|
Plagegeister aller Art und deren Bekämpfung: Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.11.2015, 18:36 | #1 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht Hi community, Ich habe anscheinend ein Problem das sehr wenige kennen und haben da ich bei Google nihts ähnliches gefunden hab also.... es ist mir (seit langer zeit, nur nerfts so langsamm sehr) nicht mehr möglich Rechtsklick auf meinem desktop zu machen bzw. auf Programme Ordner etc. sobald ich das tuh friert der Bildschirm eine Sek ein und ich krieg einen grey screen für nen augenblick , so kurz dass ich es nicht screenshotten konnte. darraufhin aktualisiert sich mein desktop und das wars. Ich kann auch nicht über das Windows 8 Menü irgendwelche programme wie cmd als Adminstrator ausführen sobald ich das tuh passiert dasselbe mehr kann ich dazu auch nicht sagen, danke für eure Zeit und tipps ! |
10.11.2015, 18:39 | #2 |
/// the machine /// TB-Ausbilder | Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
10.11.2015, 18:47 | #3 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht hier ist die FRST.TXT:
__________________FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 durchgeführt von Sonny (Administrator) auf MSI_SAMDAR (10-11-2015 18:44:58) Gestartet von C:\Users\Sonny\Downloads Geladene Profile: Sonny (Verfügbare Profile: Sonny) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.2\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.42\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.167\deploy\LolClient.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nuexstub.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\ppStub.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nuexstub.exe () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-23] (Realtek Semiconductor) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2014-04-23] (ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI) HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink) HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH) HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH) HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [249856 2014-01-23] (SteelSeries ApS) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [4946856 2014-10-16] (Steganos Software GmbH) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [uTorrent] => C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe [1801240 2015-10-20] (BitTorrent Inc.) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [CrashService] => "C:\Users\Sonny\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [GoogleChromeAutoLaunch_DF971B6E1C7E4227FED899F7F8727B7B] => "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\MountPoints2: {f40e9899-2c5b-11e4-8272-a08869908039} - "F:\windows\Data\setup.exe" AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => Keine Datei AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-04-27] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-06] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Beschränkung - Chrome <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyEnable: [.DEFAULT] => Proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:53289;https=127.0.0.1:53289 Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{067846F7-8DB6-4D95-A851-BECD63790717}: [DhcpNameServer] 10.11.0.1 Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [NameServer] 8.8.4.4,8.8.8.8 Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{8B10DFEE-2A45-471C-B680-0146B9966FB7}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660324794&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660331387&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Google HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660370656&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV= SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002 -> {72A48C13-DCBC-4156-9710-EED96895E310} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation) BHO-x32: Super Great 1.0.0.7 -> {b931a240-e32a-4f2b-97aa-8b01c8e6aa14} -> C:\Program Files (x86)\Super Great\SuperGreatbho.dll => Keine Datei BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation) Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023 FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215 FF SelectedSearchEngine: Trovi FF Homepage: hxxps://www.google.de/?gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin HKU\S-1-5-21-2802146430-1798650074-2620433185-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sonny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS) FF user.js: detected! => C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\user.js [2015-10-22] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Extension: Adblock Plus - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-10-09] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon => nicht gefunden StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV= CHR StartupUrls: Default -> "hxxps://www.google.de/?gws_rd=ssl" CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=58&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&q={searchTerms}&SSPV= CHR DefaultSearchKeyword: Default -> trovi.search CHR DefaultNewTabURL: Default -> hxxps://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&SAT=CNTS&D=102215 CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}&SSPV= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei CHR Plugin: (Java(TM) Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll => Keine Datei CHR Profile: C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-02] CHR Extension: (Adblock Plus) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ACHTUNG CHR Extension: (Google Wallet) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ACHTUNG CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-26] (CyberLink) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2014-04-23] (ELAN Microelectronics Corp.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-23] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert] R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] () R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [321976 2014-10-16] (Steganos Software GmbH) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation) S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /svc [X] <==== ACHTUNG S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /medsvc [X] <==== ACHTUNG S3 iumsvc; "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.) R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [63488 2014-04-27] (Microsoft Corporation) [Datei ist nicht signiert] R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.) S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation) R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation) S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-05-22] () S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-04-23] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140909.001\IDSvia64.sys [633560 2014-09-06] (Symantec Corporation) S3 ipadtst; C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys [20464 2013-11-12] (Windows (R) Win 7 DDK provider) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert] S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\ENG64.SYS [129752 2014-08-21] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\EX64.SYS [2137304 2014-08-21] (Symantec Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-26] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-04-23] (Realsil Semiconductor Corporation) S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation) S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation) R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-13] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert] S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] () S3 HSPADataCardusbmdm; \SystemRoot\system32\DRIVERS\HSPADataCardusbmdm.sys [X] S3 HSPADataCardusbnmea; \SystemRoot\system32\DRIVERS\HSPADataCardusbnmea.sys [X] S3 HSPADataCardusbser; \SystemRoot\system32\DRIVERS\HSPADataCardusbser.sys [X] S3 massfilter; \SystemRoot\System32\drivers\massfilter.sys [X] S1 swsedrvr_vw_1_10_0_25; system32\drivers\swsedrvr_vw_1_10_0_25.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-10 18:44 - 2015-11-10 18:45 - 00033629 _____ C:\Users\Sonny\Downloads\FRST.txt 2015-11-10 18:44 - 2015-11-10 18:45 - 00000000 ____D C:\FRST 2015-11-10 18:44 - 2015-11-10 18:44 - 02198528 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe 2015-11-10 18:43 - 2015-11-10 18:43 - 01702400 _____ (Farbar) C:\Users\Sonny\Downloads\FRST.exe 2015-11-03 22:22 - 2015-11-03 22:22 - 00061440 _____ (Gary's Hood) C:\Users\Sonny\Downloads\rsclient.exe 2015-11-03 14:35 - 2015-11-03 14:35 - 00017533 _____ C:\Windows\DirectX.log 2015-11-03 13:28 - 2015-11-03 13:28 - 00000219 _____ C:\Users\Sonny\Desktop\Counter-Strike Global Offensive.url 2015-10-28 15:29 - 2015-10-28 15:29 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Tera_Awesomium 2015-10-27 16:14 - 2015-11-10 18:41 - 00000000 ____D C:\Program Files (x86)\Steam 2015-10-27 16:14 - 2015-10-27 16:14 - 00000989 _____ C:\Users\Public\Desktop\Steam.lnk 2015-10-27 16:14 - 2015-10-27 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup.exe 2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup (1).exe 2015-10-27 14:06 - 2015-10-27 14:08 - 00000000 ____D C:\Users\Sonny\Desktop\dead realMUH 2015-10-27 13:34 - 2015-10-27 13:34 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\Section Studios_ Inc_ 2015-10-27 13:30 - 2015-10-27 13:31 - 734982235 _____ C:\Users\Sonny\Downloads\[www.mpc-g.com]DdRlm144.7z 2015-10-24 18:37 - 2015-10-24 18:37 - 00584288 _____ (Oracle Corporation) C:\Users\Sonny\Downloads\jxpiinstall(1).exe 2015-10-23 20:43 - 2015-10-23 20:43 - 00002080 _____ C:\Users\Sonny\Desktop\RuneScape.lnk 2015-10-23 20:43 - 2015-10-23 20:43 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape 2015-10-23 20:39 - 2015-10-23 20:42 - 24219648 _____ C:\Users\Sonny\Downloads\RuneScape (1).msi 2015-10-23 17:55 - 2015-11-10 14:01 - 00002668 _____ C:\Windows\setupact.log 2015-10-23 17:55 - 2015-10-23 17:55 - 00000000 _____ C:\Windows\setuperr.log 2015-10-23 17:22 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-10-23 17:22 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-10-22 17:51 - 2015-11-10 18:41 - 01752952 _____ C:\Windows\WindowsUpdate.log 2015-10-22 14:50 - 2015-10-22 14:50 - 00022512 _____ C:\Windows\system32\Drivers\SPPD.sys 2015-10-22 11:15 - 2015-10-22 11:15 - 00000000 ____D C:\Users\Sonny\AppData\Local\ESET 2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_.exe 2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_ (1).exe 2015-10-22 11:07 - 2015-10-22 11:07 - 00000000 ____D C:\Program Files (x86)\3ae6c0d0-b937-4081-9be9-f3f58501fc8e 2015-10-22 11:06 - 2015-10-22 14:51 - 00000000 ____D C:\Program Files (x86)\globalUpdate 2015-10-21 20:42 - 2015-10-21 20:42 - 01852453 _____ C:\Users\Sonny\AppData\Local\curl.zip 2015-10-21 20:42 - 2015-10-21 20:42 - 00000002 _____ C:\Users\Sonny\AppData\Local\OczLpK.vbs 2015-10-21 20:42 - 2015-10-21 20:42 - 00000000 ____D C:\Users\Sonny\AppData\Local\{FE4CCBE7-EA6F-42D8-88A8-35B174533055} 2015-10-21 20:42 - 2015-10-21 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer 2015-10-21 18:57 - 2015-11-10 14:13 - 00001008 _____ C:\Windows\Tasks\8k4zjaU.job 2015-10-21 18:57 - 2015-10-21 18:57 - 00004020 _____ C:\Windows\System32\Tasks\8k4zjaU 2015-10-21 18:56 - 2015-11-10 14:13 - 00001042 _____ C:\Windows\Tasks\yR3gyuB665QVn2tdcFm0JVBk.job 2015-10-21 18:56 - 2015-10-22 14:49 - 00000000 ____D C:\Program Files (x86)\Feed Notifier 2015-10-21 18:56 - 2015-10-21 18:57 - 00004054 _____ C:\Windows\System32\Tasks\yR3gyuB665QVn2tdcFm0JVBk 2015-10-21 18:55 - 2015-10-21 18:55 - 00000008 _____ C:\END 2015-10-21 18:06 - 2015-10-22 15:12 - 00000000 ____D C:\Users\Sonny\Downloads\Life.Is.Strange.Episode.5-CODEX 2015-10-21 18:05 - 2015-10-22 15:08 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\uTorrent 2015-10-20 19:31 - 2015-10-22 12:11 - 00002226 _____ C:\Users\Sonny\Desktop\chrome.lnk 2015-10-20 19:26 - 2015-11-10 14:46 - 00001048 _____ C:\Windows\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl.job 2015-10-20 19:26 - 2015-11-10 14:13 - 00001030 _____ C:\Windows\Tasks\3c2jDM05M6ay9rgGcf.job 2015-10-20 19:26 - 2015-10-20 19:26 - 00004058 _____ C:\Windows\System32\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl 2015-10-20 19:26 - 2015-10-20 19:26 - 00004042 _____ C:\Windows\System32\Tasks\3c2jDM05M6ay9rgGcf 2015-10-20 19:23 - 2015-10-20 19:23 - 00003910 _____ C:\Windows\System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 2015-10-20 19:23 - 2015-10-20 19:23 - 00003188 _____ C:\Windows\System32\Tasks\crash_service 2015-10-20 19:04 - 2015-10-22 11:13 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-10-20 19:01 - 2015-11-10 14:35 - 00001018 _____ C:\Windows\Tasks\nAuWsaaA3Qnn.job 2015-10-20 19:01 - 2015-11-10 14:13 - 00001008 _____ C:\Windows\Tasks\ZkvbwFI.job 2015-10-20 19:01 - 2015-10-20 19:01 - 00004028 _____ C:\Windows\System32\Tasks\nAuWsaaA3Qnn 2015-10-20 19:01 - 2015-10-20 19:01 - 00004020 _____ C:\Windows\System32\Tasks\ZkvbwFI 2015-10-20 19:00 - 2015-11-10 14:13 - 00001024 _____ C:\Windows\Tasks\PciD5z2oV9Hq4LK.job 2015-10-20 19:00 - 2015-11-10 14:13 - 00001020 _____ C:\Windows\Tasks\tYyezAYRvk8jt.job 2015-10-20 19:00 - 2015-10-20 19:00 - 00004036 _____ C:\Windows\System32\Tasks\PciD5z2oV9Hq4LK 2015-10-20 19:00 - 2015-10-20 19:00 - 00004032 _____ C:\Windows\System32\Tasks\tYyezAYRvk8jt 2015-10-20 18:58 - 2015-10-22 11:56 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-10-20 18:58 - 2015-10-21 18:01 - 00000000 ____D C:\Program Files (x86)\3ff07109-e80a-45be-86af-4c8a97c65880 2015-10-20 18:58 - 2015-10-20 18:58 - 00000000 ____D C:\Users\Sonny\AppData\Local\globalUpdate 2015-10-20 18:57 - 2015-10-20 18:57 - 00000000 ____D C:\Users\Sonny\AppData\Local\CrashRpt 2015-10-20 18:23 - 2015-10-20 18:23 - 00003306 _____ C:\Windows\System32\Tasks\{62C4727E-EE8B-4CC4-ACF4-42684399E681} 2015-10-20 18:15 - 2015-10-22 11:30 - 00000000 ____D C:\Program Files (x86)\Fast-Search 2015-10-20 18:14 - 2015-09-06 11:15 - 00000856 _____ C:\Windows\system32\Drivers\etc\hp.bak 2015-10-20 18:13 - 2015-10-22 14:51 - 00000000 ____D C:\Program Files (x86)\00000000-1445361232-0000-0000-448A5B44E892 2015-10-20 18:13 - 2015-10-20 18:13 - 00000000 ____D C:\Users\Public\Documents\Guid 2015-10-20 18:13 - 2015-10-20 18:13 - 00000000 ____D C:\Users\Public\Documents\Baidu 2015-10-16 17:04 - 2015-10-16 17:04 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Steam 2015-10-16 16:58 - 2015-10-20 19:59 - 00000000 ____D C:\Users\Sonny\Desktop\Life Is Strange 2015-10-16 14:32 - 2015-10-16 16:52 - 3571692184 ____R C:\Users\Sonny\Downloads\Life Is Strange.rar 2015-10-16 13:05 - 2015-10-18 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-15 10:00 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-10-15 10:00 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-10-14 13:33 - 2015-08-27 03:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-10-14 13:33 - 2015-08-27 03:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-10-14 13:33 - 2015-08-07 22:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-10-14 13:33 - 2015-08-07 22:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-10-14 13:33 - 2015-08-07 22:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-10-14 13:33 - 2015-08-07 15:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-10-14 13:33 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-10-14 13:33 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2015-10-14 13:32 - 2015-09-29 13:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-10-14 13:32 - 2015-09-29 13:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-10-14 13:32 - 2015-09-29 13:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-10-14 13:32 - 2015-09-29 13:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-10-14 13:32 - 2015-09-29 13:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-10-14 13:32 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll 2015-10-14 13:32 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2015-10-14 13:32 - 2015-08-07 22:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-10-14 13:32 - 2015-08-07 22:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-10-14 13:32 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2015-10-14 13:32 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2015-10-14 13:27 - 2015-09-10 19:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-10-14 13:27 - 2015-09-10 18:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-10-14 13:27 - 2015-09-10 18:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-10-14 13:27 - 2015-09-10 18:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-10-14 13:27 - 2015-09-10 18:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-10-14 13:27 - 2015-09-10 18:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-10-14 13:27 - 2015-09-10 18:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-10-14 13:27 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-10-14 13:27 - 2015-09-10 17:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-10-14 13:27 - 2015-09-10 17:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-10-14 13:27 - 2015-09-10 17:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-10-14 13:27 - 2015-09-10 17:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-10-14 13:27 - 2015-09-10 17:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-10-14 13:27 - 2015-09-10 17:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-10-14 13:27 - 2015-09-10 17:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-10-14 13:27 - 2015-09-10 17:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-10-14 13:27 - 2015-09-10 17:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-10-14 13:27 - 2015-09-10 17:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-10-14 13:27 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-10-14 13:27 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-10-14 13:27 - 2015-09-10 17:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-10-14 13:27 - 2015-09-10 17:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-10-14 13:27 - 2015-09-10 17:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-10-14 13:27 - 2015-09-10 16:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-10-14 13:27 - 2015-09-10 16:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-10-14 13:27 - 2015-09-10 16:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-10-14 13:27 - 2015-09-10 16:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-10-14 13:27 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll 2015-10-14 13:26 - 2015-09-29 13:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-10-14 13:26 - 2015-09-28 19:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-10-14 13:26 - 2015-09-28 19:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-10-14 13:26 - 2015-09-28 19:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-10-14 13:26 - 2015-09-28 19:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-10-14 13:26 - 2015-09-28 19:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-10-14 13:26 - 2015-09-28 19:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-10-14 13:26 - 2015-09-28 19:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-10-14 13:26 - 2015-09-28 19:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-10-14 13:26 - 2015-09-28 19:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-10-14 13:26 - 2015-09-28 19:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-10-14 13:26 - 2015-09-28 19:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-10-14 13:26 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-10-14 13:26 - 2015-09-10 17:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-10-14 13:26 - 2015-09-10 17:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-10-14 13:26 - 2015-09-10 17:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-10-14 13:26 - 2015-09-10 17:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-10-14 13:26 - 2015-09-10 17:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-10-14 13:26 - 2015-09-10 16:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-10-14 13:26 - 2015-09-10 16:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-10-14 13:26 - 2015-09-10 16:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-10-14 13:26 - 2015-09-10 16:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-10-14 13:26 - 2015-09-10 16:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-10-14 13:26 - 2015-09-10 16:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 13:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-12 01:48 - 2015-10-12 01:48 - 09211904 _____ C:\Users\Sonny\Downloads\PathOfExileInstaller.msi 2015-10-11 00:51 - 2015-10-11 00:51 - 00002014 _____ C:\Users\Public\Desktop\TERA Launcher.lnk 2015-10-11 00:51 - 2015-10-11 00:51 - 00000000 ____D C:\Users\Public\Games 2015-10-11 00:51 - 2015-10-11 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\En Masse Entertainment 2015-10-11 00:50 - 2015-10-11 00:50 - 27534504 _____ (En Masse Entertainment) C:\Users\Sonny\Downloads\TERA-Minimal-Setup.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-10 18:34 - 2014-07-31 20:19 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\TS3Client 2015-11-10 18:30 - 2014-11-01 16:31 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-10 17:53 - 2014-07-23 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-10 17:29 - 2014-07-23 19:25 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CBE7263C-E444-4178-9108-E09677EE42AD} 2015-11-10 17:18 - 2014-07-23 19:24 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2802146430-1798650074-2620433185-1002 2015-11-10 17:09 - 2015-06-20 15:06 - 00000410 _____ C:\Windows\Tasks\update-sys.job 2015-11-10 16:32 - 2015-06-20 15:06 - 00000410 _____ C:\Windows\Tasks\update-S-1-5-21-2802146430-1798650074-2620433185-1002.job 2015-11-10 14:13 - 2014-11-01 16:31 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-10 14:13 - 2014-07-24 10:11 - 00000000 __RDO C:\Users\Sonny\SkyDrive 2015-11-10 14:00 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-10 14:00 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-11-10 13:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-11-10 13:50 - 2014-07-23 23:29 - 00000000 ____D C:\Users\Sonny\AppData\Local\CrashDumps 2015-11-10 12:35 - 2014-12-14 15:44 - 00000000 ____D C:\Users\Sonny\AppData\Local\Battle.net 2015-11-10 12:33 - 2014-12-14 15:44 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-11-09 19:13 - 2014-12-23 12:23 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Skype 2015-11-08 01:46 - 2014-08-10 22:05 - 04537856 ___SH C:\Users\Sonny\Desktop\Thumbs.db 2015-11-07 22:28 - 2014-11-13 20:35 - 00000000 ____D C:\Users\Sonny\Downloads\Gameforge Live 2015-11-07 21:51 - 2015-06-05 21:12 - 00000074 _____ C:\Users\Sonny\Documents\ClownfishForTeamspeak.ini 2015-11-07 17:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2015-11-07 03:19 - 2014-10-13 18:31 - 00000044 _____ C:\Users\Sonny\jagex_cl_oldschool_LIVE.dat 2015-11-04 13:15 - 2014-07-25 20:46 - 00000000 ____D C:\Users\Sonny\Desktop\Slender v0.9.7 2015-11-03 13:28 - 2014-08-14 17:31 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-11-02 14:24 - 2015-02-22 01:08 - 00880432 _____ C:\Users\Sonny\Desktop\OSBuddy.exe 2015-10-30 19:23 - 2015-05-13 13:16 - 00000000 ___RD C:\Users\Sonny\OneDrive 2015-10-30 19:23 - 2014-11-01 21:08 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2802146430-1798650074-2620433185-1002 2015-10-30 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-10-28 23:09 - 2014-12-14 15:45 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-10-28 15:27 - 2013-11-13 20:00 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-10-27 14:02 - 2014-11-29 10:55 - 00000000 ____D C:\Users\Sonny\Desktop\Neuer Ordner 2015-10-27 13:17 - 2014-08-07 20:10 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\.minecraft 2015-10-27 07:13 - 2013-11-12 22:26 - 00766620 _____ C:\Windows\system32\perfh007.dat 2015-10-27 07:13 - 2013-11-12 22:26 - 00159902 _____ C:\Windows\system32\perfc007.dat 2015-10-27 07:13 - 2013-11-12 21:54 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-26 09:29 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-10-24 18:57 - 2014-10-30 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-24 18:40 - 2014-11-17 19:07 - 00000000 ____D C:\.jagex_cache_32 2015-10-24 18:39 - 2015-09-05 08:56 - 00000000 ____D C:\Users\Sonny\.oracle_jre_usage 2015-10-24 18:37 - 2014-10-30 16:56 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-10-24 18:37 - 2014-08-07 20:09 - 00000000 ____D C:\Program Files (x86)\Java 2015-10-24 13:41 - 2014-11-17 19:07 - 00000023 _____ C:\Users\Sonny\jagexappletviewer.preferences 2015-10-24 13:40 - 2014-11-17 19:07 - 00000044 _____ C:\Users\Sonny\jagex_cl_runescape_LIVE.dat 2015-10-23 20:43 - 2014-11-17 19:06 - 00002110 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk 2015-10-23 20:43 - 2014-10-13 18:31 - 00000000 ____D C:\Users\Sonny\jagexcache 2015-10-22 15:19 - 2014-08-20 19:12 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\uTorrent 2015-10-22 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2015-10-22 14:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\tracing 2015-10-22 12:12 - 2014-12-22 21:20 - 00001031 _____ C:\Users\Sonny\Desktop\WinRAR.lnk 2015-10-22 12:12 - 2014-11-15 18:15 - 00000917 _____ C:\Users\Sonny\Desktop\µTorrent.lnk 2015-10-22 12:11 - 2015-06-14 00:20 - 00000961 _____ C:\Users\Sonny\Desktop\Open Broadcaster Software.lnk 2015-10-22 11:02 - 2015-07-10 00:49 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-10-21 18:02 - 2015-07-07 03:19 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk 2015-10-21 18:01 - 2014-07-23 19:18 - 00001464 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-10-21 17:49 - 2014-12-23 12:23 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-10-20 18:20 - 2014-04-27 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2015-10-20 18:19 - 2015-08-12 19:29 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-20 18:12 - 2015-07-07 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-10-20 18:12 - 2014-11-01 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-19 21:10 - 2014-07-31 20:18 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-10-19 19:45 - 2014-07-23 19:27 - 00000000 ____D C:\Users\Sonny\AppData\Local\Google 2015-10-18 11:26 - 2014-07-23 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-18 11:25 - 2014-12-11 21:01 - 00000000 ____D C:\Windows\system32\appraiser 2015-10-18 11:25 - 2014-07-25 18:55 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-10-17 13:53 - 2014-07-23 20:16 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-10-16 17:05 - 2014-08-21 13:11 - 00000000 ____D C:\Users\Sonny\Documents\My Games 2015-10-16 05:51 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-10-16 05:51 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-15 01:09 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-10-15 01:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB 2015-10-14 20:24 - 2014-11-05 21:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-10-14 20:24 - 2014-11-05 21:43 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-10-14 20:21 - 2013-08-22 14:25 - 00000167 _____ C:\Windows\win.ini 2015-10-14 20:13 - 2014-07-24 10:47 - 00000000 ____D C:\Windows\system32\MRT 2015-10-14 20:07 - 2014-07-24 10:47 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-10-11 16:11 - 2014-07-23 20:03 - 00000000 ____D C:\Program Files (x86)\osu! 2015-10-11 11:58 - 2015-03-23 18:53 - 00007605 _____ C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg 2015-10-11 00:51 - 2015-06-01 19:27 - 00000000 ____D C:\Users\Sonny\AppData\Local\TERA ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf 2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\8k4zjaU 2014-11-01 16:19 - 2014-11-01 16:19 - 0000004 _____ () C:\Users\Sonny\AppData\Roaming\appdataFr2.bin 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn 2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK 2005-04-08 03:16 - 2015-02-28 22:03 - 0142572 ____H () C:\Users\Sonny\AppData\Roaming\Sonnylog.dat 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk 2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\ZkvbwFI 2015-10-21 20:42 - 2015-10-21 20:42 - 1852453 _____ () C:\Users\Sonny\AppData\Local\curl.zip 2015-10-21 20:42 - 2015-10-21 20:42 - 0000002 _____ () C:\Users\Sonny\AppData\Local\OczLpK.vbs 2015-03-23 18:53 - 2015-10-11 11:58 - 0007605 _____ () C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg 2015-06-20 15:06 - 2015-06-20 15:06 - 0000003 _____ () C:\Users\Sonny\AppData\Local\updater.log 2015-06-20 15:06 - 2015-10-02 11:12 - 0000424 _____ () C:\Users\Sonny\AppData\Local\UserProducts.xml 2015-10-20 19:04 - 2015-10-22 11:13 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Users\Sonny\matrix_cl_CloudIn_LIVE.dat Einige Dateien in TEMP: ==================== C:\Users\Sonny\AppData\Local\Temp\1da87fe019424c023a8f63d8acc8578f.dll C:\Users\Sonny\AppData\Local\Temp\amisetup1780__15940.exe C:\Users\Sonny\AppData\Local\Temp\cct.dll C:\Users\Sonny\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll C:\Users\Sonny\AppData\Local\Temp\JavaIC.dll C:\Users\Sonny\AppData\Local\Temp\msscct32.dll C:\Users\Sonny\AppData\Local\Temp\SkypeSetup.exe C:\Users\Sonny\AppData\Local\Temp\YSearchUtil.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-07 22:46 ==================== Ende von FRST.txt ============================ |
10.11.2015, 18:48 | #4 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht und die Addition.txt:FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015 durchgeführt von Sonny (2015-11-10 18:46:02) Gestartet von C:\Users\Sonny\Downloads Windows 8.1 (X64) (2014-07-23 18:18:03) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2802146430-1798650074-2620433185-500 - Administrator - Disabled) Gast (S-1-5-21-2802146430-1798650074-2620433185-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2802146430-1798650074-2620433185-1004 - Limited - Enabled) Sonny (S-1-5-21-2802146430-1798650074-2620433185-1002 - Administrator - Enabled) => C:\Users\Sonny ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) „Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden µTorrent (HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\uTorrent) (Version: 3.4.6.41268 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated) Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve) Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard) Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1402.2101 - Micro-Star International Co., Ltd.