ () C:\ProgramData\lmabscan.log

Einige Dateien in TEMP:
====================
C:\Users\Silvio\AppData\Local\Temp\avgnt.exe
C:\Users\Silvio\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-13 11:54

==================== Ende von FRST.txt ============================

Deathkid535 · 19.09.2015, 23:39

Hi,

Code:

ATTFilter

C:\Users\Silvio\Desktop\Sicherheit und Clean\Eset.zip

Was ist das für eine Datei?

19.09.2015, 20:51	#10
Deathkid535 /// Malwareteam	Win 7, Datenträger neuerdings 100% Auslastung [gelöst] Hi, das von Avira ist ein Fehlalarm. Wenn JDownloader nicht mehr in der Installiert-Liste auftaucht passt das schon __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

19.09.2015, 23:22	#13
Deathkid535 /// Malwareteam	Win 7, Datenträger neuerdings 100% Auslastung [gelöst] Ja, ESET braucht sehr lange __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

19.09.2015, 23:39	#15
Deathkid535 /// Malwareteam	Win 7, Datenträger neuerdings 100% Auslastung [gelöst] Hi, Code: ATTFilter C:\Users\Silvio\Desktop\Sicherheit und Clean\Eset.zip Was ist das für eine Datei? __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

Win 7, Datenträger neuerdings 100% Auslastung

Alles rund um Windows: Win 7, Datenträger neuerdings 100% Auslastung

Problem: Win 7, Datenträger neuerdings 100% Auslastung