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.) Dragon Gaming Center (x32 Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.) Hidden ETDWare PS/2-X64 11.13.6.2_WHQL (HKLM\...\Elantech) (Version: 11.13.6.2 - ELAN Microelectronic Corp.) Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive) HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains) Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - ) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla) MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1404.1101 - Micro-Star International Co., Ltd.) MSI Remind Manager (x32 Version: 1.0.1404.1101 - Micro-Star International Co., Ltd.) Hidden MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.) Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation) Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation) Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation) Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.4 - Steganos Software GmbH) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) osu! (HKLM-x32\...\{2f927354-58e9-40f3-961d-784bd4304708}) (Version: latest - ppy Pty Ltd) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Outlast-Whistleblower - Version 1.0.0.1 (HKLM-x32\...\Outlast-Whistleblower_is1) (Version: 1.0.0.1 - RePack by VickNet) Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd) Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden Qualcomm Atheros Network Manager (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros) Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7179 - Realtek Semiconductor Corp.) Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version: - Roccat GmbH) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd) S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - ) Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH) SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ACHTUNG SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.417.28061 - SteelSeries) SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer) TERA (HKLM-x32\...\{A0D70C31-D5CB-4491-A508-5CF2C9F25EE0}) (Version: 1.00.0000 - En Masse Entertainment) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH) The Legend of Korra (HKLM-x32\...\The Legend of Korra_is1) (Version: - Activision) Unity Web Player (HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft) Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. ) XSplit Gamecaster (HKLM-x32\...\{9C3D0D0D-3983-4C18-91EE-C6976D5AA349}) (Version: 1.5.1403.1907 - SplitMediaLabs) Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Wiederherstellungspunkte ========================= 21-10-2015 17:48:12 Removed Skype Click to Call 23-10-2015 20:42:33 Installed RuneScape Launcher 1.2.7 02-11-2015 17:30:01 Geplanter Prüfpunkt ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2015-09-06 11:15 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {069D12A2-CEF1-4140-A3D0-D349EB3D8394} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {0D31635B-9AF9-4152-B1CB-BBA96F4094D1} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2802146430-1798650074-2620433185-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {13C3F18E-4E5D-4062-810F-A6499B00FA47} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {13F65218-214F-4057-9797-A87AC099D4A4} - System32\Tasks\crash_service => C:\Users\Sonny\AppData\Local\BoBrowser\Application\crash_service.exe <==== ACHTUNG Task: {18897757-D763-4018-98E4-F81AD458BCEB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {198AC17A-A1A9-477C-BC26-40D414306202} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {2FB68F56-273E-4B0A-B0CE-2C9585B6E939} - \bvxvexvbg -> Keine Datei <==== ACHTUNG Task: {38CE3023-B5C1-4405-9663-7B4B78E3361D} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation) Task: {476D5D7E-6779-4E8A-B3EC-E3FD0A06D02E} - System32\Tasks\yR3gyuB665QVn2tdcFm0JVBk => C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk.exe <==== ACHTUNG Task: {49990D9B-BE5E-4D67-BF21-53C5D3665991} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {4A50283F-5744-4C30-851D-2EFD15854EE9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-14] (Microsoft Corporation) Task: {5D068147-25A1-4157-A989-BC7BDE126DE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {5EC2053F-C810-4354-BBA3-DE279BAB3640} - System32\Tasks\tYyezAYRvk8jt => C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt.exe <==== ACHTUNG Task: {655D8C8B-159C-4CA9-896F-F077CE442901} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated) Task: {67B0C0F7-F912-4D4E-BF0B-722BD65C1309} - System32\Tasks\3c2jDM05M6ay9rgGcf => C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf.exe <==== ACHTUNG Task: {682F5622-EC85-4D8E-9FB3-9DA9FF43D07D} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] () Task: {759BBCE3-1A9C-4ACE-B19E-0FA7705971FD} - System32\Tasks\ZkvbwFI => C:\Users\Sonny\AppData\Roaming\ZkvbwFI.exe <==== ACHTUNG Task: {779208B8-9886-4521-93FC-514FDB47C6FF} - System32\Tasks\MSI_Reminder => C:\Program Files (x86)\MSI\MSI Remind Manager\MSI Reminder.exe [2014-04-10] () Task: {8FD42807-9723-4058-8E10-948D3C40CE58} - System32\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl => C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl.exe <==== ACHTUNG Task: {94709565-896C-4D2D-A9DA-3B2774732943} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {94DB0CE4-15DD-4477-A79B-7BA671F09F10} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\Sonny\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ACHTUNG Task: {96988190-5ACB-4B27-8FDE-58A1B624E43B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: {B267233E-BE96-40DA-9032-9B05C1279146} - \ShopperProJSUpd -> Keine Datei <==== ACHTUNG Task: {B3B77269-D008-49F1-9EC4-2AB878784C27} - System32\Tasks\{62C4727E-EE8B-4CC4-ACF4-42684399E681} => pcalua.exe -a C:\PROGRA~1\DIFX\D29FE547208FE130\DPInst.exe -c /u C:\Windows\System32\DriverStore\FileRepository\kb9xradiobtn.inf_amd64_50504636c90ca4e3\kb9xradiobtn.inf Task: {B4D17AEA-31EE-4FCD-9D25-75C86FFEBC6F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {B8AB9484-7FCC-4F40-A7DA-CE9B5D056D72} - System32\Tasks\update-S-1-5-21-2802146430-1798650074-2620433185-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] () Task: {BDE262C3-2DF7-4D42-B38A-E3DE2A1AC283} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation) Task: {C18A5EC4-D9B6-49FB-9C00-95B762E7934C} - System32\Tasks\PciD5z2oV9Hq4LK => C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK.exe <==== ACHTUNG Task: {DC24F3EE-D31D-42B7-9458-AF69BFC5BFD0} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>) Task: {E0C17C92-78F0-4BD3-A0F5-E7A706927361} - \Run_Bobby_Browser -> Keine Datei <==== ACHTUNG Task: {E7F87DA8-918B-4017-B33A-D1E8E876C1AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {EB6CD99B-C94C-4E36-99D4-C0743D42C9FA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {F3B5CDBB-0FF4-4910-8B49-2B89AA45AEE9} - System32\Tasks\nAuWsaaA3Qnn => C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn.exe <==== ACHTUNG Task: {F65F27F3-44BD-4AAE-9844-07428DB301E4} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {FBC36A7F-80F9-4317-8770-F191316477A6} - System32\Tasks\8k4zjaU => C:\Users\Sonny\AppData\Roaming\8k4zjaU.exe <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\3c2jDM05M6ay9rgGcf.job => C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf.exe <==== ACHTUNG Task: C:\Windows\Tasks\8k4zjaU.job => C:\Users\Sonny\AppData\Roaming\8k4zjaU.exe <==== ACHTUNG Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\nAuWsaaA3Qnn.job => C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn.exe <==== ACHTUNG Task: C:\Windows\Tasks\PciD5z2oV9Hq4LK.job => C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK.exe <==== ACHTUNG Task: C:\Windows\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl.job => C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl.exe <==== ACHTUNG Task: C:\Windows\Tasks\tYyezAYRvk8jt.job => C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt.exe <==== ACHTUNG Task: C:\Windows\Tasks\update-S-1-5-21-2802146430-1798650074-2620433185-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\yR3gyuB665QVn2tdcFm0JVBk.job => C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk.exe <==== ACHTUNG Task: C:\Windows\Tasks\ZkvbwFI.job => C:\Users\Sonny\AppData\Roaming\ZkvbwFI.exe <==== ACHTUNG ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-04-27 02:21 - 2015-08-25 15:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-04-27 02:41 - 2012-11-01 19:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL 2014-04-27 02:41 - 2012-11-01 19:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2014-01-23 16:15 - 2014-01-23 16:15 - 00758784 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll 2014-07-23 19:19 - 2014-07-23 19:19 - 00089915 ____N () C:\Users\Sonny\AppData\Local\Temp\fcaa5f9b-83be-462f-bb26-c1541883b2c0\CliSecureRT64.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00287744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00140288 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll 2013-01-10 06:46 - 2013-01-10 06:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 09633280 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll 2013-01-10 06:46 - 2013-01-10 06:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll 2014-01-23 16:15 - 2014-01-23 16:15 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll 2014-01-22 18:44 - 2014-01-22 18:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll 2013-05-23 17:15 - 2013-05-23 17:15 - 00025600 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\CoreAudioApi.dll 2014-01-21 15:54 - 2015-07-07 03:19 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe 2015-10-29 11:15 - 2015-10-29 11:15 - 02273784 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.2\deploy\LoLLauncher.exe 2015-10-29 11:15 - 2015-10-29 11:15 - 04046328 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.42\deploy\LoLPatcher.exe 2015-07-10 02:18 - 2015-07-10 02:18 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.167\deploy\LolClient.exe 2015-11-03 13:28 - 2015-11-03 13:28 - 00103424 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe 2014-04-27 02:16 - 2013-09-16 20:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-03-31 15:41 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-10-27 16:16 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-10-27 16:16 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-10-27 16:16 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll 2015-10-27 16:16 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-10-27 16:16 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-10-27 16:15 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-10-27 16:15 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-10-27 16:15 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-10-27 16:15 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-10-27 16:15 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-10-27 16:16 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-10-27 16:16 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-11-10 18:41 - 2015-11-10 18:41 - 00155232 ___HT () C:\Users\Sonny\AppData\Local\Temp\~A111.tmp 2015-09-26 16:11 - 2010-11-04 10:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll 2015-10-27 16:16 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-10-29 11:15 - 2015-10-29 11:15 - 01431544 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.42\deploy\RiotLauncher.dll 2015-09-30 12:06 - 2015-09-30 12:06 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.167\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll 2015-09-30 12:06 - 2015-09-30 12:06 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.167\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll 2015-10-27 16:15 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00198144 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00317440 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00203776 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00389120 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 06696448 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00156160 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 01174016 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 01240064 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00351744 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00607744 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00164864 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00708096 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00134656 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 01336320 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00394752 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 03192320 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 01763328 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00143360 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\localize.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00230912 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00996864 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00582144 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 12490752 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 10011136 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00094208 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00084992 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi 2015-11-03 13:28 - 2015-11-03 13:28 - 00012800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt 2015-11-03 13:28 - 2015-11-03 13:28 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt 2015-11-03 13:28 - 2015-11-03 13:28 - 00173568 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll 2015-11-03 13:28 - 2015-11-03 13:28 - 00972800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\sony.com -> sony.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: EslWireHelper => 2 MSCONFIG\Services: OkayFreedom VPN Starter Service => 2 MSCONFIG\Services: OverwolfUpdater => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: TeamViewer => 2 HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "Lightshot" HKLM\...\StartupApproved\Run32: => "YTDownloader" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "OKAYFREEDOM_Agent" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "ESL Wire" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DF971B6E1C7E4227FED899F7F8727B7B" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "CrashService" HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "YTDownloader" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{88534048-92B0-4434-B900-7CC55D4D607A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{46B62EA1-692C-43BF-A543-925F26966896}] => (Allow) LPort=2869 FirewallRules: [{70C1D52C-B586-4EA1-98E9-020CFC70DF45}] => (Allow) LPort=1900 FirewallRules: [{A1DAE646-7FF7-4CE4-96FC-AE7D8A2ECA6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{470241A3-6A2C-4929-BC2B-33718A834FBD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{FBCC28C7-09D9-4854-A925-1D5205E3F1B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{4F25C021-11DD-41CD-BF58-AF46BB13C1CD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{34A7734F-B00A-48D0-A83B-EAA1C2D616D7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{F2D7538C-E394-4AFD-AFAE-C68DBDB93E7F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{97985C29-EEF1-45B4-87D4-56E4EA95F891}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{59002A38-6D55-4C7E-987A-00B84BDD163B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B0E18A3D-6288-4728-995D-F6E8D08F074F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{87F560AE-BBF6-4483-81C7-B055D2D3188C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{5A4BEE09-39DF-4CE7-B48B-5FB4948D9D32}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{3FF015C5-2DED-4BBD-B4B9-7374E65B41FC}C:\games\outlast\binaries\win64\olgame.exe] => (Block) C:\games\outlast\binaries\win64\olgame.exe FirewallRules: [UDP Query User{32FDCE01-2945-4FA9-B829-A5F4C26FB8C3}C:\games\outlast\binaries\win64\olgame.exe] => (Block) C:\games\outlast\binaries\win64\olgame.exe FirewallRules: [{CE44421A-C0B7-4C05-819E-168E1FA921A2}] => (Allow) C:\Program Files (x86)\OkayFreedom\polipo\node.exe FirewallRules: [{38629923-47DD-456C-ACD6-3B4059308CF0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{78C09BC1-7EB7-4379-BC57-60C084592856}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{87000D62-B90C-4395-81D3-04E12D02D7D3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D52ECCFE-BBC8-4BFB-B57A-AC84EEF9DC44}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{8A134117-682E-4AE1-8C65-58B89EBB8EE9}] => (Allow) C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A2417B52-3AB6-4329-8328-0CD63104072A}] => (Allow) C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{E271826C-9A52-4467-B62D-4D1D79A5368A}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe FirewallRules: [UDP Query User{481C6D35-9953-4F9C-9506-A87ADC4B5AB1}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe FirewallRules: [{72C40304-AF31-465E-933C-54525FC97C55}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{45C32E97-086A-4574-BB0E-6D46CE69A070}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{79B5C488-2290-4CF2-82D8-6B94BE208A18}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F03A1B8D-EDC9-48F5-AD8C-DD6218928251}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{DCF0B1C2-907F-4DEE-AAC9-6686EAC3C08F}C:\users\sonny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sonny\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{4317622A-0986-464D-BB4F-2E46E098C009}C:\users\sonny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sonny\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{766E52DB-5914-4B0F-B91D-40D105E9E512}C:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\goat simulator\binaries\win32\goatgame-win32-shipping.exe FirewallRules: [UDP Query User{6316FDDD-ACF3-474D-83CD-A15538E7C2EF}C:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\goat simulator\binaries\win32\goatgame-win32-shipping.exe FirewallRules: [TCP Query User{EDDDF621-6BA4-4BEF-BCD5-13B6FFA7C36F}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe FirewallRules: [UDP Query User{A209227D-75BF-42F7-AEC3-BE955146FB98}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe FirewallRules: [TCP Query User{02D2D6B4-A3DB-4687-A2EB-3F2336786128}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe FirewallRules: [UDP Query User{7E17D4BE-A4CD-42A6-8645-42367116BF20}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe FirewallRules: [{9D844E94-3A64-4D59-A2A4-331E5137CB68}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{1F573D5F-C61E-4618-AE60-61D5D7D78D75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{429D1BD2-5F4C-418E-A896-DB06DEAC672C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{71AE5ACB-DD33-4093-966D-360624305C77}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{9B0F9E29-F072-4C49-AB5D-C699A097B550}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{E7B30437-E8BC-41D2-811D-971508B49E6D}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{5CCCC094-2886-4C11-801F-CC7199863D2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe FirewallRules: [{2234A9B3-0BB8-4B4E-82A7-B49C03BB9AEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe FirewallRules: [{A6448B94-7EB5-429E-9C8F-B0B4B20F2C2D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{FB01BFF8-B2A3-4F3B-A42E-73F5070AEED2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [TCP Query User{F2901F1C-2C29-4600-B339-411DC52EE8B6}C:\program files (x86)\outlast-whistleblower\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlast-whistleblower\binaries\win64\olgame.exe FirewallRules: [UDP Query User{8FC7271F-5F27-406D-8436-7CC1B41483A4}C:\program files (x86)\outlast-whistleblower\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlast-whistleblower\binaries\win64\olgame.exe FirewallRules: [TCP Query User{95E758E8-6327-46EF-9E46-A3F19F2D3C2B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{3D7EAC98-4483-4264-A0EE-EAEEEC61801D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{C49BD856-200E-4D97-A86A-4425203DB68E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{0E856CDC-5C8C-478B-912A-094BF92B6F92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{071EE0BB-BADD-4BCB-AA57-FCB562EE453A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe FirewallRules: [{351D6BA4-B673-4259-BC3A-433660ABF473}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe FirewallRules: [{FBED7AD9-EC6B-435A-A653-BD602EAFD200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe FirewallRules: [{0AF7B1A1-E329-46CD-9C03-C68FF72E65D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe FirewallRules: [{89AE01C2-20D6-4565-8D1D-690CF919C98E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe FirewallRules: [{D9717ADF-767C-4A60-9E4C-B9FD2FA825CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe FirewallRules: [{836F416F-B9AD-43E8-A566-F8B80EE8A404}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe FirewallRules: [{7FDF5A46-63A9-471F-BC2C-A0896EFCEB9F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe FirewallRules: [{2BDEB9ED-78A1-4449-8FCD-70AE8B9DD477}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{D33850E0-7BFA-45D6-8EF6-F64CA5642ECF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{F7540E8A-47DA-4A7D-A871-7CEF63D5B6C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1A8920D0-A332-4C01-BAF3-6B0A5FF2C532}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F478CE63-AC52-4F96-A4C3-2602321CABEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{7F7A721E-93D0-4AD7-9A7B-67BA481CA2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{949228D6-786F-4D4D-91FE-F79283F0D51A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe FirewallRules: [{F18C6EED-E3C0-46E9-957E-EFB789BE1AD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe FirewallRules: [{6144ABD9-6B89-4709-B5CD-793CAE422FC1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{0D0160A4-1961-48A9-ABB5-82210565AB77}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{835FA948-A930-46D0-B0AB-367172FF2365}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{A59DFE90-68C8-4946-B47F-06F36EDB9B80}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [TCP Query User{35FBEC9A-748D-440A-8051-D3663E187A19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{05656E42-03A7-49AE-B68D-F7DAF7AED2AC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{79C324DB-EBD1-48DD-84EF-B042A26176C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe FirewallRules: [{3C98C062-C2EA-4564-AE68-095B374C24CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe FirewallRules: [TCP Query User{4B6A00F7-F11A-4AAA-B093-067C29088579}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{5326F735-9821-4131-AE75-AB7093EDD9F3}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [{CF86F525-C1E4-45AC-8293-977D62615AEA}] => (Allow) C:\Program Files\SoftEther VPN Client Manager\vpncmd_x64.exe FirewallRules: [{34312623-6D4E-4A28-8889-946612852C49}] => (Allow) C:\Program Files\SoftEther VPN Client Manager\vpncmgr_x64.exe FirewallRules: [TCP Query User{355A2110-0667-4EDD-89E9-01CB6F6BCD9E}C:\users\sonny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sonny\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{E47CAE95-5666-4988-94AD-833DD4F13B38}C:\users\sonny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sonny\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{6E3D497D-9CDD-41C6-A58B-90EB25E564B1}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{BA778C88-EA4E-4BC1-80B0-BD7A3F22B0B8}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [{90415CA9-53C3-421C-9762-8B9C4AF03B60}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [{18C0A487-25D3-43B5-AA33-B33FC9C5BAA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{8954B28F-0BE0-4972-B7A1-AFE6F5C3EF82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{AAB65BA1-0C73-437D-BB08-AF445BB11094}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe FirewallRules: [{5C6CFA00-2238-404F-891E-8CAE12FDFBFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe FirewallRules: [{1A335CE4-A404-4EDE-8A78-1B214F0BCD9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F606F0F9-B84F-4323-BB4C-C1ED38AF3C5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{52592E1B-9B26-455C-942A-5C2B52556207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{D53A82D6-086F-460D-BD79-D24F0620DCCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{85D611CD-514B-4DE7-942F-230AFAD6FBDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{40BD89CC-ACE0-4CA1-AF80-FA080F104BA4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{ED491681-DE8D-43FB-BD07-BA83ACCB3191}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{536B782A-EBDF-4570-A1DC-A7CC9062E01E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{F083E633-DD01-464E-BEEB-43B6669CFAD7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{46183588-864B-42D1-BB95-E902E127C2BF}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe FirewallRules: [{EB7FA9B0-B4D8-4C25-A63C-4D289CB5C42B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{714AB528-1953-41F7-ABB9-9CE888E93F70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{D133B9F6-96B9-416B-87E7-FB310078BCAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alien Swarm\swarm.exe FirewallRules: [{5C42B90F-FD2E-4BBF-93F0-22ED7FF9896A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alien Swarm\swarm.exe FirewallRules: [{4CAD1426-71A2-4253-8CC1-57798C2B30C3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{1EADE86F-961B-4781-9FFA-CADD6C0D809C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{DA4EF769-AB67-4192-B73C-879F12DBBD9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{55DF36C0-013D-4B2C-B6CF-313542EBAA96}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe FirewallRules: [{26CC0DB9-98A2-4F44-BC43-973F5D506FFE}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/10/2015 01:59:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI_SAMDAR) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (11/10/2015 01:59:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.17905, Zeitstempel: 0x557f547f Name des fehlerhaften Moduls: MSIB934.tmp, Version: 9.0.328.0, Zeitstempel: 0x561baab5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000010404 ID des fehlerhaften Prozesses: 0x12b0 Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0 Pfad der fehlerhaften Anwendung: MsiExec.exe1 Pfad des fehlerhaften Moduls: MsiExec.exe2 Berichtskennung: MsiExec.exe3 Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5 Error: (11/10/2015 01:50:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341 Ausnahmecode: 0xc06d007e Fehleroffset: 0x000000000000871c ID des fehlerhaften Prozesses: 0x1c5c Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Vollständiger Name des fehlerhaften Pakets: explorer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5 Error: (11/10/2015 01:50:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341 Ausnahmecode: 0xc06d007e Fehleroffset: 0x000000000000871c ID des fehlerhaften Prozesses: 0x1de4 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Vollständiger Name des fehlerhaften Pakets: explorer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5 Error: (11/10/2015 01:50:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341 Ausnahmecode: 0xc06d007e Fehleroffset: 0x000000000000871c ID des fehlerhaften Prozesses: 0xc78 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Vollständiger Name des fehlerhaften Pakets: explorer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5 Error: (11/10/2015 01:50:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341 Ausnahmecode: 0xc06d007e Fehleroffset: 0x000000000000871c ID des fehlerhaften Prozesses: 0xac8 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Vollständiger Name des fehlerhaften Pakets: explorer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5 Error: (11/10/2015 01:50:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341 Ausnahmecode: 0xc06d007e Fehleroffset: 0x000000000000871c ID des fehlerhaften Prozesses: 0x184 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Vollständiger Name des fehlerhaften Pakets: explorer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5 Error: (11/10/2015 01:49:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341 Ausnahmecode: 0xc06d007e Fehleroffset: 0x000000000000871c ID des fehlerhaften Prozesses: 0x1e8c Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Vollständiger Name des fehlerhaften Pakets: explorer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5 Error: (11/10/2015 01:49:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341 Ausnahmecode: 0xc06d007e Fehleroffset: 0x000000000000871c ID des fehlerhaften Prozesses: 0x1cec Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Vollständiger Name des fehlerhaften Pakets: explorer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5 Error: (11/10/2015 01:49:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341 Ausnahmecode: 0xc06d007e Fehleroffset: 0x000000000000871c ID des fehlerhaften Prozesses: 0x10d8 Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0 Pfad der fehlerhaften Anwendung: explorer.exe1 Pfad des fehlerhaften Moduls: explorer.exe2 Berichtskennung: explorer.exe3 Vollständiger Name des fehlerhaften Pakets: explorer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5 Systemfehler: ============= Error: (11/10/2015 06:46:07 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT) Description: In der Dateisystemstruktur auf Volume "OS_Install" wurde eine Beschädigung erkannt. Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden. Error: (11/10/2015 02:03:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/10/2015 01:59:46 PM) (Source: DCOM) (EventID: 10010) (User: MSI_SAMDAR) Description: Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.4 Error: (11/10/2015 11:56:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/10/2015 11:56:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (11/09/2015 07:22:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10. Error: (11/09/2015 07:22:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10. Error: (11/09/2015 11:31:11 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (11/09/2015 11:31:11 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (11/09/2015 11:23:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 CodeIntegrity: =================================== Date: 2015-11-10 14:14:56.293 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-10 14:14:56.043 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-20 20:30:34.395 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-20 20:30:32.205 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-20 20:30:32.076 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-20 20:30:26.948 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-20 20:25:18.386 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-20 20:21:40.514 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-20 20:20:07.425 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-10-20 20:20:07.310 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz Prozentuale Nutzung des RAM: 55% Installierter physikalischer RAM: 8111.19 MB Verfügbarer physikalischer RAM: 3627.11 MB Summe virtueller Speicher: 9391.19 MB Verfügbarer virtueller Speicher: 3992.76 MB ==================== Laufwerke ================================ Drive c: (OS_Install) (Fixed) (Total:586.05 GB) (Free:288.72 GB) NTFS Drive d: (Data) (Fixed) (Total:325.59 GB) (Free:317.04 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 76D1827D) Partition: GPT. ==================== Ende von Addition.txt ============================ |
11.11.2015, 17:01 | #5 |
/// the machine /// TB-Ausbilder | Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
12.11.2015, 00:57 | #6 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht Hier der Logfile vom mbar.exe: Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2015.11.11.05 rootkit: v2015.11.04.02 Windows 8.1 x64 NTFS Internet Explorer 11.0.9600.18098 Sonny :: MSI_SAMDAR [administrator] 11/11/2015 20:21:57 mbar-log-2015-11-11 (20-21-57).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 385870 Time elapsed: 33 minute(s), 27 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\END (Adware.Trace) -> Delete on reboot. [caf7eb915d2e171fd20040965aa9d12f] Physical Sectors Detected: 0 (No malicious items detected) (end) Da der log vom TSSD zu lang ist teil ich ihn in 2 posts auf der eine ist die Weiterführung des nächsten logischerweise ^.^ 00:46:28.0361 0x0230 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57 00:46:28.0361 0x0230 UEFI system 00:46:32.0244 0x0230 ============================================================ 00:46:32.0244 0x0230 Current date / time: 2015/11/12 00:46:32.0244 00:46:32.0244 0x0230 SystemInfo: 00:46:32.0244 0x0230 00:46:32.0244 0x0230 OS Version: 6.3.9600 ServicePack: 0.0 00:46:32.0244 0x0230 Product type: Workstation 00:46:32.0244 0x0230 ComputerName: MSI_SAMDAR 00:46:32.0245 0x0230 UserName: Sonny 00:46:32.0245 0x0230 Windows directory: C:\Windows 00:46:32.0245 0x0230 System windows directory: C:\Windows 00:46:32.0245 0x0230 Running under WOW64 00:46:32.0245 0x0230 Processor architecture: Intel x64 00:46:32.0245 0x0230 Number of processors: 8 00:46:32.0245 0x0230 Page size: 0x1000 00:46:32.0245 0x0230 Boot type: Normal boot 00:46:32.0245 0x0230 ============================================================ 00:46:33.0940 0x0230 KLMD registered as C:\Windows\system32\drivers\56367276.sys 00:46:38.0837 0x0230 System UUID: {10732CB3-B413-A1BD-9BC5-9E369D844DC4} 00:46:39.0760 0x0230 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 00:46:39.0763 0x0230 ============================================================ 00:46:39.0763 0x0230 \Device\Harddisk0\DR0: 00:46:39.0763 0x0230 GPT partitions: 00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {561D05A1-5BB1-45C4-9946-31D55578F5E7}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000 00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CC045C0D-9D4E-43FE-AFCD-50619B17F6AE}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000 00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {653368BC-2279-40E5-A851-686B15B0607A}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000 00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DA8B207D-F772-4BB9-9BA7-87D957D0348A}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x49418800 00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2C56B739-4CBA-4A2A-9DE1-40F62ACF2DD2}, Name: Basic data partition, StartLBA 0x4961B000, BlocksNum 0x28B2F000 00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4EB162E9-742C-4514-AFC5-756ECB853BA2}, Name: Basic data partition, StartLBA 0x7214A000, BlocksNum 0x25BC800 00:46:39.0763 0x0230 MBR partitions: 00:46:39.0764 0x0230 ============================================================ 00:46:39.0772 0x0230 C: <-> \Device\Harddisk0\DR0\Partition4 00:46:39.0805 0x0230 D: <-> \Device\Harddisk0\DR0\Partition5 00:46:39.0805 0x0230 ============================================================ 00:46:39.0805 0x0230 Initialize success 00:46:39.0805 0x0230 ============================================================ 00:47:18.0183 0x18cc ============================================================ 00:47:18.0183 0x18cc Scan started 00:47:18.0183 0x18cc Mode: Manual; SigCheck; TDLFS; 00:47:18.0183 0x18cc ============================================================ 00:47:18.0183 0x18cc KSN ping started 00:47:20.0550 0x18cc KSN ping finished: true 00:47:22.0248 0x18cc ================ Scan system memory ======================== 00:47:22.0248 0x18cc System memory - ok 00:47:22.0249 0x18cc ================ Scan services ============================= 00:47:22.0371 0x18cc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys 00:47:22.0454 0x18cc 1394ohci - ok 00:47:22.0474 0x18cc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys 00:47:22.0559 0x18cc 3ware - ok 00:47:22.0598 0x18cc [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys 00:47:22.0654 0x18cc ACPI - ok 00:47:22.0681 0x18cc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys 00:47:22.0697 0x18cc acpiex - ok 00:47:22.0701 0x18cc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys 00:47:22.0748 0x18cc acpipagr - ok 00:47:22.0767 0x18cc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys 00:47:22.0851 0x18cc AcpiPmi - ok 00:47:22.0855 0x18cc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys 00:47:22.0886 0x18cc acpitime - ok 00:47:23.0012 0x18cc [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 00:47:23.0327 0x18cc AdobeFlashPlayerUpdateSvc - ok 00:47:23.0365 0x18cc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS 00:47:23.0396 0x18cc ADP80XX - ok 00:47:23.0434 0x18cc [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 00:47:23.0556 0x18cc AeLookupSvc - ok 00:47:23.0598 0x18cc [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys 00:47:23.0669 0x18cc AFD - ok 00:47:23.0699 0x18cc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys 00:47:23.0730 0x18cc agp440 - ok 00:47:23.0762 0x18cc [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys 00:47:23.0846 0x18cc ahcache - ok 00:47:23.0882 0x18cc [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe 00:47:23.0945 0x18cc ALG - ok 00:47:23.0979 0x18cc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys 00:47:24.0078 0x18cc AmdK8 - ok 00:47:24.0100 0x18cc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys 00:47:24.0139 0x18cc AmdPPM - ok 00:47:24.0158 0x18cc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys 00:47:24.0193 0x18cc amdsata - ok 00:47:24.0211 0x18cc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 00:47:24.0229 0x18cc amdsbs - ok 00:47:24.0235 0x18cc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys 00:47:24.0249 0x18cc amdxata - ok 00:47:24.0281 0x18cc [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys 00:47:24.0354 0x18cc AppID - ok 00:47:24.0382 0x18cc [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll 00:47:24.0405 0x18cc AppIDSvc - ok 00:47:24.0438 0x18cc [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll 00:47:24.0538 0x18cc Appinfo - ok 00:47:24.0565 0x18cc [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll 00:47:24.0662 0x18cc AppReadiness - ok 00:47:24.0721 0x18cc [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll 00:47:24.0859 0x18cc AppXSvc - ok 00:47:24.0889 0x18cc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys 00:47:24.0906 0x18cc arcsas - ok 00:47:24.0910 0x18cc [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 00:47:25.0002 0x18cc AsyncMac - ok 00:47:25.0006 0x18cc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys 00:47:25.0042 0x18cc atapi - ok 00:47:25.0069 0x18cc [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll 00:47:25.0157 0x18cc AudioEndpointBuilder - ok 00:47:25.0191 0x18cc [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll 00:47:25.0268 0x18cc Audiosrv - ok 00:47:25.0296 0x18cc [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll 00:47:25.0416 0x18cc AxInstSV - ok 00:47:25.0457 0x18cc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 00:47:25.0493 0x18cc b06bdrv - ok 00:47:25.0513 0x18cc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys 00:47:25.0589 0x18cc BasicDisplay - ok 00:47:25.0629 0x18cc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys 00:47:25.0721 0x18cc BasicRender - ok 00:47:25.0750 0x18cc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys 00:47:25.0792 0x18cc bcmfn2 - ok 00:47:25.0868 0x18cc [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\Windows\System32\bdesvc.dll 00:47:25.0953 0x18cc BDESVC - ok 00:47:25.0962 0x18cc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys 00:47:26.0032 0x18cc Beep - ok 00:47:26.0082 0x18cc [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\Windows\System32\bfe.dll 00:47:26.0190 0x18cc BFE - ok 00:47:26.0225 0x18cc [ B1EAED166CC8942F49B3391D5C2007DD, F07648493F68D22594FEAE746BF3B2BA2262707FE21216E87500E407FEDCC2CC ] BfLwf C:\Windows\system32\DRIVERS\bwcW8x64.sys 00:47:26.0267 0x18cc BfLwf - ok 00:47:26.0399 0x18cc [ F0F1D0C0854978F9187EAA047E407EE6, C90B529F8A11F48C353450E932C85BEE3158E2E34A270A3676F4BE367DDBCAF1 ] BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys 00:47:26.0564 0x18cc BHDrvx64 - ok 00:47:26.0612 0x18cc [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll 00:47:26.0680 0x18cc BITS - ok 00:47:26.0759 0x18cc [ A8E05BE650637FC1B9CA5A4AD5893D61, A13F902F64BC906473E6576745D9024D157E87F5FDE9B28B5DCAA248BDB3E7CA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 00:47:27.0123 0x18cc Bluetooth Device Monitor - ok 00:47:27.0163 0x18cc [ 889AED9D7E57139956C5B03D93386A10, A7988A977C9B6AEFB83B9D3BD60CF49D757A5436D782F840C073C4E5B89D370A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 00:47:27.0477 0x18cc Bluetooth OBEX Service - ok 00:47:27.0500 0x18cc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys 00:47:27.0576 0x18cc bowser - ok 00:47:27.0606 0x18cc [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll 00:47:27.0704 0x18cc BrokerInfrastructure - ok 00:47:27.0731 0x18cc [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll 00:47:27.0823 0x18cc Browser - ok 00:47:27.0852 0x18cc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys 00:47:27.0922 0x18cc BthAvrcpTg - ok 00:47:27.0950 0x18cc [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys 00:47:28.0058 0x18cc BthEnum - ok 00:47:28.0077 0x18cc [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys 00:47:28.0148 0x18cc BthHFEnum - ok 00:47:28.0153 0x18cc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys 00:47:28.0198 0x18cc bthhfhid - ok 00:47:28.0241 0x18cc [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll 00:47:28.0313 0x18cc BthHFSrv - ok 00:47:28.0353 0x18cc [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys 00:47:28.0420 0x18cc BthLEEnum - ok 00:47:28.0444 0x18cc [ 8E601CA574B33308F3C95C89B75F0EED, BE2B3EB9F2E62E9DD070E7CC0BCB9F7A594E3BA5A12E53FFA502BFA210800008 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys 00:47:28.0473 0x18cc BTHMODEM - detected UnsignedFile.Multi.Generic ( 1 ) 00:47:30.0889 0x18cc Detect skipped due to KSN trusted 00:47:30.0889 0x18cc BTHMODEM - ok 00:47:30.0932 0x18cc [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys 00:47:31.0008 0x18cc BthPan - ok 00:47:31.0060 0x18cc [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 00:47:31.0132 0x18cc BTHPORT - ok 00:47:31.0164 0x18cc [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll 00:47:31.0241 0x18cc bthserv - ok 00:47:31.0336 0x18cc [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 00:47:31.0369 0x18cc BTHUSB - ok 00:47:31.0393 0x18cc [ E55812A296C23169DEDB8841A0684958, D170365CEFBEE39A0784ECDCDEA158A0CDCFEE12DF1FB638CEECD4798C1E759C ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 00:47:31.0428 0x18cc btmaux - ok 00:47:31.0474 0x18cc [ EAAE1737D2209701E203BA017F57E579, B0CA6FDE97DEBAF2FC6FDEA0BB1A0C4234A75133E64C7739B2392F85C1E69E22 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 00:47:31.0522 0x18cc btmhsf - ok 00:47:31.0546 0x18cc [ 6DD9550A2C5A94306275E0360903F7E2, 1F0C8AB0B76FE52EE461EBA6AE8B47A15AE9D3F7E119078F44292D00B9200B1C ] busenum C:\Windows\System32\drivers\SteelBus64.sys 00:47:31.0643 0x18cc busenum - ok 00:47:31.0683 0x18cc [ A5C16A0BE89EE409732178BEB62F7EA7, D4B993F63CFD9B487BD53B532AB9435084B4C752F2731E189FA1420D516A4E95 ] ccSet_NARA C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys 00:47:31.0741 0x18cc ccSet_NARA - ok 00:47:31.0811 0x18cc [ A5C16A0BE89EE409732178BEB62F7EA7, D4B993F63CFD9B487BD53B532AB9435084B4C752F2731E189FA1420D516A4E95 ] ccSet_NAT C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys 00:47:31.0829 0x18cc ccSet_NAT - ok 00:47:31.0884 0x18cc [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys 00:47:31.0928 0x18cc ccSet_NIS - ok 00:47:31.0947 0x18cc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 00:47:32.0013 0x18cc cdfs - ok 00:47:32.0044 0x18cc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys 00:47:32.0073 0x18cc cdrom - ok 00:47:32.0142 0x18cc [ 4484FCD04FE8FDE734C34244B8D0DDE2, 20AF117DA803C1A92F02FD4F9E4A82EFE82F9E45005AF05B31B3482BA7B9BD8B ] CEDRIVER60 C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys 00:47:32.0200 0x18cc CEDRIVER60 - ok 00:47:32.0230 0x18cc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll 00:47:32.0281 0x18cc CertPropSvc - ok 00:47:32.0298 0x18cc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys 00:47:32.0325 0x18cc circlass - ok 00:47:32.0364 0x18cc [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys 00:47:32.0386 0x18cc CLFS - ok 00:47:32.0424 0x18cc [ 0505BFD7D30036DCB39EAFC5ADF07437, 1FB8D9CCA42C1E0757FC744623A668BDA5EA8A1C74201A8BB1A3B056EB1D3DFC ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe 00:47:32.0543 0x18cc CLKMSVC10_38F51D56 - ok 00:47:32.0564 0x18cc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys 00:47:32.0634 0x18cc CmBatt - ok 00:47:32.0675 0x18cc [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\Windows\system32\Drivers\cng.sys 00:47:32.0705 0x18cc CNG - ok 00:47:32.0715 0x18cc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys 00:47:32.0743 0x18cc CompositeBus - ok 00:47:32.0746 0x18cc COMSysApp - ok 00:47:32.0767 0x18cc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys 00:47:32.0802 0x18cc condrv - ok 00:47:32.0893 0x18cc [ 61BE76F05BDC068B30FEE5B0F19212F0, 3EABFBF31E8498C8AFEA384E9A86C7063DC4E1255874A8E049D1CC99E51B2AD8 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 00:47:33.0055 0x18cc cphs - ok 00:47:33.0085 0x18cc [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll 00:47:33.0174 0x18cc CryptSvc - ok 00:47:33.0205 0x18cc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys 00:47:33.0230 0x18cc dam - ok 00:47:33.0280 0x18cc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll 00:47:33.0344 0x18cc DcomLaunch - ok 00:47:33.0395 0x18cc [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll 00:47:33.0466 0x18cc defragsvc - ok 00:47:33.0508 0x18cc [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll 00:47:33.0554 0x18cc DeviceAssociationService - ok 00:47:33.0614 0x18cc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll 00:47:33.0701 0x18cc DeviceInstall - ok 00:47:33.0732 0x18cc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys 00:47:33.0797 0x18cc Dfsc - ok 00:47:33.0848 0x18cc [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll 00:47:33.0960 0x18cc Dhcp - ok 00:47:34.0030 0x18cc [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll 00:47:34.0134 0x18cc DiagTrack - ok 00:47:34.0161 0x18cc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys 00:47:34.0190 0x18cc disk - ok 00:47:34.0213 0x18cc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys 00:47:34.0284 0x18cc dmvsc - ok 00:47:34.0324 0x18cc [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll 00:47:34.0362 0x18cc Dnscache - ok 00:47:34.0393 0x18cc [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll 00:47:34.0460 0x18cc dot3svc - ok 00:47:34.0503 0x18cc [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll 00:47:34.0546 0x18cc DPS - ok 00:47:34.0568 0x18cc [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 00:47:34.0584 0x18cc drmkaud - ok 00:47:34.0627 0x18cc [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll 00:47:34.0676 0x18cc DsmSvc - ok 00:47:34.0739 0x18cc [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 00:47:34.0797 0x18cc DXGKrnl - ok 00:47:34.0835 0x18cc [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll 00:47:34.0909 0x18cc Eaphost - ok 00:47:35.0007 0x18cc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys 00:47:35.0121 0x18cc ebdrv - ok 00:47:35.0196 0x18cc [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 00:47:35.0244 0x18cc eeCtrl - ok 00:47:35.0277 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe 00:47:35.0293 0x18cc EFS - ok 00:47:35.0326 0x18cc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys 00:47:35.0342 0x18cc EhStorClass - ok 00:47:35.0356 0x18cc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys 00:47:35.0372 0x18cc EhStorTcgDrv - ok 00:47:35.0397 0x18cc [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 00:47:35.0426 0x18cc EraserUtilRebootDrv - ok 00:47:35.0447 0x18cc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys 00:47:35.0480 0x18cc ErrDev - ok 00:47:35.0509 0x18cc [ 5DC4A580FB90E083CFF96BFB03EA17EB, A3E273C3A5B4190D9872F64F77455A4E7A3279CAE7E1A191F4F7FFFE9C0E6D9E ] ETD C:\Windows\system32\DRIVERS\ETD.sys 00:47:35.0561 0x18cc ETD - ok 00:47:35.0607 0x18cc [ 31F88205E21FCDCFB9DFB9DF70AB2598, 1A9523A594CF3591F8200FE15EE1DBC57157B362F185FABB95665764DE46071A ] ETDService C:\Program Files\Elantech\ETDService.exe 00:47:35.0675 0x18cc ETDService - ok 00:47:35.0735 0x18cc [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll 00:47:35.0799 0x18cc EventSystem - ok 00:47:35.0836 0x18cc [ 55588867D59BADA2F62E58618CE32B03, F7FAF420103272151194A475D6C8EF4449AFCED787AA3DF7C461370D828E522F ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 00:47:35.0888 0x18cc EvtEng - ok 00:47:35.0913 0x18cc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys 00:47:36.0000 0x18cc exfat - ok 00:47:36.0022 0x18cc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys 00:47:36.0040 0x18cc fastfat - ok 00:47:36.0082 0x18cc [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe 00:47:36.0199 0x18cc Fax - ok 00:47:36.0218 0x18cc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys 00:47:36.0245 0x18cc fdc - ok 00:47:36.0279 0x18cc [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll 00:47:36.0349 0x18cc fdPHost - ok 00:47:36.0377 0x18cc [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll 00:47:36.0412 0x18cc FDResPub - ok 00:47:36.0448 0x18cc [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll 00:47:36.0489 0x18cc fhsvc - ok 00:47:36.0520 0x18cc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 00:47:36.0546 0x18cc FileInfo - ok 00:47:36.0564 0x18cc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys 00:47:36.0586 0x18cc Filetrace - ok 00:47:36.0610 0x18cc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys 00:47:36.0632 0x18cc flpydisk - ok 00:47:36.0679 0x18cc [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 00:47:36.0713 0x18cc FltMgr - ok 00:47:36.0792 0x18cc [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\Windows\system32\FntCache.dll 00:47:36.0886 0x18cc FontCache - ok 00:47:36.0972 0x18cc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 00:47:37.0046 0x18cc FontCache3.0.0.0 - ok 00:47:37.0076 0x18cc [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 00:47:37.0106 0x18cc FsDepends - ok 00:47:37.0152 0x18cc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 00:47:37.0168 0x18cc Fs_Rec - ok 00:47:37.0226 0x18cc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 00:47:37.0254 0x18cc fvevol - ok 00:47:37.0272 0x18cc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys 00:47:37.0308 0x18cc FxPPM - ok 00:47:37.0321 0x18cc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 00:47:37.0339 0x18cc gagp30kx - ok 00:47:37.0361 0x18cc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys 00:47:37.0380 0x18cc gencounter - ok 00:47:37.0467 0x18cc [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 00:47:37.0525 0x18cc GfExperienceService - ok 00:47:37.0553 0x18cc globalUpdate - ok 00:47:37.0554 0x18cc globalUpdatem - ok 00:47:37.0573 0x18cc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys 00:47:37.0590 0x18cc GPIOClx0101 - ok 00:47:37.0648 0x18cc [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll 00:47:37.0709 0x18cc gpsvc - ok 00:47:37.0776 0x18cc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 00:47:37.0846 0x18cc gupdate - ok 00:47:37.0850 0x18cc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 00:47:37.0876 0x18cc gupdatem - ok 00:47:37.0909 0x18cc [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 00:47:37.0942 0x18cc HdAudAddService - ok 00:47:37.0966 0x18cc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys 00:47:38.0051 0x18cc HDAudBus - ok 00:47:38.0064 0x18cc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys 00:47:38.0078 0x18cc HidBatt - ok 00:47:38.0125 0x18cc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys 00:47:38.0156 0x18cc HidBth - ok 00:47:38.0160 0x18cc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys 00:47:38.0199 0x18cc hidi2c - ok 00:47:38.0221 0x18cc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys 00:47:38.0247 0x18cc HidIr - ok 00:47:38.0284 0x18cc [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll 00:47:38.0344 0x18cc hidserv - ok 00:47:38.0380 0x18cc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys 00:47:38.0462 0x18cc HidUsb - ok 00:47:38.0500 0x18cc [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll 00:47:38.0544 0x18cc hkmsvc - ok 00:47:38.0614 0x18cc [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll 00:47:38.0728 0x18cc HomeGroupListener - ok 00:47:38.0766 0x18cc [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 00:47:38.0800 0x18cc HomeGroupProvider - ok 00:47:38.0828 0x18cc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 00:47:38.0843 0x18cc HpSAMD - ok 00:47:38.0847 0x18cc HSPADataCardusbmdm - ok 00:47:38.0849 0x18cc HSPADataCardusbnmea - ok 00:47:38.0852 0x18cc HSPADataCardusbser - ok 00:47:38.0901 0x18cc [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys 00:47:38.0958 0x18cc HTTP - ok 00:47:38.0978 0x18cc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 00:47:38.0994 0x18cc hwpolicy - ok 00:47:39.0020 0x18cc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys 00:47:39.0045 0x18cc hyperkbd - ok 00:47:39.0049 0x18cc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys 00:47:39.0078 0x18cc HyperVideo - ok 00:47:39.0117 0x18cc [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys 00:47:39.0191 0x18cc i8042prt - ok 00:47:39.0196 0x18cc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 00:47:39.0212 0x18cc iaLPSSi_GPIO - ok 00:47:39.0241 0x18cc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys 00:47:39.0258 0x18cc iaLPSSi_I2C - ok 00:47:39.0282 0x18cc [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys 00:47:39.0325 0x18cc iaStorA - ok 00:47:39.0357 0x18cc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys 00:47:39.0389 0x18cc iaStorAV - ok 00:47:39.0434 0x18cc [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 00:47:39.0480 0x18cc IAStorDataMgrSvc - ok 00:47:39.0517 0x18cc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 00:47:39.0549 0x18cc iaStorV - ok 00:47:39.0580 0x18cc [ E681C3C3D2EFD03F86EAF3CAAEFF6A05, 8416CAB4CC428A8841B2865472F5FFC6AF39588D6B96113090569639752225AB ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys 00:47:39.0602 0x18cc ibtusb - ok 00:47:39.0693 0x18cc [ 77AC93E28B5F4DCE317EFA695E3F59E3, 57D510CEE1B777CFB52CECBAB43B0698A53B048B7E0C622473DEA9E03E2D9BEF ] IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140909.001\IDSvia64.sys 00:47:39.0791 0x18cc IDSVia64 - ok 00:47:39.0795 0x18cc IEEtwCollectorService - ok 00:47:39.0901 0x18cc [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 00:47:40.0041 0x18cc igfx - ok 00:47:40.0076 0x18cc [ 9CD9723D813232FFFFFBC82BC8EDA77E, EE465ADE4BB4594305AC4D9B0856AE9C0FCA981F80EAD400354F50F555446B4D ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe 00:47:40.0117 0x18cc igfxCUIService1.0.0.0 - ok 00:47:40.0173 0x18cc [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\Windows\System32\ikeext.dll 00:47:40.0227 0x18cc IKEEXT - ok 00:47:40.0258 0x18cc [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 00:47:40.0292 0x18cc intaud_WaveExtensible - ok 00:47:40.0406 0x18cc [ 689F04285EF20E98B4F338AF7523A4C2, C2D1EB41382A346607BD91CDBFAEACBC4087EC8482312CBE2E6FBCB87E1B8320 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 00:47:40.0552 0x18cc IntcAzAudAddService - ok 00:47:40.0585 0x18cc [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 00:47:40.0615 0x18cc IntcDAud - ok 00:47:40.0665 0x18cc [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 00:47:41.0411 0x18cc Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 00:47:43.0779 0x18cc Detect skipped due to KSN trusted 00:47:43.0779 0x18cc Intel(R) Capability Licensing Service Interface - ok 00:47:43.0814 0x18cc [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 00:47:45.0101 0x18cc Intel(R) Capability Licensing Service TCP IP Interface - ok 00:47:45.0139 0x18cc [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 00:47:45.0186 0x18cc Intel(R) ME Service - ok 00:47:45.0218 0x18cc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys 00:47:45.0233 0x18cc intelide - ok 00:47:45.0254 0x18cc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys 00:47:45.0269 0x18cc intelpep - ok 00:47:45.0296 0x18cc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys 00:47:45.0320 0x18cc intelppm - ok 00:47:45.0351 0x18cc [ 44A9B60ECA9F6D760E0292E56127BCED, 1795EBC766D1F29D4F279967D7B08ADC2C673ABD7DD1BC157D2A05BCA6B65986 ] ipadtst C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys 00:47:45.0376 0x18cc ipadtst - ok 00:47:45.0380 0x18cc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 00:47:45.0417 0x18cc IpFilterDriver - ok 00:47:45.0469 0x18cc [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 00:47:45.0532 0x18cc iphlpsvc - ok 00:47:45.0562 0x18cc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys 00:47:45.0634 0x18cc IPMIDRV - ok 00:47:45.0675 0x18cc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 00:47:45.0747 0x18cc IPNAT - ok 00:47:45.0776 0x18cc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys 00:47:45.0798 0x18cc IRENUM - ok 00:47:45.0803 0x18cc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys 00:47:45.0817 0x18cc isapnp - ok 00:47:45.0852 0x18cc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys 00:47:45.0873 0x18cc iScsiPrt - ok 00:47:45.0906 0x18cc iumsvc - ok 00:47:45.0920 0x18cc [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\Windows\System32\drivers\iwdbus.sys 00:47:45.0934 0x18cc iwdbus - ok 00:47:45.0967 0x18cc [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 00:47:46.0004 0x18cc jhi_service - ok 00:47:46.0030 0x18cc [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys 00:47:46.0045 0x18cc kbdclass - ok 00:47:46.0076 0x18cc [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys 00:47:46.0108 0x18cc kbdhid - ok 00:47:46.0138 0x18cc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys 00:47:46.0233 0x18cc kdnic - ok 00:47:46.0255 0x18cc [ EB62EE6D52F0D6B76256DBE71C07E26F, D92F2D9B1779DC52918CB5D9F212F62F62E40F7EBB81A865F090B071BE69DE77 ] Ke2200 C:\Windows\system32\DRIVERS\e22w8x64.sys 00:47:46.0287 0x18cc Ke2200 - ok 00:47:46.0312 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe 00:47:46.0331 0x18cc KeyIso - ok 00:47:46.0367 0x18cc [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 00:47:46.0383 0x18cc KSecDD - ok 00:47:46.0406 0x18cc [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 00:47:46.0424 0x18cc KSecPkg - ok 00:47:46.0441 0x18cc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 00:47:46.0466 0x18cc ksthunk - ok 00:47:46.0517 0x18cc [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll 00:47:46.0553 0x18cc KtmRm - ok 00:47:46.0600 0x18cc [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll 00:47:46.0669 0x18cc LanmanServer - ok 00:47:46.0708 0x18cc [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 00:47:46.0770 0x18cc LanmanWorkstation - ok 00:47:46.0806 0x18cc [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll 00:47:46.0881 0x18cc lfsvc - ok 00:47:46.0907 0x18cc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 00:47:46.0936 0x18cc lltdio - ok 00:47:46.0970 0x18cc [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll 00:47:47.0003 0x18cc lltdsvc - ok 00:47:47.0015 0x18cc [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll 00:47:47.0085 0x18cc lmhosts - ok 00:47:47.0178 0x18cc [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 00:47:47.0238 0x18cc LMS - ok 00:47:47.0262 0x18cc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 00:47:47.0278 0x18cc LSI_SAS - ok 00:47:47.0282 0x18cc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 00:47:47.0297 0x18cc LSI_SAS2 - ok 00:47:47.0303 0x18cc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys 00:47:47.0317 0x18cc LSI_SAS3 - ok 00:47:47.0322 0x18cc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys 00:47:47.0338 0x18cc LSI_SSS - ok 00:47:47.0385 0x18cc [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll 00:47:47.0470 0x18cc LSM - ok 00:47:47.0501 0x18cc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys 00:47:47.0583 0x18cc luafv - ok 00:47:47.0586 0x18cc massfilter - ok 00:47:47.0615 0x18cc [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 00:47:47.0643 0x18cc MBAMProtector - ok 00:47:47.0736 0x18cc [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 00:47:47.0955 0x18cc MBAMScheduler - ok 00:47:48.0086 0x18cc [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 00:47:48.0224 0x18cc MBAMService - ok 00:47:48.0276 0x18cc [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 00:47:48.0299 0x18cc MBAMWebAccessControl - ok 00:47:48.0319 0x18cc [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys 00:47:48.0361 0x18cc MBfilt - ok 00:47:48.0461 0x18cc [ D8DBCF7C20F3D39AA0037C64118A5FC4, B29CD8F9C3AFED9C55716A331496FC98F563BBB895BF7D36A5C54DCEA37A7366 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe 00:47:48.0556 0x18cc McComponentHostService - ok 00:47:48.0600 0x18cc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys 00:47:48.0624 0x18cc megasas - ok 00:47:48.0710 0x18cc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys 00:47:48.0755 0x18cc megasr - ok 00:47:48.0785 0x18cc [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys 00:47:48.0816 0x18cc MEIx64 - ok 00:47:48.0886 0x18cc [ 71C6748EE8DE938532057EF10B4B7E44, 455175332156939B3CDA4511A2A6C213ABBFDB85EEECA98B6AB014C994F532C4 ] Micro Star SCM C:\Program Files (x86)\SCM\MSIService.exe 00:47:49.0121 0x18cc Micro Star SCM - detected UnsignedFile.Multi.Generic ( 1 ) 00:47:51.0517 0x18cc Detect skipped due to KSN trusted 00:47:51.0517 0x18cc Micro Star SCM - ok 00:47:51.0560 0x18cc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll 00:47:51.0655 0x18cc MMCSS - ok 00:47:51.0701 0x18cc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys 00:47:51.0741 0x18cc Modem - ok 00:47:51.0760 0x18cc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys 00:47:51.0908 0x18cc monitor - ok 00:47:51.0968 0x18cc [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\System32\drivers\MijXfilt.sys 00:47:52.0055 0x18cc MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 ) 00:47:54.0488 0x18cc Detect skipped due to KSN trusted 00:47:54.0488 0x18cc MotioninJoyXFilter - ok 00:47:54.0559 0x18cc [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys 00:47:54.0581 0x18cc mouclass - ok 00:47:54.0594 0x18cc [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys 00:47:54.0644 0x18cc mouhid - ok 00:47:54.0682 0x18cc [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 00:47:54.0698 0x18cc mountmgr - ok 00:47:54.0748 0x18cc [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 00:47:54.0813 0x18cc MozillaMaintenance - ok 00:47:54.0842 0x18cc [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] |
12.11.2015, 00:57 | #7 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 00:47:54.0915 0x18cc mpsdrv - ok 00:47:54.0974 0x18cc [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll 00:47:55.0037 0x18cc MpsSvc - ok 00:47:55.0068 0x18cc [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 00:47:55.0141 0x18cc MRxDAV - ok 00:47:55.0176 0x18cc [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 00:47:55.0255 0x18cc mrxsmb - ok 00:47:55.0295 0x18cc [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 00:47:55.0380 0x18cc mrxsmb10 - ok 00:47:55.0409 0x18cc [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 00:47:55.0461 0x18cc mrxsmb20 - ok 00:47:55.0495 0x18cc [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys 00:47:55.0528 0x18cc MsBridge - ok 00:47:55.0560 0x18cc [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe 00:47:55.0583 0x18cc MSDTC - ok 00:47:55.0601 0x18cc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys 00:47:55.0642 0x18cc Msfs - ok 00:47:55.0657 0x18cc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys 00:47:55.0673 0x18cc msgpiowin32 - ok 00:47:55.0695 0x18cc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 00:47:55.0724 0x18cc mshidkmdf - ok 00:47:55.0736 0x18cc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys 00:47:55.0764 0x18cc mshidumdf - ok 00:47:55.0787 0x18cc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 00:47:55.0801 0x18cc msisadrv - ok 00:47:55.0838 0x18cc [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll 00:47:55.0870 0x18cc MSiSCSI - ok 00:47:55.0873 0x18cc msiserver - ok 00:47:55.0895 0x18cc [ B0762157B3CFF4D4782646F009EE8465, 57D48AE041E0528E5CA0F0A300CA32FF114A01750C9E3D49EFAC3EFD3E5E9AF8 ] MSI_SuperCharger C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe 00:47:55.0937 0x18cc MSI_SuperCharger - ok 00:47:55.0966 0x18cc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 00:47:55.0989 0x18cc MSKSSRV - ok 00:47:56.0031 0x18cc [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys 00:47:56.0082 0x18cc MsLldp - ok 00:47:56.0117 0x18cc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 00:47:56.0141 0x18cc MSPCLOCK - ok 00:47:56.0166 0x18cc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 00:47:56.0193 0x18cc MSPQM - ok 00:47:56.0217 0x18cc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 00:47:56.0245 0x18cc MsRPC - ok 00:47:56.0257 0x18cc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys 00:47:56.0272 0x18cc mssmbios - ok 00:47:56.0299 0x18cc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 00:47:56.0325 0x18cc MSTEE - ok 00:47:56.0328 0x18cc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys 00:47:56.0359 0x18cc MTConfig - ok 00:47:56.0372 0x18cc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys 00:47:56.0387 0x18cc Mup - ok 00:47:56.0410 0x18cc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys 00:47:56.0437 0x18cc mvumis - ok 00:47:56.0467 0x18cc [ FCDCFEDAF3C1D61DE11FA0DE9453699C, 4E79F1040E62B0DEE00F3035DBFE5241A459FE4C1A46337FF13A25FF8C5A64A5 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 00:47:56.0525 0x18cc MyWiFiDHCPDNS - ok 00:47:56.0569 0x18cc [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll 00:47:56.0608 0x18cc napagent - ok 00:47:56.0672 0x18cc [ 8FA07AF404BC705FDEC03493644970B2, BF3B681AB11D830524607B3C5790B83A886B7CBDE397C3C7C9C96F79E2EC244D ] NAT C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe 00:47:56.0733 0x18cc NAT - ok 00:47:56.0769 0x18cc [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 00:47:56.0852 0x18cc NativeWifiP - ok 00:47:56.0923 0x18cc [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\ENG64.SYS 00:47:56.0946 0x18cc NAVENG - ok 00:47:57.0004 0x18cc [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\EX64.SYS 00:47:57.0094 0x18cc NAVEX15 - ok 00:47:57.0126 0x18cc [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll 00:47:57.0181 0x18cc NcaSvc - ok 00:47:57.0210 0x18cc [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll 00:47:57.0305 0x18cc NcbService - ok 00:47:57.0334 0x18cc [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll 00:47:57.0395 0x18cc NcdAutoSetup - ok 00:47:57.0444 0x18cc [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys 00:47:57.0513 0x18cc NDIS - ok 00:47:57.0543 0x18cc [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 00:47:57.0573 0x18cc NdisCap - ok 00:47:57.0607 0x18cc [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys 00:47:57.0642 0x18cc NdisImPlatform - ok 00:47:57.0661 0x18cc [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 00:47:57.0717 0x18cc NdisTapi - ok 00:47:57.0750 0x18cc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 00:47:57.0813 0x18cc Ndisuio - ok 00:47:57.0829 0x18cc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys 00:47:57.0863 0x18cc NdisVirtualBus - ok 00:47:57.0890 0x18cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 00:47:57.0920 0x18cc NdisWan - ok 00:47:57.0925 0x18cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys 00:47:57.0950 0x18cc NdisWanLegacy - ok 00:47:57.0978 0x18cc [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 00:47:58.0000 0x18cc NDProxy - ok 00:47:58.0026 0x18cc [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys 00:47:58.0088 0x18cc Ndu - ok 00:47:58.0112 0x18cc [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 00:47:58.0142 0x18cc NetBIOS - ok 00:47:58.0166 0x18cc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 00:47:58.0242 0x18cc NetBT - ok 00:47:58.0262 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe 00:47:58.0278 0x18cc Netlogon - ok 00:47:58.0319 0x18cc [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll 00:47:58.0358 0x18cc Netman - ok 00:47:58.0402 0x18cc [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll 00:47:58.0446 0x18cc netprofm - ok 00:47:58.0506 0x18cc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 00:47:58.0584 0x18cc NetTcpPortSharing - ok 00:47:58.0613 0x18cc [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys 00:47:58.0677 0x18cc netvsc - ok 00:47:58.0787 0x18cc [ B6EDB4D2BA55CA06FF679FA4B885B1F4, 3A5E509B52216DEFBEDE2CA35C77A2AB8114E41D702765F6712DD8D24B394826 ] NETwNb64 C:\Windows\system32\DRIVERS\NETwbw02.sys 00:47:58.0919 0x18cc NETwNb64 - ok 00:47:59.0046 0x18cc [ 2393ACEBBCFF7BAFF04EB60C96914E17, DE97BEE4B8454D86B1CF8E2748CFFB3A1560CE962E1F3611E5B3542C1496A038 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe 00:47:59.0099 0x18cc NIS - ok 00:47:59.0137 0x18cc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll 00:47:59.0181 0x18cc NlaSvc - ok 00:47:59.0354 0x18cc [ 4CA6E1F6A83D74A86850726475DC4462, 9BF8D917141A5736E72A9F51F827D24393509896E866F43FFB079F5BF8EF3F81 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 00:47:59.0747 0x18cc NOBU - ok 00:47:59.0785 0x18cc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys 00:47:59.0801 0x18cc Npfs - ok 00:47:59.0825 0x18cc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys 00:47:59.0877 0x18cc npsvctrig - ok 00:47:59.0924 0x18cc [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll 00:47:59.0997 0x18cc nsi - ok 00:48:00.0030 0x18cc [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 00:48:00.0061 0x18cc nsiproxy - ok 00:48:00.0173 0x18cc [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 00:48:00.0241 0x18cc Ntfs - ok 00:48:00.0296 0x18cc [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys 00:48:00.0319 0x18cc NTIOLib_1_0_3 - ok 00:48:00.0328 0x18cc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys 00:48:00.0351 0x18cc Null - ok 00:48:00.0623 0x18cc [ DF2213CF2DD81B790B85541D138D93C7, F00AC7991770C22C89C891009CFDCA3A445279235389F67B6412DBE468D70F5F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 00:48:00.0973 0x18cc nvlddmkm - ok 00:48:01.0083 0x18cc [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 00:48:01.0646 0x18cc NvNetworkService - ok 00:48:01.0673 0x18cc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys 00:48:01.0691 0x18cc nvraid - ok 00:48:01.0696 0x18cc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys 00:48:01.0716 0x18cc nvstor - ok 00:48:01.0770 0x18cc [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 00:48:01.0798 0x18cc NvStreamKms - ok 00:48:01.0958 0x18cc [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 00:48:02.0681 0x18cc NvStreamSvc - ok 00:48:02.0736 0x18cc [ F029A2C032B4A50DEBB21312CFF76189, F47F0FC39AF6DFC8A9A3F0A486357BE76B8BD0753135B567FDB6E213D11893FD ] nvsvc C:\Windows\system32\nvvsvc.exe 00:48:02.0814 0x18cc nvsvc - ok 00:48:02.0844 0x18cc [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 00:48:02.0871 0x18cc nvvad_WaveExtensible - ok 00:48:02.0902 0x18cc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 00:48:02.0936 0x18cc nv_agp - ok 00:48:02.0983 0x18cc [ 9130774B6AF49DA8AC51CC69BFA4A6E8, 886A72BBBE93DADB1437D01CEDA884EE4176C085574DCFDF6291A3E20CB5CDB7 ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe 00:48:03.0086 0x18cc OkayFreedom VPN Starter Service - ok 00:48:03.0135 0x18cc [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 00:48:03.0178 0x18cc ose64 - ok 00:48:03.0212 0x18cc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 00:48:03.0294 0x18cc p2pimsvc - ok 00:48:03.0333 0x18cc [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll 00:48:03.0401 0x18cc p2psvc - ok 00:48:03.0419 0x18cc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys 00:48:03.0441 0x18cc Parport - ok 00:48:03.0473 0x18cc [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys 00:48:03.0489 0x18cc partmgr - ok 00:48:03.0529 0x18cc [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll 00:48:03.0575 0x18cc PcaSvc - ok 00:48:03.0620 0x18cc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys 00:48:03.0672 0x18cc pci - ok 00:48:03.0703 0x18cc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys 00:48:03.0717 0x18cc pciide - ok 00:48:03.0746 0x18cc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 00:48:03.0775 0x18cc pcmcia - ok 00:48:03.0790 0x18cc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys 00:48:03.0805 0x18cc pcw - ok 00:48:03.0829 0x18cc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys 00:48:03.0846 0x18cc pdc - ok 00:48:03.0890 0x18cc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 00:48:03.0959 0x18cc PEAUTH - ok 00:48:04.0048 0x18cc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe 00:48:04.0114 0x18cc PerfHost - ok 00:48:04.0183 0x18cc [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll 00:48:04.0253 0x18cc pla - ok 00:48:04.0283 0x18cc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 00:48:04.0301 0x18cc PlugPlay - ok 00:48:04.0349 0x18cc [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 00:48:04.0365 0x18cc PNRPAutoReg - ok 00:48:04.0395 0x18cc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 00:48:04.0418 0x18cc PNRPsvc - ok 00:48:04.0452 0x18cc [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 00:48:04.0482 0x18cc PolicyAgent - ok 00:48:04.0517 0x18cc [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll 00:48:04.0592 0x18cc Power - ok 00:48:04.0615 0x18cc [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 00:48:04.0661 0x18cc PptpMiniport - ok 00:48:04.0778 0x18cc [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll 00:48:04.0970 0x18cc PrintNotify - ok 00:48:05.0011 0x18cc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys 00:48:05.0043 0x18cc Processor - ok 00:48:05.0083 0x18cc [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll 00:48:05.0164 0x18cc ProfSvc - ok 00:48:05.0199 0x18cc [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 00:48:05.0218 0x18cc Psched - ok 00:48:05.0280 0x18cc [ AC64125A02ACC62B064EAD6EE4920D54, 04623CD0C6DF28892C499B54964B88765BD6A1F48CFC453DA1011A169D4B82D1 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe 00:48:05.0322 0x18cc Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:07.0782 0x18cc Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - warning 00:48:07.0783 0x18cc Force sending object to P2P due to detect: Qualcomm Atheros Killer Service V2 00:48:10.0269 0x18cc Object send P2P result: true 00:48:10.0867 0x1ad8 Object required for P2P: [ DF2213CF2DD81B790B85541D138D93C7 ] nvlddmkm 00:48:12.0848 0x18cc [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll 00:48:12.0890 0x18cc QWAVE - ok 00:48:12.0927 0x18cc [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 00:48:12.0952 0x18cc QWAVEdrv - ok 00:48:12.0968 0x18cc [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 00:48:13.0004 0x18cc RasAcd - ok 00:48:13.0039 0x18cc [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 00:48:13.0066 0x18cc RasAgileVpn - ok 00:48:13.0104 0x18cc [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll 00:48:13.0135 0x18cc RasAuto - ok 00:48:13.0165 0x18cc [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 00:48:13.0209 0x18cc Rasl2tp - ok 00:48:13.0252 0x18cc [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll 00:48:13.0288 0x18cc RasMan - ok 00:48:13.0293 0x18cc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 00:48:13.0319 0x18cc RasPppoe - ok 00:48:13.0358 0x18cc [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 00:48:13.0363 0x1ad8 Object send P2P result: true 00:48:13.0385 0x18cc RasSstp - ok 00:48:13.0427 0x18cc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 00:48:13.0539 0x18cc rdbss - ok 00:48:13.0553 0x18cc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys 00:48:13.0600 0x18cc rdpbus - ok 00:48:13.0634 0x18cc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 00:48:13.0698 0x18cc RDPDR - ok 00:48:13.0729 0x18cc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 00:48:13.0747 0x18cc RdpVideoMiniport - ok 00:48:13.0785 0x18cc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 00:48:13.0826 0x18cc rdyboost - ok 00:48:13.0903 0x18cc [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys 00:48:13.0938 0x18cc ReFS - ok 00:48:13.0971 0x18cc [ 5B1F724CBCA8E08DC9D4C158C9BC1C1C, D5B170CF4B5420213130E151AFBBD9B84C5F7E710F5F67066E07095DEC1BD4B9 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 00:48:14.0000 0x18cc RegSrvc - ok 00:48:14.0033 0x18cc [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll 00:48:14.0073 0x18cc RemoteAccess - ok 00:48:14.0120 0x18cc [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll 00:48:14.0187 0x18cc RemoteRegistry - ok 00:48:14.0226 0x18cc [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys 00:48:14.0273 0x18cc RFCOMM - ok 00:48:14.0302 0x18cc [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 00:48:14.0334 0x18cc RpcEptMapper - ok 00:48:14.0366 0x18cc [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe 00:48:14.0395 0x18cc RpcLocator - ok 00:48:14.0451 0x18cc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll 00:48:14.0482 0x18cc RpcSs - ok 00:48:14.0502 0x18cc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 00:48:14.0540 0x18cc rspndr - ok 00:48:14.0575 0x18cc [ D82269634BA995825E5D9166B35F8184, D81B6BE3BA0C1CCB1B89974BE24E02536DF63091871D55F5EF34C689EBEB7D7E ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys 00:48:14.0598 0x18cc RTSPER - ok 00:48:14.0617 0x18cc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys 00:48:14.0643 0x18cc s3cap - ok 00:48:14.0679 0x18cc [ 6A75424A0D365CF924DF4887BE18A908, C04B1CBE3AA2799984BA9460BF0891457E5811B58230847F151B4265662F4E94 ] SAlphamBth C:\Windows\System32\drivers\SAlphabt64.sys 00:48:14.0709 0x18cc SAlphamBth - ok 00:48:14.0720 0x18cc [ BA61AC30012136452897855B9C623278, FD6338716DF5057C2DAD941932679DD0CB5EF7BA864BE3370B2D2CB5BC53D734 ] SAlphamHid C:\Windows\System32\drivers\SAlpham64.sys 00:48:14.0761 0x18cc SAlphamHid - ok 00:48:14.0777 0x18cc [ 666B8FAA62B38B31BFDCE056ADB07EF3, 3E06EC40922FE3D0F8D74AADD50BB4311BE53CA9B33C92B7DA1D3EF2FB2C80F9 ] SAlphaPS2 C:\Windows\System32\drivers\SAlphaPS264.sys 00:48:14.0818 0x18cc SAlphaPS2 - ok 00:48:14.0848 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe 00:48:14.0863 0x18cc SamSs - ok 00:48:14.0893 0x18cc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 00:48:14.0912 0x18cc sbp2port - ok 00:48:14.0946 0x18cc [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll 00:48:14.0979 0x18cc SCardSvr - ok 00:48:15.0006 0x18cc [ A5C91E4A9B97665E5A10317C1625AFF9, 2B0B5F658AE259DF971112EA1A0266748E6092D08A49F48CE2872CB049B572D8 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys 00:48:15.0064 0x18cc SCDEmu - ok 00:48:15.0096 0x18cc [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll 00:48:15.0116 0x18cc ScDeviceEnum - ok 00:48:15.0147 0x18cc [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 00:48:15.0175 0x18cc scfilter - ok 00:48:15.0232 0x18cc [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll 00:48:15.0332 0x18cc Schedule - ok 00:48:15.0358 0x18cc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll 00:48:15.0379 0x18cc SCPolicySvc - ok 00:48:15.0420 0x18cc [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys 00:48:15.0466 0x18cc sdbus - ok 00:48:15.0490 0x18cc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys 00:48:15.0516 0x18cc sdstor - ok 00:48:15.0538 0x18cc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 00:48:15.0586 0x18cc secdrv - ok 00:48:15.0618 0x18cc [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll 00:48:15.0645 0x18cc seclogon - ok 00:48:15.0686 0x18cc [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll 00:48:15.0704 0x18cc SENS - ok 00:48:15.0750 0x18cc [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 00:48:15.0816 0x18cc SensrSvc - ok 00:48:15.0845 0x18cc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys 00:48:15.0860 0x18cc SerCx - ok 00:48:15.0865 0x18cc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys 00:48:15.0884 0x18cc SerCx2 - ok 00:48:15.0888 0x18cc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys 00:48:15.0920 0x18cc Serenum - ok 00:48:15.0947 0x18cc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys 00:48:16.0000 0x18cc Serial - ok 00:48:16.0025 0x18cc [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys 00:48:16.0057 0x18cc sermouse - ok 00:48:16.0094 0x18cc [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll 00:48:16.0166 0x18cc SessionEnv - ok 00:48:16.0170 0x18cc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys 00:48:16.0199 0x18cc sfloppy - ok 00:48:16.0257 0x18cc [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll 00:48:16.0297 0x18cc SharedAccess - ok 00:48:16.0334 0x18cc [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll 00:48:16.0420 0x18cc ShellHWDetection - ok 00:48:16.0438 0x18cc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 00:48:16.0452 0x18cc SiSRaid2 - ok 00:48:16.0484 0x18cc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 00:48:16.0502 0x18cc SiSRaid4 - ok 00:48:16.0555 0x18cc [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 00:48:16.0621 0x18cc SkypeUpdate - ok 00:48:16.0642 0x18cc [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll 00:48:16.0658 0x18cc smphost - ok 00:48:16.0688 0x18cc [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 00:48:16.0712 0x18cc SNMPTRAP - ok 00:48:16.0761 0x18cc [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys 00:48:16.0788 0x18cc spaceport - ok 00:48:16.0800 0x18cc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys 00:48:16.0815 0x18cc SpbCx - ok 00:48:16.0863 0x18cc [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe 00:48:16.0931 0x18cc Spooler - ok 00:48:17.0075 0x18cc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe 00:48:17.0256 0x18cc sppsvc - ok 00:48:17.0321 0x18cc [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS 00:48:17.0372 0x18cc SRTSP - ok 00:48:17.0382 0x18cc [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS 00:48:17.0408 0x18cc SRTSPX - ok 00:48:17.0443 0x18cc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys 00:48:17.0530 0x18cc srv - ok 00:48:17.0573 0x18cc [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 00:48:17.0626 0x18cc srv2 - ok 00:48:17.0845 0x18cc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 00:48:18.0193 0x18cc srvnet - ok 00:48:18.0357 0x18cc [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 00:48:18.0723 0x18cc SSDPSRV - ok 00:48:18.0756 0x18cc [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll 00:48:18.0802 0x18cc SstpSvc - ok 00:48:18.0905 0x18cc [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 00:48:19.0174 0x18cc Steam Client Service - ok 00:48:19.0205 0x18cc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys 00:48:19.0220 0x18cc stexstor - ok 00:48:19.0272 0x18cc [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll 00:48:19.0343 0x18cc stisvc - ok 00:48:19.0348 0x18cc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys 00:48:19.0366 0x18cc storahci - ok 00:48:19.0404 0x18cc [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 00:48:19.0436 0x18cc storflt - ok 00:48:19.0442 0x18cc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys 00:48:19.0456 0x18cc stornvme - ok 00:48:19.0488 0x18cc [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll 00:48:19.0544 0x18cc StorSvc - ok 00:48:19.0549 0x18cc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys 00:48:19.0565 0x18cc storvsc - ok 00:48:19.0617 0x18cc [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll 00:48:19.0665 0x18cc svsvc - ok 00:48:19.0691 0x18cc [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys 00:48:19.0706 0x18cc swenum - ok 00:48:19.0750 0x18cc [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll 00:48:19.0790 0x18cc swprv - ok 00:48:19.0794 0x18cc swsedrvr_vw_1_10_0_25 - ok 00:48:19.0824 0x18cc [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS 00:48:19.0848 0x18cc SymDS - ok 00:48:19.0891 0x18cc [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS 00:48:19.0965 0x18cc SymEFA - ok 00:48:19.0985 0x18cc [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys 00:48:20.0011 0x18cc SymELAM - ok 00:48:20.0035 0x18cc [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 00:48:20.0057 0x18cc SymEvent - ok 00:48:20.0097 0x18cc [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS 00:48:20.0132 0x18cc SymIRON - ok 00:48:20.0156 0x18cc [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS 00:48:20.0206 0x18cc SymNetS - ok 00:48:20.0265 0x18cc [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll 00:48:20.0380 0x18cc SysMain - ok 00:48:20.0420 0x18cc [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll 00:48:20.0461 0x18cc SystemEventsBroker - ok 00:48:20.0501 0x18cc [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll 00:48:20.0566 0x18cc TabletInputService - ok 00:48:20.0596 0x18cc [ F0B9D3ED88E56D3CD713DFF21E42AAF0, D914422032A6EC6B161F20CD040B631F8AF18D4B942F6CBE7E32069EBF551B6A ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 00:48:20.0628 0x18cc tap0901 - ok 00:48:20.0668 0x18cc [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll 00:48:20.0734 0x18cc TapiSrv - ok 00:48:20.0815 0x18cc [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 00:48:20.0889 0x18cc Tcpip - ok 00:48:20.0939 0x18cc [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 00:48:21.0006 0x18cc TCPIP6 - ok 00:48:21.0036 0x18cc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 00:48:21.0091 0x18cc tcpipreg - ok 00:48:21.0117 0x18cc [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 00:48:21.0152 0x18cc tdx - ok 00:48:21.0308 0x18cc [ A903E5C565A2677F3960E4AAB7B42280, 6D819D4F464005FBAECAAB719EB2D6539E8A48851C09A1AA8E9D48CDFDA9FEE1 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 00:48:21.0657 0x18cc TeamViewer - ok 00:48:21.0697 0x18cc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys 00:48:21.0712 0x18cc terminpt - ok 00:48:21.0765 0x18cc [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll 00:48:21.0813 0x18cc TermService - ok 00:48:21.0843 0x18cc [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll 00:48:21.0875 0x18cc Themes - ok 00:48:21.0905 0x18cc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll 00:48:21.0923 0x18cc THREADORDER - ok 00:48:21.0959 0x18cc [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll 00:48:22.0025 0x18cc TimeBroker - ok 00:48:22.0054 0x18cc [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys 00:48:22.0075 0x18cc TPM - ok 00:48:22.0113 0x18cc [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll 00:48:22.0143 0x18cc TrkWks - ok 00:48:22.0185 0x18cc [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 00:48:22.0227 0x18cc TrustedInstaller - ok 00:48:22.0265 0x18cc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 00:48:22.0321 0x18cc TsUsbFlt - ok 00:48:22.0358 0x18cc [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 00:48:22.0444 0x18cc TsUsbGD - ok 00:48:22.0466 0x18cc [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 00:48:22.0527 0x18cc tunnel - ok 00:48:22.0534 0x18cc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 00:48:22.0549 0x18cc uagp35 - ok 00:48:22.0561 0x18cc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 00:48:22.0580 0x18cc UASPStor - ok 00:48:22.0615 0x18cc [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys 00:48:22.0636 0x18cc UCX01000 - ok 00:48:22.0677 0x18cc [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys 00:48:22.0747 0x18cc udfs - ok 00:48:22.0756 0x18cc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys 00:48:22.0770 0x18cc UEFI - ok 00:48:22.0795 0x18cc [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe 00:48:22.0834 0x18cc UI0Detect - ok 00:48:22.0873 0x18cc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 00:48:22.0899 0x18cc uliagpkx - ok 00:48:22.0919 0x18cc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys 00:48:22.0940 0x18cc umbus - ok 00:48:22.0944 0x18cc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys 00:48:22.0974 0x18cc UmPass - ok 00:48:23.0011 0x18cc [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll 00:48:23.0087 0x18cc UmRdpService - ok 00:48:23.0162 0x18cc [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll 00:48:23.0233 0x18cc upnphost - ok 00:48:23.0265 0x18cc [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys 00:48:23.0307 0x18cc USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:25.0688 0x18cc Detect skipped due to KSN trusted 00:48:25.0688 0x18cc USBAAPL64 - ok 00:48:25.0739 0x18cc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 00:48:25.0757 0x18cc usbccgp - ok 00:48:25.0791 0x18cc [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys 00:48:25.0826 0x18cc usbcir - ok 00:48:25.0850 0x18cc [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys 00:48:25.0866 0x18cc usbehci - ok 00:48:25.0893 0x18cc [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys 00:48:25.0920 0x18cc usbhub - ok 00:48:25.0990 0x18cc [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 00:48:26.0025 0x18cc USBHUB3 - ok 00:48:26.0052 0x18cc [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys 00:48:26.0170 0x18cc usbohci - ok 00:48:26.0174 0x18cc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys 00:48:26.0235 0x18cc usbprint - ok 00:48:26.0262 0x18cc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 00:48:26.0279 0x18cc USBSTOR - ok 00:48:26.0290 0x18cc [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 00:48:26.0326 0x18cc usbuhci - ok 00:48:26.0365 0x18cc [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 00:48:26.0413 0x18cc usbvideo - ok 00:48:26.0460 0x18cc [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 00:48:26.0500 0x18cc USBXHCI - ok 00:48:26.0523 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe 00:48:26.0539 0x18cc VaultSvc - ok 00:48:26.0574 0x18cc [ 87D4E923785CDFA655B53A78DD99BD2B, CCE460ED6C1292284B22B675CEDBB86CC3D329B15B1B9F77EA80AC7EDB774B65 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 00:48:26.0604 0x18cc VBoxNetAdp - ok 00:48:26.0607 0x18cc VBoxNetFlt - ok 00:48:26.0639 0x18cc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 00:48:26.0654 0x18cc vdrvroot - ok 00:48:26.0710 0x18cc [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe 00:48:26.0870 0x18cc vds - ok 00:48:26.0899 0x18cc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 00:48:26.0922 0x18cc VerifierExt - ok 00:48:27.0010 0x18cc [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 00:48:27.0039 0x18cc vhdmp - ok 00:48:27.0057 0x18cc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys 00:48:27.0070 0x18cc viaide - ok 00:48:27.0105 0x18cc [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys 00:48:27.0138 0x18cc vmbus - ok 00:48:27.0152 0x18cc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 00:48:27.0170 0x18cc VMBusHID - ok 00:48:27.0234 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll 00:48:27.0304 0x18cc vmicguestinterface - ok 00:48:27.0315 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll 00:48:27.0343 0x18cc vmicheartbeat - ok 00:48:27.0353 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll 00:48:27.0383 0x18cc vmickvpexchange - ok 00:48:27.0394 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll 00:48:27.0424 0x18cc vmicrdv - ok 00:48:27.0434 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll 00:48:27.0462 0x18cc vmicshutdown - ok 00:48:27.0474 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll 00:48:27.0506 0x18cc vmictimesync - ok 00:48:27.0517 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll 00:48:27.0544 0x18cc vmicvss - ok 00:48:27.0558 0x18cc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys 00:48:27.0574 0x18cc volmgr - ok 00:48:27.0591 0x18cc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 00:48:27.0641 0x18cc volmgrx - ok 00:48:27.0666 0x18cc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys 00:48:27.0688 0x18cc volsnap - ok 00:48:27.0719 0x18cc [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys 00:48:27.0739 0x18cc vpci - ok 00:48:27.0759 0x18cc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 00:48:27.0777 0x18cc vsmraid - ok 00:48:27.0837 0x18cc [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe 00:48:27.0905 0x18cc VSS - ok 00:48:27.0923 0x18cc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 00:48:27.0943 0x18cc VSTXRAID - ok 00:48:27.0977 0x18cc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 00:48:28.0041 0x18cc vwifibus - ok 00:48:28.0064 0x18cc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 00:48:28.0089 0x18cc vwififlt - ok 00:48:28.0114 0x18cc [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 00:48:28.0138 0x18cc vwifimp - ok 00:48:28.0203 0x18cc [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll 00:48:28.0288 0x18cc W32Time - ok 00:48:28.0314 0x18cc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys 00:48:28.0337 0x18cc WacomPen - ok 00:48:28.0366 0x18cc [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 00:48:28.0395 0x18cc WANARP - ok 00:48:28.0399 0x18cc [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 00:48:28.0415 0x18cc Wanarpv6 - ok 00:48:28.0476 0x18cc [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe 00:48:28.0562 0x18cc wbengine - ok 00:48:28.0601 0x18cc [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 00:48:28.0649 0x18cc WbioSrvc - ok 00:48:28.0668 0x18cc [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 00:48:28.0702 0x18cc Wcmsvc - ok 00:48:28.0743 0x18cc [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll 00:48:28.0772 0x18cc wcncsvc - ok 00:48:28.0798 0x18cc [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 00:48:28.0852 0x18cc WcsPlugInService - ok 00:48:28.0888 0x18cc [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 00:48:28.0921 0x18cc WdBoot - ok 00:48:28.0957 0x18cc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 00:48:29.0016 0x18cc Wdf01000 - ok 00:48:29.0038 0x18cc [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 00:48:29.0058 0x18cc WdFilter - ok 00:48:29.0086 0x18cc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll 00:48:29.0113 0x18cc WdiServiceHost - ok 00:48:29.0116 0x18cc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll 00:48:29.0134 0x18cc WdiSystemHost - ok 00:48:29.0164 0x18cc [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys 00:48:29.0181 0x18cc WdNisDrv - ok 00:48:29.0213 0x18cc WdNisSvc - ok 00:48:29.0252 0x18cc [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll 00:48:29.0317 0x18cc WebClient - ok 00:48:29.0361 0x18cc [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll 00:48:29.0384 0x18cc Wecsvc - ok 00:48:29.0414 0x18cc [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll 00:48:29.0438 0x18cc WEPHOSTSVC - ok 00:48:29.0477 0x18cc [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll 00:48:29.0533 0x18cc wercplsupport - ok 00:48:29.0570 0x18cc [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll 00:48:29.0596 0x18cc WerSvc - ok 00:48:29.0622 0x18cc [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys 00:48:29.0639 0x18cc WFPLWFS - ok 00:48:29.0673 0x18cc [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll 00:48:29.0690 0x18cc WiaRpc - ok 00:48:29.0710 0x18cc [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 00:48:29.0724 0x18cc WIMMount - ok 00:48:29.0725 0x18cc WinDefend - ok 00:48:29.0769 0x18cc [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 00:48:29.0815 0x18cc WinHttpAutoProxySvc - ok 00:48:29.0867 0x18cc [ E815503BDE35026051EB701ACA72B296, 5541FBDA961B403F88BAF720840AB8DF2C96A382CDF97132A5C6A05A5F105E70 ] WINIO C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys 00:48:29.0904 0x18cc WINIO - ok 00:48:30.0005 0x18cc [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 00:48:30.0081 0x18cc Winmgmt - ok 00:48:30.0173 0x18cc [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll 00:48:30.0243 0x18cc WinRM - ok 00:48:30.0275 0x18cc [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys 00:48:30.0302 0x18cc WinUsb - ok 00:48:30.0343 0x18cc [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll 00:48:30.0417 0x18cc WlanSvc - ok 00:48:30.0475 0x18cc [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll 00:48:30.0554 0x18cc wlidsvc - ok 00:48:30.0574 0x18cc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 00:48:30.0596 0x18cc WmiAcpi - ok 00:48:30.0628 0x18cc [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 00:48:30.0684 0x18cc wmiApSrv - ok 00:48:30.0710 0x18cc WMPNetworkSvc - ok 00:48:30.0741 0x18cc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys 00:48:30.0759 0x18cc Wof - ok 00:48:30.0821 0x18cc [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll 00:48:30.0900 0x18cc workfolderssvc - ok 00:48:30.0940 0x18cc [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys 00:48:30.0971 0x18cc wpcfltr - ok 00:48:30.0990 0x18cc [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll 00:48:31.0031 0x18cc WPCSvc - ok 00:48:31.0071 0x18cc [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 00:48:31.0103 0x18cc WPDBusEnum - ok 00:48:31.0141 0x18cc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 00:48:31.0155 0x18cc WpdUpFltr - ok 00:48:31.0164 0x18cc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 00:48:31.0190 0x18cc ws2ifsl - ok 00:48:31.0224 0x18cc [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll 00:48:31.0273 0x18cc wscsvc - ok 00:48:31.0276 0x18cc WSearch - ok 00:48:31.0378 0x18cc [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll 00:48:31.0480 0x18cc WSService - ok 00:48:31.0591 0x18cc [ 4BD3138EF061E24F9FDC722B49274B40, F9339F6AA8822E5E1334E41BE4140F9E8E5B24D1CD85B4C746D714AFDD485B49 ] wuauserv C:\Windows\system32\wuaueng.dll 00:48:31.0701 0x18cc wuauserv - ok 00:48:31.0742 0x18cc [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 00:48:31.0814 0x18cc WudfPf - ok 00:48:31.0825 0x18cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys 00:48:31.0861 0x18cc WUDFRd - ok 00:48:31.0867 0x18cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\Windows\System32\drivers\WUDFRd.sys 00:48:31.0884 0x18cc WUDFSensorLP - ok 00:48:31.0908 0x18cc [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 00:48:31.0942 0x18cc wudfsvc - ok 00:48:31.0949 0x18cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys 00:48:31.0968 0x18cc WUDFWpdFs - ok 00:48:31.0973 0x18cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys 00:48:31.0991 0x18cc WUDFWpdMtp - ok 00:48:32.0028 0x18cc [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll 00:48:32.0066 0x18cc WwanSvc - ok 00:48:32.0068 0x18cc xhunter1 - ok 00:48:32.0105 0x18cc [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\System32\drivers\xusb21.sys 00:48:32.0119 0x18cc xusb21 - ok 00:48:32.0241 0x18cc [ C4C5C3198C3261BEC89E6C3631047BAF, 78E5604B4B2A184B328C0669781DF11A35AFC04E7375CAB4DB9A48D74929137D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 00:48:32.0328 0x18cc ZeroConfigService - ok 00:48:32.0343 0x18cc ================ Scan global =============================== 00:48:32.0381 0x18cc [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll 00:48:32.0413 0x18cc [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll 00:48:32.0452 0x18cc [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll 00:48:32.0484 0x18cc [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe 00:48:32.0490 0x18cc [ Global ] - ok 00:48:32.0490 0x18cc ================ Scan MBR ================================== 00:48:32.0503 0x18cc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 00:48:32.0565 0x18cc \Device\Harddisk0\DR0 - ok 00:48:32.0566 0x18cc ================ Scan VBR ================================== 00:48:32.0567 0x18cc [ CF0FAC2514279D8B715B6C1A56296FCF ] \Device\Harddisk0\DR0\Partition1 00:48:32.0604 0x18cc \Device\Harddisk0\DR0\Partition1 - ok 00:48:32.0616 0x18cc [ 5540060FC8897DE9A6B17ACD6849F6CD ] \Device\Harddisk0\DR0\Partition2 00:48:32.0663 0x18cc \Device\Harddisk0\DR0\Partition2 - ok 00:48:32.0764 0x18cc [ 54CC4C5925FD26A23D6655B56E9FD50F ] \Device\Harddisk0\DR0\Partition3 00:48:32.0764 0x18cc \Device\Harddisk0\DR0\Partition3 - ok 00:48:32.0787 0x18cc [ 5953D57C17C5A063D9503DAA77A45ECE ] \Device\Harddisk0\DR0\Partition4 00:48:32.0857 0x18cc \Device\Harddisk0\DR0\Partition4 - ok 00:48:32.0880 0x18cc [ F8C180A9E9CE8F56188A1C9CF045E4E4 ] \Device\Harddisk0\DR0\Partition5 00:48:32.0891 0x18cc \Device\Harddisk0\DR0\Partition5 - ok 00:48:32.0912 0x18cc [ 3DB77100A0EFCFF295C9BFCED9D4C622 ] \Device\Harddisk0\DR0\Partition6 00:48:32.0978 0x18cc \Device\Harddisk0\DR0\Partition6 - ok 00:48:32.0979 0x18cc ================ Scan generic autorun ====================== 00:48:33.0301 0x18cc [ 78D93C04E892F50D6264A05F4EBCE150, F24D26CAF44B81725AAE9FE84F24DB848BAA7857C89DC34C2E258617E886EE5B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 00:48:33.0604 0x18cc RTHDVCPL - ok 00:48:33.0658 0x18cc Nvtmru - ok 00:48:33.0688 0x18cc [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe 00:48:33.0749 0x18cc ShadowPlay - ok 00:48:33.0797 0x18cc [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 00:48:33.0845 0x18cc IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:36.0213 0x18cc Detect skipped due to KSN trusted 00:48:36.0213 0x18cc IAStorIcon - ok 00:48:36.0214 0x18cc ETDCtrl - ok 00:48:36.0218 0x18cc BTMTrayAgent - ok 00:48:36.0288 0x18cc [ 815F6E3727453C978FFD721B2BDF48A5, E33A85E8EF80C662C84F705080585B35A899F8E588E8481D48538BA1224B5E57 ] C:\Program Files (x86)\SCM\Radio Manager.exe 00:48:36.0313 0x18cc Radio Manager - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:38.0680 0x18cc Detect skipped due to KSN trusted 00:48:38.0681 0x18cc Radio Manager - ok 00:48:38.0768 0x18cc [ 0123AE1BC462CD5F7321E0249B0379E1, 60BDE9BE24B541576F8C929B32C672E9079535FE63D8FAC9B7AD5A50474A515C ] C:\Program Files (x86)\SCM\SCM.exe 00:48:38.0810 0x18cc SCM - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:41.0176 0x18cc Detect skipped due to KSN trusted 00:48:41.0176 0x18cc SCM - ok 00:48:41.0221 0x18cc [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\RunDLL32.exe 00:48:41.0241 0x18cc MBCfg64 - ok 00:48:41.0330 0x18cc [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 00:48:41.0476 0x18cc NvBackend - ok 00:48:41.0539 0x18cc [ 4BA4EE813C494E70FF381DB39CEE3F39, 8AF9C9F680145FC2B2DC50317F708A27117BB240652E3EF3A728837DC7D5BB7B ] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe 00:48:41.0583 0x18cc Sound Blaster Cinema - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:43.0959 0x18cc Detect skipped due to KSN trusted 00:48:43.0959 0x18cc Sound Blaster Cinema - ok 00:48:44.0004 0x18cc [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE 00:48:44.0069 0x18cc UpdReg - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:46.0439 0x18cc Detect skipped due to KSN trusted 00:48:46.0439 0x18cc UpdReg - ok 00:48:46.0485 0x18cc [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 00:48:47.0217 0x18cc RemoteControl10 - ok 00:48:47.0273 0x18cc [ 7D2A9D5B29A486B55E54AD89B6BFBF23, B5483058BB3255139CBFCB67CA7735197FA6C72BC42F004E51F13C139962E71E ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe 00:48:47.0369 0x18cc BDRegion - ok 00:48:47.0417 0x18cc [ F4EC93E4A239F9A27777ED2416F6353D, 347A542146729682027039A92DF8E52FAE283E0DAAED873A59BA17BD1FF26416 ] C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe 00:48:47.0520 0x18cc SUPER CHARGER - ok 00:48:47.0577 0x18cc [ 324EB08C7610095182D5D399ED1A0EB3, 23F0ECA2C830E2593D4325B60B4FCB1E1DF0601E483D4A2E17AB41EC0908F53C ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE 00:48:47.0718 0x18cc PWRISOVM.EXE - ok 00:48:47.0771 0x18cc [ 53C6C41356D532FEFD8056AB2906D129, C5E54C571FA44AF7FD1974464CC5D5DD30BA0D31ED20CF6B3DBB5A49FC5F0AC7 ] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe 00:48:47.0832 0x18cc Lightshot - ok 00:48:47.0888 0x18cc [ 07A3A88C8E8FD71EAA2B7F39134788DA, 0AAB731BF14B8A96FF6DB84CDD2579C1DFE5E56838EF3D92B03AE738E89A92D1 ] C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe 00:48:47.0993 0x18cc ROCCAT Savu Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:50.0360 0x18cc Detect skipped due to KSN trusted 00:48:50.0360 0x18cc ROCCAT Savu Gaming Mouse - ok 00:48:50.0403 0x18cc [ D0B1DA5382433AFBF52DE8815298EB0C, A326D01783359CCA1054210D82F17533638A9769A7A08C2BD0621DE016909359 ] C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE 00:48:50.0556 0x18cc RoccatIsku - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:52.0924 0x18cc RoccatIsku ( UnsignedFile.Multi.Generic ) - warning 00:48:55.0345 0x18cc YTDownloader - ok 00:48:55.0474 0x18cc [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 00:48:55.0727 0x18cc SunJavaUpdateSched - ok 00:48:55.0780 0x18cc [ C1211F321EC4B74DB5BEF65E85AD7E6B, 1D615402CA66AEA3E3C20C2A48BB1BF5F9ED1FFFD5F824395FB337438C66E0A0 ] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe 00:48:55.0818 0x18cc SteelSeries Engine - detected UnsignedFile.Multi.Generic ( 1 ) 00:48:58.0392 0x18cc Detect skipped due to KSN trusted 00:48:58.0392 0x18cc SteelSeries Engine - ok 00:48:58.0548 0x18cc [ DEB55C327597E42FA14E41F5858F3263, 199300A8E1B0000A82D04CDA2D32C482945AFFE47A037AAA58F89E3EDF059684 ] C:\Program Files\CCleaner\CCleaner64.exe 00:48:59.0286 0x18cc CCleaner Monitoring - ok 00:48:59.0448 0x18cc [ CACBA0704C7A57948B61FA7836B1E133, 3141657246F95353B5043A16F9F0A99CAA26F078D3403A3933E0EB2DA9284186 ] C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe 00:49:00.0593 0x18cc OKAYFREEDOM_Agent - ok 00:49:00.0842 0x18cc [ 91C5DE2A06940F79732E9D78C1B280ED, 9809EF3764B4FDD7C613802AA00758748F18E24C61EC6205B9947AD98BD2A198 ] C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe 00:49:01.0675 0x18cc uTorrent - ok 00:49:01.0757 0x18cc Skype - ok 00:49:01.0759 0x18cc YTDownloader - ok 00:49:01.0913 0x18cc CrashService - ok 00:49:01.0914 0x18cc GoogleChromeAutoLaunch_DF971B6E1C7E4227FED899F7F8727B7B - ok 00:49:02.0067 0x18cc [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] C:\Program Files (x86)\Steam\steam.exe 00:49:02.0489 0x18cc Steam - ok 00:49:02.0494 0x18cc Waiting for KSN requests completion. In queue: 4 00:49:03.0494 0x18cc Waiting for KSN requests completion. In queue: 4 00:49:04.0495 0x18cc Waiting for KSN requests completion. In queue: 4 00:49:05.0530 0x18cc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated ) 00:49:05.0539 0x18cc AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x50010 ( disabled : outofdate ) 00:49:05.0539 0x18cc FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x50010 ( disabled ) 00:49:05.0573 0x18cc Win FW state via NFP2: enabled ( trusted ) 00:49:07.0988 0x18cc ============================================================ 00:49:07.0988 0x18cc Scan finished 00:49:07.0988 0x18cc ============================================================ 00:49:07.0992 0x1e90 Detected object count: 2 00:49:07.0992 0x1e90 Actual detected object count: 2 00:49:36.0733 0x1e90 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - skipped by user 00:49:36.0733 0x1e90 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 00:49:36.0734 0x1e90 RoccatIsku ( UnsignedFile.Multi.Generic ) - skipped by user 00:49:36.0734 0x1e90 RoccatIsku ( UnsignedFile.Multi.Generic ) - User select action: Skip 00:49:41.0905 0x1bbc Deinitialize success |
12.11.2015, 17:16 | #8 |
/// the machine /// TB-Ausbilder | Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nichtSo funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
12.11.2015, 22:40 | #9 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nichtCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 12/11/2015 Suchlaufzeit: 21:17 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.12.04 Rootkit-Datenbank: v2015.11.04.02 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Sonny Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 384975 Abgelaufene Zeit: 14 Min., 9 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 19 PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}, In Quarantäne, [e242dca13a518da9a040122557ab33cd], PUP.Optional.MyBrowser, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}, In Quarantäne, [e242dca13a518da9a040122557ab33cd], PUP.Optional.SuperGreat, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b931a240-e32a-4f2b-97aa-8b01c8e6aa14}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\TYPELIB\{9d34b059-e7dc-43df-bfe5-948a5cb63e60}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\INTERFACE\{69C28999-D17B-4989-BD4F-1A7150D6010F}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.SuperGreat, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{69C28999-D17B-4989-BD4F-1A7150D6010F}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{69C28999-D17B-4989-BD4F-1A7150D6010F}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.SuperGreat, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9d34b059-e7dc-43df-bfe5-948a5cb63e60}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{9d34b059-e7dc-43df-bfe5-948a5cb63e60}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.SuperGreat, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B931A240-E32A-4F2B-97AA-8B01C8E6AA14}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B931A240-E32A-4F2B-97AA-8B01C8E6AA14}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], PUP.Optional.BoBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\crash_service, Löschen bei Neustart, [fa2a3f3ee6a51e1862a9b91ee3204cb4], PUP.Optional.MySearch123, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}, In Quarantäne, [1410a3da7e0d65d1e8eb6c69da29dc24], PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SWSEDRVR_VW_1_10_0_25, In Quarantäne, [6aba631aed9e72c4338e0d7672908b75], PUP.Optional.CrossBrowse, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\CrossBrowser, In Quarantäne, [2ef6a6d7296243f3ed7ee5820003c040], PUP.Optional.MyBrowser, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\MyBrowser 1.0.2V21.10, In Quarantäne, [fe26e29b56353204b09bdfa2c0436c94], PUP.Optional.SearchProtect, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\SearchProtect, In Quarantäne, [de466f0e98f32313db58baeaa0633ec2], PUP.Optional.SuperGreat, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\Super Great, In Quarantäne, [db497b02e8a348ee9d6a95fec1424cb4], PUP.Optional.SpaceSoundPro, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\SPACESOUNDPRO, In Quarantäne, [071d0578f99234023944831c51b2a957], Registrierungswerte: 15 PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.SHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [a87c4637a6e5b28415eafad56b9849b7], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.WEBP\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [69bbafce5b3058de27d9765aa0639e62], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [c262126b642780b6bd45bf11dd26728e], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.XHT\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [5bc99ce10586a096cb36c10fbc47c937], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.SHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [70b4c1bc9dee5dd939c679569172916f], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.WEBP\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [b76d1964800bc670e719b41c956e47b9], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [43e19edfff8c53e352b047899c6704fc], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.XHT\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [13113b42dead2e08be434d8352b127d9], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.SHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [42e2d2ab325994a20ff0c807669df60a], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.WEBP\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [d4504538b9d24ee8b54beae62cd708f8], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [c064f68799f221157e84ca069c67916f], PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.XHT\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [ec388feecdbeab8bcc35a32d8b787c84], PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\swsedrvr_vw_1_10_0_25|ImagePath, system32\drivers\swsedrvr_vw_1_10_0_25.sys, In Quarantäne, [6aba631aed9e72c4338e0d7672908b75] PUP.Optional.MyBrowser, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_DF971B6E1C7E4227FED899F7F8727B7B, "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window, In Quarantäne, [83a1b1cce6a5a294f9230c9850b3d22e] PUP.Optional.SpaceSoundPro, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\SPACESOUNDPRO|mj, 15.10.22.0, In Quarantäne, [071d0578f99234023944831c51b2a957] Registrierungsdaten: 1 PUP.Optional.Trovi, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV=),Ersetzt,[35ef7c014645be7889357cd5f4104eb2] Ordner: 156 PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [a18379042269af87ee16f09414ee11ef], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [a18379042269af87ee16f09414ee11ef], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier, In Quarantäne, [44e0de9f56356acccbcbad1dc53e649c], PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu, In Quarantäne, [988cc4b964279f97499c334f768c06fa], PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common, In Quarantäne, [988cc4b964279f97499c334f768c06fa], PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N, In Quarantäne, [988cc4b964279f97499c334f768c06fa], PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache, In Quarantäne, [988cc4b964279f97499c334f768c06fa], PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\DesktopToolMini_global, In Quarantäne, [988cc4b964279f97499c334f768c06fa], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\InstallHelper, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\nslA483.tmp, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\ScreenSnapshot, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\uninstall_temp_197458421, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\features, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\fonts, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\it, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ar, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\bg, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\bn, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ca, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\cs, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\da, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\de, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\el, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\en_GB, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\en_US, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\es, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\es_419, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\et, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fa, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fi, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fil, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fr, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\he, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hi, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hr, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hu, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\id, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ja, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ko, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\lt, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\lv, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ms, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\nb, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\nl, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pl, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pt_BR, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pt_PT, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ro, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ru, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sk, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sl, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sr, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sv, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ta, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\te, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\th, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\tr, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\uk, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\vi, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\zh_CN, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\zh_TW, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_metadata, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_metadata, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], Dateien: 334 PUP.Optional.Amonetize, C:\Users\Sonny\AppData\Local\Temp\amisetup1780__15940.exe, In Quarantäne, [0a1ae19c7c0f40f6b13592d92ed38080], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [a18379042269af87ee16f09414ee11ef], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [a18379042269af87ee16f09414ee11ef], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [a18379042269af87ee16f09414ee11ef], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [a18379042269af87ee16f09414ee11ef], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, In Quarantäne, [da4a295474170432d895d8b338ca3ac6], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, In Quarantäne, [042015681477df57d4993358966cb64a], PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\notifier.exe.log, In Quarantäne, [44e0de9f56356acccbcbad1dc53e649c], PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\feeds.dat, In Quarantäne, [44e0de9f56356acccbcbad1dc53e649c], PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\log.txt, In Quarantäne, [44e0de9f56356acccbcbad1dc53e649c], PUP.Optional.BoBrowser, C:\Windows\System32\Tasks\crash_service, In Quarantäne, [d054aecf7d0e86b01fe84790649fc63a], PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\conf.db, In Quarantäne, [988cc4b964279f97499c334f768c06fa], PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\DesktopToolMini_global\6864513656267629, In Quarantäne, [988cc4b964279f97499c334f768c06fa], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\conf.db, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\ScreenSnapshot\2184535656267636, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\uninstall_temp_197458421\8160280856267705, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\manifest.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\background.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\block.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\block.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\firstRun.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\firstRun.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\i18n.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\iconAnimation.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\include.postload.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\include.preload.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\notification.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\notification.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\options.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\options.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\popup.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\popup.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\popupBlocker.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\stats.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\subscriptions.xml, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\utils.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\webrequest.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext\background.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext\common.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext\content.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext\popup.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-128.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-16.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-32.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-48.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\jquery-ui-1.8.16.custom.css, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_flat_0_aaaaaa_40x100.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_flat_75_ffffff_40x100.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_55_fbf9ee_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_65_ffffff_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_dadada_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_e6e6e6_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_95_fef1ec_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_highlight-soft_75_cccccc_1x100.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_222222_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_2e83ff_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_454545_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_888888_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_cd0a0a_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\js\jquery-1.7.1.min.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\js\jquery-ui-1.8.16.custom.min.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\adblockplus.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\basedomain.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\compat.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\info.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\io.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\jsbn.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\publicSuffixList.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\punycode.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\rsa.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\sha1.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\abp-icon-big.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\ajax-loader.gif, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\background-main.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\background-share.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\background.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\donate.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\firstRun.css, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\popup.css, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\popup.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\features\malware.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\features\social.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\features\tracking.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\fonts\CreteRound-Italic.otf, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\fonts\CreteRound-Regular.otf, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\facebook.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\googleplus.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\renren.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\twitter.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\weibo.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\it\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ar\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\bg\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\bn\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ca\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\cs\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\da\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\de\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\el\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\en_GB\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\en_US\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\es\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\es_419\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\et\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fa\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fi\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fil\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fr\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\he\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hi\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hr\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hu\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\id\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ja\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ko\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\lt\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\lv\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ms\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\nb\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\nl\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pl\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pt_BR\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pt_PT\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ro\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ru\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sk\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sl\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sr\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sv\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ta\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\te\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\th\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\tr\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\uk\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\vi\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\zh_CN\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\zh_TW\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_metadata\verified_contents.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\manifest.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\craw_background.js, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\craw_window.js, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css\craw_window.css, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html\craw_window.html, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\flapper.gif, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\icon_128.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\icon_16.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_close.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_hover.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_maximize.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_pressed.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_metadata\verified_contents.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], PUP.Optional.Trovi, C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215");), Ersetzt,[f72d413cb3d86bcb6308b2c4808447b9] PUP.Optional.Trovi, C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "Trovi");), Ersetzt,[d54f9be2a4e7aa8c1954acca976d9070] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
12.11.2015, 22:42 | #10 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht Junkware removal tool. Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.4 (09.28.2015:1) OS: Windows 8.1 x64 Ran by Sonny on 12/11/2015 at 23:06:24.72 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully deleted: [Service] lptsystemupdater [Reboot required] ~~~ Tasks ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update sizlsearch ~~~ Files Successfully deleted: [File] C:\Users\Sonny\AppData\Roaming\appdataFr2.bin Successfully deleted: [File] C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat ~~~ Folders Successfully deleted: [Folder] C:\Program Files\005 Successfully deleted: [Folder] C:\Users\Sonny\Appdata\Local\crashrpt Successfully deleted: [Folder] C:\Users\Sonny\Appdata\Local\installer Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin ~~~ FireFox Successfully deleted the following from C:\Users\Sonny\AppData\Roaming\mozilla\firefox\profiles\v0ofh5r4.default-1431427622023\prefs.js user_pref(browser.search.searchengine.alias, mystartsearch); user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine); user_pref(browser.search.searchengine.iconURL, hxxp://www.mystartsearch.com/favicon.ico); user_pref(browser.search.searchengine.name, mystartsearch); user_pref(browser.search.searchengine.ptid, ima); user_pref(browser.search.searchengine.uid, HGSTXHTS721010A9E630_JR10006PH901YEH901YEX); user_pref(browser.search.searchengine.url, hxxp://www.mystartsearch.com/web/?type=ds&ts=1445508415&z=57335279eac5483c7a31a39g1zbzbw1w1e0bcg6qew&from=ima&uid=HGSTXHTS721010A user_pref(browser.search.selectedEngine, Trovi); Emptied folder: C:\Users\Sonny\AppData\Roaming\mozilla\firefox\profiles\v0ofh5r4.default-1431427622023\minidumps [2 files] ~~~ Chrome [C:\Users\Sonny\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Sonny\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Sonny\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Sonny\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 12/11/2015 at 23:09:26.03 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Geändert von stefan nur (12.11.2015 um 23:15 Uhr) |
12.11.2015, 23:05 | #11 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht ... adwcleaner.txt Code:
ATTFilter # AdwCleaner v5.019 - Bericht erstellt am 12/11/2015 um 22:57:58 # Aktualisiert am 08/11/2015 von Xplode # Datenbank : 2015-11-09.1 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : Sonny - MSI_SAMDAR # Gestartet von : C:\Users\Sonny\Downloads\AdwCleaner_5.019.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** [-] Dienst Gelöscht : globalUpdate [-] Dienst Gelöscht : globalUpdatem ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate [-] Ordner Gelöscht : C:\Program Files (x86)\Uniblue [-] Ordner Gelöscht : C:\Program Files (x86)\FLV Player [-] Ordner Gelöscht : C:\Program Files (x86)\Fast-Search [-] Ordner Gelöscht : C:\Program Files (x86)\00000000-1445361232-0000-0000-448A5B44E892 [-] Ordner Gelöscht : C:\ProgramData\Uniblue [-] Ordner Gelöscht : C:\ProgramData\YoutubeAdBlocke [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player [-] Ordner Gelöscht : C:\Users\Sonny\AppData\Local\globalUpdate [-] Ordner Gelöscht : C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk [-] Ordner Gelöscht : C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk [-] Ordner Gelöscht : C:\Users\Sonny\AppData\Roaming\Uniblue ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\Public\Desktop\driverscanner.lnk [-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk [-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\8iq92rbq.default\user.js [-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\8iq92rbq.default\user.js [-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\user.js [-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\user.js ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** [-] Aufgabenplanung Gelöscht : driverscanner [-] Aufgabenplanung Gelöscht : dsmonitor [-] Aufgabenplanung Gelöscht : update-sys [-] Aufgabenplanung Gelöscht : crash_service [-] Aufgabenplanung Gelöscht : update-S-1-5-21-2802146430-1798650074-2620433185-1002 [-] Aufgabenplanung Gelöscht : update-sys [-] Aufgabenplanung Gelöscht : update-S-1-5-21-2802146430-1798650074-2620433185-1002 [-] Aufgabenplanung Gelöscht : update-sys ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 [-] Wert Gelöscht : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader] [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FLVPlayer.exe [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5} [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D} [-] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [CrashService] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro [-] Schlüssel Gelöscht : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Super Great [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} [-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} [-] Schlüssel Gelöscht : HKCU\Software\GlobalUpdate [-] Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\Tutorials [-] Schlüssel Gelöscht : HKCU\Software\DownLite [-] Schlüssel Gelöscht : HKCU\Software\DAILYPCCLEAN [-] Schlüssel Gelöscht : HKCU\Software\WEBAPP [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartWeb [-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate [-] Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue [!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Uniblue\DriverScanner [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Clara [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Fast-Search [-] Schlüssel Gelöscht : HKLM\SOFTWARE\SVH [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ShopperPro [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 ***** [ Internetbrowser ] ***** [-] [C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPE608CD9F-69FF-4B1[...] [-] [C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false); [-] [C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : istart.webssearches.com [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : webssearches [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : websearch [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : trovi.search [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mystartsearch [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Gelöscht : hxxp://www.mystartsearch.com/webfavicon.ico [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=58&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&q={searchTerms}&SSPV= [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb [-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV= ************************* :: "Tracing" Schlüssel gelöscht :: Winsock Einstellungen zurückgesetzt ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [14465 Bytes] ########## Geändert von stefan nur (12.11.2015 um 23:04 Uhr) |
14.11.2015, 12:07 | #12 |
/// the machine /// TB-Ausbilder | Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nichtESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
14.11.2015, 18:12 | #13 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nichtCode:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=3de482ec8996d1449ddfc37597c88783 # end=init # utc_time=2015-11-14 12:55:48 # local_time=2015-11-14 01:55:48 (+0100, Mitteleuropäische Zeit) # country="United Kingdom" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 26722 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=3de482ec8996d1449ddfc37597c88783 # end=updated # utc_time=2015-11-14 12:59:33 # local_time=2015-11-14 01:59:33 (+0100, Mitteleuropäische Zeit) # country="United Kingdom" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=3de482ec8996d1449ddfc37597c88783 # engine=26722 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-11-14 03:53:48 # local_time=2015-11-14 04:53:48 (+0100, Mitteleuropäische Zeit) # country="United Kingdom" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Norton Internet Security' # compatibility_mode=3597 16777213 100 100 34239439 210113013 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 13664 11305998 0 0 # scanned=363265 # found=83 # cleaned=0 # scan_time=10454 sh=0FB724865515624082A38FAD53CBE4BEDAA1735A ft=1 fh=f938c8f81da27d54 vn="Variante von Win32/Adware.ConvertAd.ABW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\00000000-1445361232-0000-0000-448A5B44E892\rnsc657B.exe.vir" sh=15ED5B6C5946E85E7A5C77F4A7689E4E76CCBAFB ft=1 fh=c71c0011fe889422 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir" sh=8FF07C7F0E7320A1EB53CADD4D30D3154FF33BBA ft=1 fh=f622fe8cae001c0b vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir" sh=12EBF6FC8AD543662053CA101C2D5DA175137EB2 ft=1 fh=c71c00119e5c1a87 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir" sh=8F0ABE23DDA3F9DC04497B1A4F455AF8CE9D45B8 ft=1 fh=787e176d56997de7 vn="Win64/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir" sh=55B49E6175EC153F5F6D595F7E36CF04D61C70AC ft=1 fh=c71c0011122aac36 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir" sh=E9BEAFD5EF09360852ECDCC4312188064742E51A ft=1 fh=c71c0011421e8e27 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir" sh=504FB0C9D4BCDB5A26A80F08F92D5E4169243B15 ft=1 fh=c7900a4dec9db414 vn="Variante von Win32/Adware.ConvertAd.ABO Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nsdB5CE.tmp" sh=ADB6ABC5CBECE859182B5032DEA175A7F76EF379 ft=1 fh=134fcde36fa89f8c vn="Variante von Win32/Adware.ConvertAd.ACB.gen Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nsp3F6B.tmp" sh=E74A8D49B9214920A7ADC978C2D4EAC1F1460B74 ft=1 fh=04f15592e21ed83f vn="Variante von Win32/Adware.ConvertAd.ACB.gen Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nspF2B6.tmp" sh=A901074F923EFA09A7E4413D55EF30C8FCBD0322 ft=1 fh=eb841dc825cb1c22 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\DMR\dmr_72.exe" sh=87BAC9D18750AF6FDAF013CE5325914979C5A72A ft=1 fh=4d6154421bc357fe vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\4F9ABF7C_stp\CreateShortcut.dll" sh=A5BE0C1A6877CFECACE44C10F7A77AE1925F9292 ft=1 fh=5b8d6bde69b054c1 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\6BD96D0D_stp\TaskScheduler.dll" sh=23DFE11C19F1C88DFCC9AA0D46FFB2013402C5F7 ft=1 fh=c71c0011fa91fe3e vn="Variante von Win32/Toolbar.CrossRider.CM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\cezgufrd.dll" sh=ADED330884B86CFD119BEB03A5414C940C09AB87 ft=1 fh=30672d4887200e79 vn="Variante von Win32/Toolbar.CrossRider.BW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\phodw.dll" sh=FA14CDEDC3BCBCB1C8B8487D47BE1E628A930503 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\102.js" sh=937BEB5AC1F53E7FF1E3EB0BCA48BA7AF2D3664F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\104.js" sh=F4868E75E21D37FCBC9A5871B6B120EB3E4600DF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\14.js" sh=C10E64DC01896B43B0C89F53376D4164453BC74E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\178.js" sh=9CB942D538CEA821683BC9D832014E8EC5FDE2EC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\179.js" sh=80C90D030EA66EA5346FBF5214670595E3375CAD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\180.js" sh=0987FB3F0C956A9578B1C3D050189BB99A017FC2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\184.js" sh=4BCC541E7A14BF89B1633A1BC794E6848B831E80 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\200.js" sh=4A456E8397DFF5CBB4FF25D8B9710C41A42AFCC3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\223.js" sh=877349BAD187BE3A07174EA0A6F16A375474C639 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\231.js" sh=776290247C80F20D24E4BA8F99F13F2D5578ECC8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\232.js" sh=F3C19FB08E08EEDA6008DFA8175DEDEA51DE1BFA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\234.js" sh=69F3441DAAA26144ABB42DB33386C549E9F2231D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\242.js" sh=BEB05642C41381F387B0C8BE3BD0E336A89DB84E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\246.js" sh=2DE5AADF0BB2BF572B147C4E8F62CAAF44C60A75 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\252.js" sh=3CA5653E6B858F15992AC689F06C8456A94B0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\253.js" sh=C7574CAC8611C5FBBE4AE2127C4CA0E2FB58DB69 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\273.js" sh=18A20E25B540EE4327ACC0859A5778B050529B53 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\277.js" sh=5443843013D026E8A114EDEC837671DAC84F4AEA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\281.js" sh=397EC598B400D3A2111C9C0EEA7D85464774BBD7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\288.js" sh=7A0B43CC3BD069AE9B149EB8F4BEEB6F097837DB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\300.js" sh=35E8D6275113D6714473490A116CF414F6AA6368 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\311.js" sh=097FE11FE5038AF11A89B1B2A63F79B9EACE86FF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\334.js" sh=F830C45582EA30AA81037DD511D6657BAC6D3470 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\335.js" sh=DAFE26CC2D17C59CC7CA0B0563A50C6215781167 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\339.js" sh=B6C5BA5027BB472F2E638D3ADBCDB4E46DA77D1B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\348.js" sh=8431E5A1EAC103CC3A0097EEAFF1B8D06FF39B52 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\357.js" sh=40C8C98FF8B403FE50791CF29F02FBA28068FD89 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\376.js" sh=81A6DC2B3E4EB2A7B58E592A3E86C0C858936E87 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\380.js" sh=46785AF9F3FDFD7BA7E68C918CA9B2BFD5FE81CE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\385.js" sh=8C03AF269B9B3748482016ABD7F8FDF2BE562177 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\390.js" sh=B11A64AE212C15C25C435BCE4C67235DDECCE883 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\391.js" sh=E2C88897AD00452927EC05929A1505DACAEEFB1E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\419.js" sh=08A2BB08725C99F79A889C6C7CB9C7DD6306E0B6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\424.js" sh=A12014C968F464836DC0C10A70D977673DFA088E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\91.js" sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf" sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\8k4zjaU" sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn" sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK" sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl" sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt" sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk" sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\ZkvbwFI" sh=DA9ED783137B5968971C4AC1422C76B3D628B766 ft=1 fh=73057acc53c29ac1 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe" sh=9958550255192FCC3D111CCA213A8507F3A43CE3 ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Users\Sonny\Desktop\Alte Firefox-Daten\8iq92rbq.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi" sh=8814F35440264553A63A592D0A1EBF4E748D0872 ft=1 fh=744e3c8b419054c5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\7 Zip 32 Bit - CHIP-Installer.exe" sh=5C6983B3FDBCAA45979A3039C607995D3F813B87 ft=1 fh=d17e411445ba40bb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Bandicam - CHIP-Installer.exe" sh=5A4C21A65B60E407D37E65352FAA14595FCA101F ft=1 fh=4bef93f6f5cd2036 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Blockify - CHIP-Installer.exe" sh=24F1CC17A326945BF071DEBF02F5809521467143 ft=0 fh=0000000000000000 vn="Variante von MSIL/FakeTool.HM Trojaner" ac=I fn="C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55 (1).zip" sh=24F1CC17A326945BF071DEBF02F5809521467143 ft=0 fh=0000000000000000 vn="Variante von MSIL/FakeTool.HM Trojaner" ac=I fn="C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55.zip" sh=D58E7BC59198CC94FA5EEED01049BC621A6F99E4 ft=1 fh=bd207fa3779f8737 vn="Variante von Win32/UniBlue.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\driverscanner.exe" sh=0E59E06CF166E8BD89FC06277E65886535BA0E22 ft=1 fh=f857231acfe66eb4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe" sh=625857BDC4DA7A5BEE999E8BE7F31E2112ABBB1B ft=1 fh=d7c13d122a1f6894 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\MotioninJoy - CHIP-Installer.exe" sh=C31288AD07B76AA2CA302A370F2E2BDB7A165681 ft=1 fh=a62e094c232442d1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Resource Hacker - CHIP-Installer.exe" sh=5C48204CD61F937B64A3916562208A9A6D13A9EC ft=0 fh=0000000000000000 vn="Variante von Java/Adwind.MH Trojaner" ac=I fn="C:\Users\Sonny\Downloads\RSBot-6058.jar" sh=5E05411F34C4E6119EEC9C0E171878B7578D72B2 ft=1 fh=e54bda30b9910101 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe" sh=6D4453EA888CC15EB784D5A68341C525FC26F371 ft=1 fh=fd51312158fb6b8d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Skype - CHIP-Installer.exe" sh=3396C41A9B092704643AF4BA75BE5D809A720881 ft=1 fh=606cbf97e4e75157 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\SoftEther VPN Client - CHIP-Installer.exe" sh=186BF6B94203009484FA4C2E9D2E52764FE39103 ft=1 fh=906f839edd58b535 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\TeamViewer - CHIP-Installer.exe" sh=F69B708BAA723F00058FCBEB95AD7ED451AB3597 ft=1 fh=51dc34a13973cf56 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\uTorrent (1).exe" sh=F69B708BAA723F00058FCBEB95AD7ED451AB3597 ft=1 fh=51dc34a13973cf56 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\uTorrent.exe" sh=DA9ED783137B5968971C4AC1422C76B3D628B766 ft=1 fh=73057acc53c29ac1 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\uTorrent891.exe" sh=BE0775BD8EF12BA7872F98E06B6B16180ED766F8 ft=1 fh=29d678da2f41f286 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Virtual Audio Cable - CHIP-Installer.exe" sh=EDD453DF5B8E668297451AA81C5E060D807AC594 ft=0 fh=0000000000000000 vn="Variante von MSIL/FakeTool.HM Trojaner" ac=I fn="C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55\Darkorbit Hack v2.55.zip" sh=EDD453DF5B8E668297451AA81C5E060D807AC594 ft=0 fh=0000000000000000 vn="Variante von MSIL/FakeTool.HM Trojaner" ac=I fn="C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55 (1)\Darkorbit Hack v2.55.zip" sh=95B785C6D5465575F2B951FC5E31890B84D1FAA9 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\a3ed4.msi" sh=504FB0C9D4BCDB5A26A80F08F92D5E4169243B15 ft=1 fh=c7900a4dec9db414 vn="Variante von Win32/Adware.ConvertAd.ABO Anwendung" ac=I fn="C:\Windows\Temp\6FDD.tmp" sh=504FB0C9D4BCDB5A26A80F08F92D5E4169243B15 ft=1 fh=c7900a4dec9db414 vn="Variante von Win32/Adware.ConvertAd.ABO Anwendung" ac=I fn="C:\Windows\Temp\FF9.tmp" Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender Norton Internet Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 65 Java version 32-bit out of Date! Adobe Flash Player 19.0.0.245 Mozilla Firefox (41.0.2) Google Chrome (46.0.2490.80) Google Chrome (46.0.2490.86) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe Windows Defender MpCmdRun.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 durchgeführt von Sonny (Administrator) auf MSI_SAMDAR (14-11-2015 18:11:05) Gestartet von C:\Users\Sonny\Downloads Geladene Profile: Sonny (Verfügbare Profile: Sonny) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (BitTorrent Inc.) C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.6_41350\utorrentie.exe (BitTorrent Inc.) C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.6_41350\utorrentie.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.3\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.43\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.169\deploy\LolClient.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (NVIDIA Corporation) C:\Users\Sonny\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Farbar) C:\Users\Sonny\Downloads\FRST64(1).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-23] (Realtek Semiconductor) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2014-04-23] (ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI) HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink) HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH) HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [249856 2014-01-23] (SteelSeries ApS) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [4946856 2014-10-16] (Steganos Software GmbH) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [uTorrent] => C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe [1888792 2015-11-13] (BitTorrent Inc.) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\MountPoints2: {f40e9899-2c5b-11e4-8272-a08869908039} - "F:\windows\Data\setup.exe" ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-11-12] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-12] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Beschränkung - Chrome <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyEnable: [.DEFAULT] => Proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:53289;https=127.0.0.1:53289 Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{067846F7-8DB6-4D95-A851-BECD63790717}: [DhcpNameServer] 10.11.0.1 Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [NameServer] 8.8.4.4,8.8.8.8 Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{8B10DFEE-2A45-471C-B680-0146B9966FB7}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660324794&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660331387&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660370656&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002 -> {72A48C13-DCBC-4156-9710-EED96895E310} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation) Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023 FF Homepage: hxxps://www.google.de/?gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin HKU\S-1-5-21-2802146430-1798650074-2620433185-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sonny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Extension: Adblock Plus - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-10-09] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon => nicht gefunden StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.de/?gws_rd=ssl" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei CHR Plugin: (Java(TM) Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll => Keine Datei CHR Profile: C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-02] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-26] (CyberLink) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2014-04-23] (ELAN Microelectronics Corp.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-23] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert] R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] () R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [321976 2014-10-16] (Steganos Software GmbH) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation) S3 iumsvc; "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.) R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [63488 2014-04-27] (Microsoft Corporation) [Datei ist nicht signiert] R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.) S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation) R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation) S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-05-22] () S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-04-23] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140909.001\IDSvia64.sys [633560 2014-09-06] (Symantec Corporation) S3 ipadtst; C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys [20464 2013-11-12] (Windows (R) Win 7 DDK provider) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-14] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert] S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\ENG64.SYS [129752 2014-08-21] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\EX64.SYS [2137304 2014-08-21] (Symantec Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-26] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-04-23] (Realsil Semiconductor Corporation) S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation) S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation) R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-13] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert] S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] () S3 HSPADataCardusbmdm; \SystemRoot\system32\DRIVERS\HSPADataCardusbmdm.sys [X] S3 HSPADataCardusbnmea; \SystemRoot\system32\DRIVERS\HSPADataCardusbnmea.sys [X] S3 HSPADataCardusbser; \SystemRoot\system32\DRIVERS\HSPADataCardusbser.sys [X] S3 massfilter; \SystemRoot\System32\drivers\massfilter.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-14 18:10 - 2015-11-14 18:10 - 02198528 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64(1).exe 2015-11-14 18:06 - 2015-11-14 18:06 - 00852720 _____ C:\Users\Sonny\Downloads\SecurityCheck.exe 2015-11-14 13:54 - 2015-11-14 13:54 - 02870984 _____ (ESET) C:\Users\Sonny\Downloads\esetsmartinstaller_deu.exe 2015-11-14 02:18 - 2015-11-14 02:18 - 00002196 _____ C:\Users\Sonny\Desktop\ShellExView - CHIP Downloader.lnk 2015-11-14 02:17 - 2015-11-14 02:17 - 00164744 _____ C:\Users\Sonny\Downloads\sview97.zip 2015-11-14 02:16 - 2015-11-14 02:16 - 01466656 _____ C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe 2015-11-14 01:37 - 2015-11-14 01:37 - 00000000 ____D C:\Windows\LastGood.Tmp 2015-11-13 21:30 - 2015-11-09 14:22 - 27330800 _____ C:\Users\Sonny\Desktop\GameIntro_V3_B.bk2 2015-11-13 10:31 - 2015-11-14 13:30 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\uTorrent 2015-11-13 08:30 - 2015-11-13 08:31 - 00000000 ____D C:\Users\Sonny\AppData\Local\Fallout4 2015-11-13 08:30 - 2015-11-13 08:30 - 00000691 _____ C:\Users\Sonny\Desktop\Fallout 4.lnk 2015-11-13 08:30 - 2015-11-13 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4 2015-11-13 07:59 - 2015-11-13 07:59 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\PowerISO 2015-11-13 01:55 - 2015-11-13 02:12 - 00000000 ____D C:\Users\Sonny\Downloads\Fallout.4-CODEX 2015-11-12 23:09 - 2015-11-12 23:09 - 00002853 _____ C:\Users\Sonny\Desktop\JRT.txt 2015-11-12 23:05 - 2015-11-12 23:05 - 01798976 _____ (Malwarebytes) C:\Users\Sonny\Downloads\JRT.exe 2015-11-12 23:05 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Sonny\Desktop\JRT.exe 2015-11-12 22:59 - 2015-11-14 01:39 - 00198858 _____ C:\Windows\PFRO.log 2015-11-12 22:52 - 2015-11-12 22:52 - 01712128 _____ C:\Users\Sonny\Downloads\AdwCleaner_5.019.exe 2015-11-12 22:38 - 2015-11-12 22:38 - 00115551 _____ C:\mbam.txt 2015-11-12 00:46 - 2015-11-12 00:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Sonny\Downloads\tdsskiller.exe 2015-11-11 19:40 - 2015-11-12 22:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-11-11 19:38 - 2015-11-11 19:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sonny\Downloads\mbar-1.09.3.1001(1).exe 2015-11-11 19:37 - 2015-11-11 21:11 - 00000000 ____D C:\Users\Sonny\Desktop\mbar 2015-11-11 19:37 - 2015-11-11 19:37 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sonny\Downloads\mbar-1.09.3.1001.exe 2015-11-11 19:34 - 2015-11-11 19:34 - 00000000 ____D C:\ProgramData\SplitMediaLabs 2015-11-11 19:26 - 2015-11-12 21:33 - 00001294 _____ C:\Users\Sonny\Desktop\Revo Uninstaller.lnk 2015-11-11 19:26 - 2015-11-11 19:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sonny\Downloads\revosetup95.exe 2015-11-11 19:26 - 2015-11-11 19:26 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-11-11 19:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 19:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 19:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 19:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 19:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 19:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 19:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 19:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 19:03 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-11-11 19:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 19:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 19:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 19:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 19:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 19:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 19:03 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-11-11 19:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 19:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 19:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 19:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 19:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 19:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 19:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-11 19:03 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2015-11-11 19:03 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2015-11-11 18:05 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 18:05 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 18:05 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 18:05 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 18:05 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-11-11 18:05 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 18:05 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 18:05 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 18:05 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-11 18:05 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-11 18:05 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-11 18:05 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-11 18:05 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 18:05 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 18:05 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-11 18:05 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 18:05 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-11-11 18:05 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-11-11 18:05 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-11-11 18:05 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-11-11 18:05 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 18:05 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 18:05 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2015-11-11 18:05 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 18:05 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 18:05 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 18:05 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 18:05 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-11-11 18:05 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 18:05 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 18:05 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-11-11 18:05 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-11 18:05 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-11-11 18:05 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2015-11-11 18:05 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml 2015-11-11 18:05 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-11-11 18:05 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-11-11 18:05 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-11-11 18:05 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-11-11 18:05 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-11-11 18:05 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-11-11 18:05 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-11-11 18:05 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-11-11 18:05 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-11-11 18:05 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-11-11 18:05 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2015-11-11 18:05 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-11-11 18:05 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-11-11 16:28 - 2015-11-11 16:28 - 07681728 _____ (Uniblue Systems Ltd ) C:\Users\Sonny\Downloads\driverscanner.exe 2015-11-10 18:46 - 2015-11-10 18:46 - 00070929 _____ C:\Users\Sonny\Downloads\Addition.txt 2015-11-10 18:44 - 2015-11-14 18:11 - 00030564 _____ C:\Users\Sonny\Downloads\FRST.txt 2015-11-10 18:44 - 2015-11-14 18:11 - 00000000 ____D C:\FRST 2015-11-10 18:44 - 2015-11-10 18:44 - 02198528 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe 2015-11-10 18:43 - 2015-11-10 18:43 - 01702400 _____ (Farbar) C:\Users\Sonny\Downloads\FRST.exe 2015-11-06 11:22 - 2015-11-06 11:22 - 17679448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-11-06 11:21 - 2015-11-06 11:21 - 15191992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-11-06 11:20 - 2015-11-06 11:20 - 30503056 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-11-06 11:20 - 2015-11-06 11:20 - 16170920 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-11-06 11:20 - 2015-11-06 11:20 - 13284848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 22963344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 11105936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-11-06 11:19 - 2015-11-06 11:19 - 01070920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 00416912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 00372880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 00185816 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 00164008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 01566352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435435.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 01082000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 01004360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 00512136 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 00416352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 15928728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 12910488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 11853464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 02961224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 02627728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 01907016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435435.dll 2015-11-06 11:15 - 2015-11-06 11:15 - 42740368 _____ C:\Windows\system32\nvcompiler.dll 2015-11-06 11:15 - 2015-11-06 11:15 - 37758280 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-11-06 11:12 - 2015-11-06 11:12 - 14523248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-11-06 11:12 - 2015-11-06 11:12 - 00992400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-11-03 22:22 - 2015-11-03 22:22 - 00061440 _____ (Gary's Hood) C:\Users\Sonny\Downloads\rsclient.exe 2015-11-03 14:35 - 2015-11-03 14:35 - 00017533 _____ C:\Windows\DirectX.log 2015-11-03 13:28 - 2015-11-03 13:28 - 00000219 _____ C:\Users\Sonny\Desktop\Counter-Strike Global Offensive.url 2015-10-28 15:29 - 2015-10-28 15:29 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Tera_Awesomium 2015-10-27 16:14 - 2015-11-14 17:22 - 00000000 ____D C:\Program Files (x86)\Steam 2015-10-27 16:14 - 2015-11-12 21:34 - 00000983 _____ C:\Users\Public\Desktop\Steam.lnk 2015-10-27 16:14 - 2015-10-27 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup.exe 2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup (1).exe 2015-10-27 14:06 - 2015-10-27 14:08 - 00000000 ____D C:\Users\Sonny\Desktop\dead realMUH 2015-10-27 13:34 - 2015-10-27 13:34 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\Section Studios_ Inc_ 2015-10-27 13:30 - 2015-10-27 13:31 - 734982235 _____ C:\Users\Sonny\Downloads\[www.mpc-g.com]DdRlm144.7z 2015-10-24 18:37 - 2015-10-24 18:37 - 00584288 _____ (Oracle Corporation) C:\Users\Sonny\Downloads\jxpiinstall(1).exe 2015-10-23 20:43 - 2015-11-12 21:33 - 00002060 _____ C:\Users\Sonny\Desktop\RuneScape.lnk 2015-10-23 20:43 - 2015-10-23 20:43 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape 2015-10-23 20:39 - 2015-10-23 20:42 - 24219648 _____ C:\Users\Sonny\Downloads\RuneScape (1).msi 2015-10-23 17:55 - 2015-11-14 13:00 - 00004408 _____ C:\Windows\setupact.log 2015-10-23 17:55 - 2015-10-23 17:55 - 00000000 _____ C:\Windows\setuperr.log 2015-10-23 17:22 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-10-23 17:22 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-10-22 17:51 - 2015-11-14 17:17 - 01506840 _____ C:\Windows\WindowsUpdate.log 2015-10-22 11:15 - 2015-10-22 11:15 - 00000000 ____D C:\Users\Sonny\AppData\Local\ESET 2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_.exe 2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_ (1).exe 2015-10-22 11:07 - 2015-10-22 11:07 - 00000000 ____D C:\Program Files (x86)\3ae6c0d0-b937-4081-9be9-f3f58501fc8e 2015-10-21 20:42 - 2015-10-21 20:42 - 01852453 _____ C:\Users\Sonny\AppData\Local\curl.zip 2015-10-21 20:42 - 2015-10-21 20:42 - 00000002 _____ C:\Users\Sonny\AppData\Local\OczLpK.vbs 2015-10-21 20:42 - 2015-10-21 20:42 - 00000000 ____D C:\Users\Sonny\AppData\Local\{FE4CCBE7-EA6F-42D8-88A8-35B174533055} 2015-10-21 18:57 - 2015-11-14 12:59 - 00001008 _____ C:\Windows\Tasks\8k4zjaU.job 2015-10-21 18:57 - 2015-10-21 18:57 - 00004020 _____ C:\Windows\System32\Tasks\8k4zjaU 2015-10-21 18:56 - 2015-11-14 12:59 - 00001042 _____ C:\Windows\Tasks\yR3gyuB665QVn2tdcFm0JVBk.job 2015-10-21 18:56 - 2015-10-21 18:57 - 00004054 _____ C:\Windows\System32\Tasks\yR3gyuB665QVn2tdcFm0JVBk 2015-10-20 19:31 - 2015-11-12 21:33 - 00002226 _____ C:\Users\Sonny\Desktop\chrome.lnk 2015-10-20 19:26 - 2015-11-14 14:46 - 00001048 _____ C:\Windows\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl.job 2015-10-20 19:26 - 2015-11-14 12:59 - 00001030 _____ C:\Windows\Tasks\3c2jDM05M6ay9rgGcf.job 2015-10-20 19:26 - 2015-10-20 19:26 - 00004058 _____ C:\Windows\System32\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl 2015-10-20 19:26 - 2015-10-20 19:26 - 00004042 _____ C:\Windows\System32\Tasks\3c2jDM05M6ay9rgGcf 2015-10-20 19:23 - 2015-10-20 19:23 - 00003910 _____ C:\Windows\System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 2015-10-20 19:01 - 2015-11-14 14:35 - 00001018 _____ C:\Windows\Tasks\nAuWsaaA3Qnn.job 2015-10-20 19:01 - 2015-11-14 12:59 - 00001008 _____ C:\Windows\Tasks\ZkvbwFI.job 2015-10-20 19:01 - 2015-10-20 19:01 - 00004028 _____ C:\Windows\System32\Tasks\nAuWsaaA3Qnn 2015-10-20 19:01 - 2015-10-20 19:01 - 00004020 _____ C:\Windows\System32\Tasks\ZkvbwFI 2015-10-20 19:00 - 2015-11-14 12:59 - 00001024 _____ C:\Windows\Tasks\PciD5z2oV9Hq4LK.job 2015-10-20 19:00 - 2015-11-14 12:59 - 00001020 _____ C:\Windows\Tasks\tYyezAYRvk8jt.job 2015-10-20 19:00 - 2015-10-20 19:00 - 00004036 _____ C:\Windows\System32\Tasks\PciD5z2oV9Hq4LK 2015-10-20 19:00 - 2015-10-20 19:00 - 00004032 _____ C:\Windows\System32\Tasks\tYyezAYRvk8jt 2015-10-20 18:58 - 2015-10-22 11:56 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-10-20 18:58 - 2015-10-21 18:01 - 00000000 ____D C:\Program Files (x86)\3ff07109-e80a-45be-86af-4c8a97c65880 2015-10-20 18:23 - 2015-10-20 18:23 - 00003306 _____ C:\Windows\System32\Tasks\{62C4727E-EE8B-4CC4-ACF4-42684399E681} 2015-10-20 18:14 - 2015-09-06 11:15 - 00000856 _____ C:\Windows\system32\Drivers\etc\hp.bak 2015-10-16 17:04 - 2015-10-16 17:04 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Steam 2015-10-16 16:58 - 2015-10-20 19:59 - 00000000 ____D C:\Users\Sonny\Desktop\Life Is Strange 2015-10-16 13:05 - 2015-10-18 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-15 10:00 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-10-15 10:00 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-10-15 10:00 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-14 18:11 - 2014-08-20 19:12 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\uTorrent 2015-11-14 18:10 - 2014-07-23 23:29 - 00000000 ____D C:\Users\Sonny\AppData\Local\CrashDumps 2015-11-14 18:02 - 2014-07-31 20:19 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\TS3Client 2015-11-14 17:53 - 2014-07-23 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-14 17:30 - 2014-11-01 16:31 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-14 16:09 - 2014-12-14 15:44 - 00000000 ____D C:\Users\Sonny\AppData\Local\Battle.net 2015-11-14 16:09 - 2014-12-14 15:44 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-11-14 15:39 - 2015-07-10 00:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-14 14:48 - 2014-12-14 15:45 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-11-14 13:30 - 2014-11-01 16:31 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-14 13:12 - 2014-07-23 19:25 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CBE7263C-E444-4178-9108-E09677EE42AD} 2015-11-14 13:00 - 2014-07-24 10:11 - 00000000 __RDO C:\Users\Sonny\SkyDrive 2015-11-14 12:59 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-14 12:58 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-11-14 01:40 - 2014-04-27 02:21 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-13 10:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-11-13 08:57 - 2014-07-23 19:24 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2802146430-1798650074-2620433185-1002 2015-11-13 08:30 - 2014-08-21 13:11 - 00000000 ____D C:\Users\Sonny\Documents\My Games 2015-11-12 22:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore 2015-11-12 22:57 - 2014-11-01 16:10 - 00000000 ____D C:\AdwCleaner 2015-11-12 21:35 - 2015-02-14 19:46 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-11-12 21:35 - 2014-04-27 02:32 - 00001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM.lnk 2015-11-12 21:35 - 2014-04-27 02:20 - 00000712 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk 2015-11-12 21:35 - 2013-11-13 20:31 - 00001388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-11-12 21:35 - 2013-11-13 20:31 - 00001319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-11-12 21:34 - 2015-10-11 00:51 - 00002046 _____ C:\Users\Public\Desktop\TERA Launcher.lnk 2015-11-12 21:34 - 2015-09-09 20:39 - 00001401 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-11-12 21:34 - 2015-07-26 00:55 - 00001956 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2015-11-12 21:34 - 2015-07-10 00:49 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-12 21:34 - 2015-07-07 03:19 - 00001619 _____ C:\Users\Public\Desktop\League of Legends.lnk 2015-11-12 21:34 - 2014-12-14 15:45 - 00001175 _____ C:\Users\Public\Desktop\Hearthstone.lnk 2015-11-12 21:34 - 2014-11-22 20:12 - 00001851 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-11-12 21:34 - 2014-11-17 19:06 - 00002090 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk 2015-11-12 21:34 - 2014-10-30 16:12 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-11-12 21:34 - 2014-10-11 08:25 - 00001937 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\setup.lnk 2015-11-12 21:34 - 2014-08-22 19:10 - 00000295 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk 2015-11-12 21:34 - 2014-07-23 19:18 - 00001464 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-11-12 21:34 - 2013-11-13 20:01 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2015-11-12 21:33 - 2015-06-14 00:20 - 00000961 _____ C:\Users\Sonny\Desktop\Open Broadcaster Software.lnk 2015-11-12 21:33 - 2014-12-22 21:20 - 00001031 _____ C:\Users\Sonny\Desktop\WinRAR.lnk 2015-11-12 21:33 - 2014-11-15 18:15 - 00000911 _____ C:\Users\Sonny\Desktop\µTorrent.lnk 2015-11-12 21:33 - 2014-11-15 18:15 - 00000891 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-11-12 21:33 - 2014-08-07 22:20 - 00001144 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Minecraft 1.5.2.lnk 2015-11-12 21:17 - 2015-07-10 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-12 21:17 - 2015-07-10 00:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-11 20:08 - 2013-08-22 15:44 - 00486512 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-11 20:04 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-11-11 19:52 - 2014-11-05 21:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-11-11 19:52 - 2014-11-05 21:43 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-11 19:52 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-11-11 19:33 - 2014-11-13 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-11-11 19:09 - 2014-07-24 10:47 - 00000000 ____D C:\Windows\system32\MRT 2015-11-11 19:09 - 2013-08-22 14:25 - 00000167 _____ C:\Windows\win.ini 2015-11-11 19:04 - 2014-07-24 10:47 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-11-11 00:53 - 2014-07-23 20:16 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-10 13:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-11-09 19:13 - 2014-12-23 12:23 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Skype 2015-11-08 01:46 - 2014-08-10 22:05 - 04537856 ___SH C:\Users\Sonny\Desktop\Thumbs.db 2015-11-07 22:28 - 2014-11-13 20:35 - 00000000 ____D C:\Users\Sonny\Downloads\Gameforge Live 2015-11-07 21:51 - 2015-06-05 21:12 - 00000074 _____ C:\Users\Sonny\Documents\ClownfishForTeamspeak.ini 2015-11-07 17:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2015-11-07 03:19 - 2014-10-13 18:31 - 00000044 _____ C:\Users\Sonny\jagex_cl_oldschool_LIVE.dat 2015-11-06 11:14 - 2015-06-15 14:47 - 03020192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-11-06 11:14 - 2014-11-10 15:03 - 03418456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-11-06 10:02 - 2014-04-27 02:20 - 00031860 _____ C:\Windows\system32\nvinfo.pb 2015-11-04 13:15 - 2014-07-25 20:46 - 00000000 ____D C:\Users\Sonny\Desktop\Slender v0.9.7 2015-11-03 13:28 - 2014-08-14 17:31 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-02 14:24 - 2015-02-22 01:08 - 00880432 _____ C:\Users\Sonny\Desktop\OSBuddy.exe 2015-10-30 19:23 - 2015-05-13 13:16 - 00000000 ___RD C:\Users\Sonny\OneDrive 2015-10-30 19:23 - 2014-11-01 21:08 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2802146430-1798650074-2620433185-1002 2015-10-28 15:27 - 2013-11-13 20:00 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-10-27 14:02 - 2014-11-29 10:55 - 00000000 ____D C:\Users\Sonny\Desktop\Neuer Ordner 2015-10-27 13:17 - 2014-08-07 20:10 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\.minecraft 2015-10-27 07:13 - 2013-11-12 22:26 - 00766620 _____ C:\Windows\system32\perfh007.dat 2015-10-27 07:13 - 2013-11-12 22:26 - 00159902 _____ C:\Windows\system32\perfc007.dat 2015-10-27 07:13 - 2013-11-12 21:54 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-24 18:57 - 2014-10-30 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-24 18:40 - 2014-11-17 19:07 - 00000000 ____D C:\.jagex_cache_32 2015-10-24 18:39 - 2015-09-05 08:56 - 00000000 ____D C:\Users\Sonny\.oracle_jre_usage 2015-10-24 18:37 - 2014-10-30 16:56 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-10-24 18:37 - 2014-08-07 20:09 - 00000000 ____D C:\Program Files (x86)\Java 2015-10-24 13:41 - 2014-11-17 19:07 - 00000023 _____ C:\Users\Sonny\jagexappletviewer.preferences 2015-10-24 13:40 - 2014-11-17 19:07 - 00000044 _____ C:\Users\Sonny\jagex_cl_runescape_LIVE.dat 2015-10-23 20:43 - 2014-10-13 18:31 - 00000000 ____D C:\Users\Sonny\jagexcache 2015-10-22 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2015-10-22 14:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\tracing 2015-10-21 17:49 - 2014-12-23 12:23 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-10-20 18:20 - 2014-04-27 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2015-10-20 18:19 - 2015-08-12 19:29 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-20 18:12 - 2015-07-07 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-10-20 18:12 - 2014-11-01 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-19 21:10 - 2014-07-31 20:18 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-10-19 19:45 - 2014-07-23 19:27 - 00000000 ____D C:\Users\Sonny\AppData\Local\Google 2015-10-18 11:26 - 2014-07-23 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-18 11:25 - 2014-12-11 21:01 - 00000000 ____D C:\Windows\system32\appraiser 2015-10-18 11:25 - 2014-07-25 18:55 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-10-15 04:59 - 2014-04-27 02:21 - 06875768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-10-15 04:59 - 2014-04-27 02:21 - 03496568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-10-15 04:59 - 2014-04-27 02:21 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-10-15 04:59 - 2014-04-27 02:21 - 01255544 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-10-15 04:59 - 2014-04-27 02:21 - 01060472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2015-10-15 04:59 - 2014-04-27 02:21 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-10-15 04:59 - 2014-04-27 02:21 - 00075056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2015-10-15 04:59 - 2014-04-27 02:21 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-10-15 01:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf 2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\8k4zjaU 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn 2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK 2005-04-08 03:16 - 2015-02-28 22:03 - 0142572 ____H () C:\Users\Sonny\AppData\Roaming\Sonnylog.dat 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt 2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk 2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\ZkvbwFI 2015-10-21 20:42 - 2015-10-21 20:42 - 1852453 _____ () C:\Users\Sonny\AppData\Local\curl.zip 2015-10-21 20:42 - 2015-10-21 20:42 - 0000002 _____ () C:\Users\Sonny\AppData\Local\OczLpK.vbs 2015-03-23 18:53 - 2015-10-11 11:58 - 0007605 _____ () C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg 2015-06-20 15:06 - 2015-06-20 15:06 - 0000003 _____ () C:\Users\Sonny\AppData\Local\updater.log 2015-06-20 15:06 - 2015-10-02 11:12 - 0000424 _____ () C:\Users\Sonny\AppData\Local\UserProducts.xml Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Sonny\matrix_cl_CloudIn_LIVE.dat Einige Dateien in TEMP: ==================== C:\Users\Sonny\AppData\Local\Temp\1da87fe019424c023a8f63d8acc8578f.dll C:\Users\Sonny\AppData\Local\Temp\cct.dll C:\Users\Sonny\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll C:\Users\Sonny\AppData\Local\Temp\JavaIC.dll C:\Users\Sonny\AppData\Local\Temp\msscct32.dll C:\Users\Sonny\AppData\Local\Temp\SkypeSetup.exe C:\Users\Sonny\AppData\Local\Temp\sqlite3.dll C:\Users\Sonny\AppData\Local\Temp\YSearchUtil.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-07 22:46 ==================== Ende von FRST.txt ============================ |
15.11.2015, 06:51 | #14 |
/// the machine /// TB-Ausbilder | Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Sonny\AppData\Local\Temp\nsdB5CE.tmp C:\Users\Sonny\AppData\Local\Temp\nsp3F6B.tmp C:\Users\Sonny\AppData\Local\Temp\nspF2B6.tmp C:\Users\Sonny\AppData\Local\Temp\DMR\dmr_72.exe C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\4F9ABF7C_stp\CreateShortcut.dll C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\6BD96D0D_stp\TaskScheduler.dll C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\cezgufrd.dll C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\phodw.dll C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\102.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\104.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\14.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\178.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\179.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\180.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\184.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\200.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\223.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\231.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\232.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\234.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\242.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\246.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\252.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\253.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\273.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\277.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\281.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\288.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\300.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\311.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\334.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\335.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\339.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\348.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\357.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\376.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\380.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\385.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\390.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\391.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\419.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\424.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\91.js C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf C:\Users\Sonny\AppData\Roaming\8k4zjaU C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk C:\Users\Sonny\AppData\Roaming\ZkvbwFI C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe C:\Users\Sonny\Desktop\Alte Firefox-Daten\8iq92rbq.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi C:\Users\Sonny\Downloads\7 Zip 32 Bit - CHIP-Installer.exe C:\Users\Sonny\Downloads\Bandicam - CHIP-Installer.exe C:\Users\Sonny\Downloads\Blockify - CHIP-Installer.exe C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55 (1).zip C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55.zip C:\Users\Sonny\Downloads\driverscanner.exe C:\Users\Sonny\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe C:\Users\Sonny\Downloads\MotioninJoy - CHIP-Installer.exe C:\Users\Sonny\Downloads\Resource Hacker - CHIP-Installer.exe C:\Users\Sonny\Downloads\RSBot-6058.jar C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe C:\Users\Sonny\Downloads\Skype - CHIP-Installer.exe C:\Users\Sonny\Downloads\SoftEther VPN Client - CHIP-Installer.exe C:\Users\Sonny\Downloads\TeamViewer - CHIP-Installer.exe C:\Users\Sonny\Downloads\uTorrent (1).exe C:\Users\Sonny\Downloads\uTorrent.exe C:\Users\Sonny\Downloads\uTorrent891.exe C:\Users\Sonny\Downloads\Virtual Audio Cable - CHIP-Installer.exe C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55\Darkorbit Hack v2.55.zip C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55 (1)\Darkorbit Hack v2.55.zip C:\Windows\Installer\a3ed4.msi C:\Windows\Temp\6FDD.tmp C:\Windows\Temp\FF9.tmp GroupPolicy: Beschränkung - Chrome <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ProxyEnable: [.DEFAULT] => Proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:53289;https=127.0.0.1:53289 RemoveProxy: Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
15.11.2015, 17:49 | #15 |
| Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nichtCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015 durchgeführt von Sonny (2015-11-15 16:36:54) Run:1 Gestartet von C:\Users\Sonny\Desktop\config Geladene Profile: Sonny (Verfügbare Profile: Sonny) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** C:\Users\Sonny\AppData\Local\Temp\nsdB5CE.tmp C:\Users\Sonny\AppData\Local\Temp\nsp3F6B.tmp C:\Users\Sonny\AppData\Local\Temp\nspF2B6.tmp C:\Users\Sonny\AppData\Local\Temp\DMR\dmr_72.exe C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\4F9ABF7C_stp\CreateShortcut.dll C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\6BD96D0D_stp\TaskScheduler.dll C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\cezgufrd.dll C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\phodw.dll C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\102.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\104.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\14.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\178.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\179.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\180.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\184.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\200.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\223.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\231.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\232.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\234.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\242.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\246.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\252.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\253.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\273.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\277.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\281.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\288.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\300.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\311.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\334.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\335.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\339.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\348.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\357.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\376.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\380.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\385.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\390.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\391.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\419.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\424.js C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\91.js C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf C:\Users\Sonny\AppData\Roaming\8k4zjaU C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk C:\Users\Sonny\AppData\Roaming\ZkvbwFI C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe C:\Users\Sonny\Desktop\Alte Firefox-Daten\8iq92rbq.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi C:\Users\Sonny\Downloads\7 Zip 32 Bit - CHIP-Installer.exe C:\Users\Sonny\Downloads\Bandicam - CHIP-Installer.exe C:\Users\Sonny\Downloads\Blockify - CHIP-Installer.exe C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55 (1).zip C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55.zip C:\Users\Sonny\Downloads\driverscanner.exe C:\Users\Sonny\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe C:\Users\Sonny\Downloads\MotioninJoy - CHIP-Installer.exe C:\Users\Sonny\Downloads\Resource Hacker - CHIP-Installer.exe C:\Users\Sonny\Downloads\RSBot-6058.jar C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe C:\Users\Sonny\Downloads\Skype - CHIP-Installer.exe C:\Users\Sonny\Downloads\SoftEther VPN Client - CHIP-Installer.exe C:\Users\Sonny\Downloads\TeamViewer - CHIP-Installer.exe C:\Users\Sonny\Downloads\uTorrent (1).exe C:\Users\Sonny\Downloads\uTorrent.exe C:\Users\Sonny\Downloads\uTorrent891.exe C:\Users\Sonny\Downloads\Virtual Audio Cable - CHIP-Installer.exe C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55\Darkorbit Hack v2.55.zip C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55 (1)\Darkorbit Hack v2.55.zip C:\Windows\Installer\a3ed4.msi C:\Windows\Temp\6FDD.tmp C:\Windows\Temp\FF9.tmp GroupPolicy: Beschränkung - Chrome <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ProxyEnable: [.DEFAULT] => Proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:53289;https=127.0.0.1:53289 RemoveProxy: Emptytemp: ***************** C:\Users\Sonny\AppData\Local\Temp\nsdB5CE.tmp => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nsp3F6B.tmp => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nspF2B6.tmp => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\DMR\dmr_72.exe => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\4F9ABF7C_stp\CreateShortcut.dll => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\6BD96D0D_stp\TaskScheduler.dll => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\cezgufrd.dll => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\phodw.dll => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\102.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\104.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\14.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\178.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\179.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\180.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\184.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\200.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\223.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\231.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\232.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\234.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\242.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\246.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\252.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\253.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\273.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\277.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\281.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\288.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\300.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\311.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\334.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\335.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\339.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\348.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\357.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\376.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\380.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\385.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\390.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\391.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\419.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\424.js => erfolgreich verschoben C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\91.js => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\8k4zjaU => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\ZkvbwFI => erfolgreich verschoben C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe => erfolgreich verschoben C:\Users\Sonny\Desktop\Alte Firefox-Daten\8iq92rbq.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi => erfolgreich verschoben C:\Users\Sonny\Downloads\7 Zip 32 Bit - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\Bandicam - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\Blockify - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55 (1).zip => erfolgreich verschoben C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55.zip => erfolgreich verschoben C:\Users\Sonny\Downloads\driverscanner.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\MotioninJoy - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\Resource Hacker - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\RSBot-6058.jar => erfolgreich verschoben C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\Skype - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\SoftEther VPN Client - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\TeamViewer - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\uTorrent (1).exe => erfolgreich verschoben C:\Users\Sonny\Downloads\uTorrent.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\uTorrent891.exe => erfolgreich verschoben C:\Users\Sonny\Downloads\Virtual Audio Cable - CHIP-Installer.exe => erfolgreich verschoben C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55\Darkorbit Hack v2.55.zip => erfolgreich verschoben C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55 (1)\Darkorbit Hack v2.55.zip => erfolgreich verschoben C:\Windows\Installer\a3ed4.msi => erfolgreich verschoben C:\Windows\Temp\6FDD.tmp => erfolgreich verschoben C:\Windows\Temp\FF9.tmp => erfolgreich verschoben C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben C:\Windows\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben "HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= EmptyTemp: => 1.5 GB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 16:37:47 ==== Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 durchgeführt von Sonny (Administrator) auf MSI_SAMDAR (15-11-2015 17:45:51) Gestartet von C:\Users\Sonny\Desktop\config Geladene Profile: Sonny (Verfügbare Profile: Sonny) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files (x86)\MSI\MSI Remind Manager\MSI Reminder.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Farbar) C:\Users\Sonny\Desktop\config\FRST64(1).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-23] (Realtek Semiconductor) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2014-04-23] (ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI) HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink) HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH) HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [249856 2014-01-23] (SteelSeries ApS) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [4946856 2014-10-16] (Steganos Software GmbH) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [uTorrent] => C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe [1888792 2015-11-13] (BitTorrent Inc.) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation) HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\MountPoints2: {f40e9899-2c5b-11e4-8272-a08869908039} - "F:\windows\Data\setup.exe" ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-11-12] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-15] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{067846F7-8DB6-4D95-A851-BECD63790717}: [DhcpNameServer] 10.11.0.1 Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [NameServer] 8.8.4.4,8.8.8.8 Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{8B10DFEE-2A45-471C-B680-0146B9966FB7}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660324794&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660331387&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660370656&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0 SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002 -> {72A48C13-DCBC-4156-9710-EED96895E310} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation) Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023 FF Homepage: hxxps://www.google.de/?gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin HKU\S-1-5-21-2802146430-1798650074-2620433185-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sonny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Extension: Adblock Plus - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-10-09] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon => nicht gefunden StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.de/?gws_rd=ssl" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei CHR Plugin: (Java(TM) Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll => Keine Datei CHR Profile: C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-02] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-26] (CyberLink) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2014-04-23] (ELAN Microelectronics Corp.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-23] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert] R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] () R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [321976 2014-10-16] (Steganos Software GmbH) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation) S3 iumsvc; "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.) R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [63488 2014-04-27] (Microsoft Corporation) [Datei ist nicht signiert] R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.) S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation) R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation) S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-05-22] () S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-04-23] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140909.001\IDSvia64.sys [633560 2014-09-06] (Symantec Corporation) S3 ipadtst; C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys [20464 2013-11-12] (Windows (R) Win 7 DDK provider) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-15] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert] S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\ENG64.SYS [129752 2014-08-21] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\EX64.SYS [2137304 2014-08-21] (Symantec Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-04-23] (Realsil Semiconductor Corporation) S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation) S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation) R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-13] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert] S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] () S3 HSPADataCardusbmdm; \SystemRoot\system32\DRIVERS\HSPADataCardusbmdm.sys [X] S3 HSPADataCardusbnmea; \SystemRoot\system32\DRIVERS\HSPADataCardusbnmea.sys [X] S3 HSPADataCardusbser; \SystemRoot\system32\DRIVERS\HSPADataCardusbser.sys [X] S3 massfilter; \SystemRoot\System32\drivers\massfilter.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-15 16:39 - 2015-11-15 16:39 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-11-15 02:10 - 2015-11-15 02:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2015-11-15 02:10 - 2015-11-15 02:10 - 00000000 ____D C:\Program Files\McAfee Security Scan 2015-11-15 00:05 - 2015-11-15 00:06 - 00000030 _____ C:\Users\Sonny\Desktop\boost acc gunjack.txt 2015-11-14 18:06 - 2015-11-14 18:06 - 00852720 _____ C:\Users\Sonny\Downloads\SecurityCheck.exe 2015-11-14 13:54 - 2015-11-14 13:54 - 02870984 _____ (ESET) C:\Users\Sonny\Downloads\esetsmartinstaller_deu.exe 2015-11-14 02:18 - 2015-11-14 02:18 - 00002196 _____ C:\Users\Sonny\Desktop\ShellExView - CHIP Downloader.lnk 2015-11-14 02:17 - 2015-11-14 02:17 - 00164744 _____ C:\Users\Sonny\Downloads\sview97.zip 2015-11-14 01:37 - 2015-11-14 01:37 - 00000000 ____D C:\Windows\LastGood.Tmp 2015-11-13 21:30 - 2015-11-09 14:22 - 27330800 _____ C:\Users\Sonny\Desktop\GameIntro_V3_B.bk2 2015-11-13 08:30 - 2015-11-13 08:31 - 00000000 ____D C:\Users\Sonny\AppData\Local\Fallout4 2015-11-13 08:30 - 2015-11-13 08:30 - 00000691 _____ C:\Users\Sonny\Desktop\Fallout 4.lnk 2015-11-13 08:30 - 2015-11-13 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4 2015-11-13 07:59 - 2015-11-13 07:59 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\PowerISO 2015-11-13 01:55 - 2015-11-13 02:12 - 00000000 ____D C:\Users\Sonny\Downloads\Fallout.4-CODEX 2015-11-12 23:09 - 2015-11-12 23:09 - 00002853 _____ C:\Users\Sonny\Desktop\JRT.txt 2015-11-12 23:05 - 2015-11-12 23:05 - 01798976 _____ (Malwarebytes) C:\Users\Sonny\Downloads\JRT.exe 2015-11-12 23:05 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Sonny\Desktop\JRT.exe 2015-11-12 22:59 - 2015-11-15 16:38 - 00199700 _____ C:\Windows\PFRO.log 2015-11-12 22:52 - 2015-11-12 22:52 - 01712128 _____ C:\Users\Sonny\Downloads\AdwCleaner_5.019.exe 2015-11-12 22:38 - 2015-11-12 22:38 - 00115551 _____ C:\mbam.txt 2015-11-12 00:46 - 2015-11-12 00:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Sonny\Downloads\tdsskiller.exe 2015-11-11 19:40 - 2015-11-12 22:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-11-11 19:38 - 2015-11-11 19:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sonny\Downloads\mbar-1.09.3.1001(1).exe 2015-11-11 19:37 - 2015-11-11 21:11 - 00000000 ____D C:\Users\Sonny\Desktop\mbar 2015-11-11 19:37 - 2015-11-11 19:37 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sonny\Downloads\mbar-1.09.3.1001.exe 2015-11-11 19:34 - 2015-11-11 19:34 - 00000000 ____D C:\ProgramData\SplitMediaLabs 2015-11-11 19:26 - 2015-11-12 21:33 - 00001294 _____ C:\Users\Sonny\Desktop\Revo Uninstaller.lnk 2015-11-11 19:26 - 2015-11-11 19:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sonny\Downloads\revosetup95.exe 2015-11-11 19:26 - 2015-11-11 19:26 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-11-11 19:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 19:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 19:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 19:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 19:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 19:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 19:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 19:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 19:03 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-11-11 19:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 19:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 19:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 19:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 19:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 19:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 19:03 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-11-11 19:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 19:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 19:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 19:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 19:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 19:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 19:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-11 19:03 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2015-11-11 19:03 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2015-11-11 18:05 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 18:05 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 18:05 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 18:05 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 18:05 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-11-11 18:05 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 18:05 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 18:05 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 18:05 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-11 18:05 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-11 18:05 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-11 18:05 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-11 18:05 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 18:05 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 18:05 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-11 18:05 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 18:05 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-11-11 18:05 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-11-11 18:05 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-11-11 18:05 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-11-11 18:05 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 18:05 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 18:05 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2015-11-11 18:05 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2015-11-11 18:05 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 18:05 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 18:05 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 18:05 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 18:05 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-11-11 18:05 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 18:05 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 18:05 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-11-11 18:05 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-11 18:05 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-11-11 18:05 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2015-11-11 18:05 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml 2015-11-11 18:05 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-11-11 18:05 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-11-11 18:05 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-11-11 18:05 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-11-11 18:05 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-11-11 18:05 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-11-11 18:05 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-11-11 18:05 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-11-11 18:05 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-11-11 18:05 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-11-11 18:05 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2015-11-11 18:05 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-11-11 18:05 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-11-10 18:46 - 2015-11-10 18:46 - 00070929 _____ C:\Users\Sonny\Downloads\Addition.txt 2015-11-10 18:44 - 2015-11-15 17:45 - 00000000 ____D C:\FRST 2015-11-10 18:44 - 2015-11-14 18:11 - 00066074 _____ C:\Users\Sonny\Downloads\FRST.txt 2015-11-10 18:44 - 2015-11-10 18:44 - 02198528 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe 2015-11-10 18:43 - 2015-11-10 18:43 - 01702400 _____ (Farbar) C:\Users\Sonny\Downloads\FRST.exe 2015-11-06 11:22 - 2015-11-06 11:22 - 17679448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-11-06 11:21 - 2015-11-06 11:21 - 15191992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-11-06 11:20 - 2015-11-06 11:20 - 30503056 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-11-06 11:20 - 2015-11-06 11:20 - 16170920 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-11-06 11:20 - 2015-11-06 11:20 - 13284848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 22963344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 11105936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-11-06 11:19 - 2015-11-06 11:19 - 01070920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 00416912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 00372880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 00185816 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-11-06 11:19 - 2015-11-06 11:19 - 00164008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 01566352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435435.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 01082000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 01004360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 00512136 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-11-06 11:18 - 2015-11-06 11:18 - 00416352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 15928728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 12910488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 11853464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 02961224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 02627728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-11-06 11:17 - 2015-11-06 11:17 - 01907016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435435.dll 2015-11-06 11:15 - 2015-11-06 11:15 - 42740368 _____ C:\Windows\system32\nvcompiler.dll 2015-11-06 11:15 - 2015-11-06 11:15 - 37758280 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-11-06 11:12 - 2015-11-06 11:12 - 14523248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-11-06 11:12 - 2015-11-06 11:12 - 00992400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-11-03 22:22 - 2015-11-03 22:22 - 00061440 _____ (Gary's Hood) C:\Users\Sonny\Downloads\rsclient.exe 2015-11-03 14:35 - 2015-11-03 14:35 - 00017533 _____ C:\Windows\DirectX.log 2015-11-03 13:28 - 2015-11-03 13:28 - 00000219 _____ C:\Users\Sonny\Desktop\Counter-Strike Global Offensive.url 2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini 2015-10-28 15:29 - 2015-10-28 15:29 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Tera_Awesomium 2015-10-27 16:14 - 2015-11-15 16:59 - 00000000 ____D C:\Program Files (x86)\Steam 2015-10-27 16:14 - 2015-11-12 21:34 - 00000983 _____ C:\Users\Public\Desktop\Steam.lnk 2015-10-27 16:14 - 2015-10-27 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup.exe 2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup (1).exe 2015-10-27 14:06 - 2015-10-27 14:08 - 00000000 ____D C:\Users\Sonny\Desktop\dead realMUH 2015-10-27 13:34 - 2015-10-27 13:34 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\Section Studios_ Inc_ 2015-10-27 13:30 - 2015-10-27 13:31 - 734982235 _____ C:\Users\Sonny\Downloads\[www.mpc-g.com]DdRlm144.7z 2015-10-24 18:37 - 2015-10-24 18:37 - 00584288 _____ (Oracle Corporation) C:\Users\Sonny\Downloads\jxpiinstall(1).exe 2015-10-23 20:43 - 2015-11-12 21:33 - 00002060 _____ C:\Users\Sonny\Desktop\RuneScape.lnk 2015-10-23 20:43 - 2015-10-23 20:43 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape 2015-10-23 20:39 - 2015-10-23 20:42 - 24219648 _____ C:\Users\Sonny\Downloads\RuneScape (1).msi 2015-10-23 17:55 - 2015-11-15 16:39 - 00004756 _____ C:\Windows\setupact.log 2015-10-23 17:55 - 2015-10-23 17:55 - 00000000 _____ C:\Windows\setuperr.log 2015-10-23 17:22 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-10-23 17:22 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-10-22 17:51 - 2015-11-15 17:18 - 01592468 _____ C:\Windows\WindowsUpdate.log 2015-10-22 11:15 - 2015-10-22 11:15 - 00000000 ____D C:\Users\Sonny\AppData\Local\ESET 2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_.exe 2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_ (1).exe 2015-10-22 11:07 - 2015-10-22 11:07 - 00000000 ____D C:\Program Files (x86)\3ae6c0d0-b937-4081-9be9-f3f58501fc8e 2015-10-21 20:42 - 2015-10-21 20:42 - 01852453 _____ C:\Users\Sonny\AppData\Local\curl.zip 2015-10-21 20:42 - 2015-10-21 20:42 - 00000002 _____ C:\Users\Sonny\AppData\Local\OczLpK.vbs 2015-10-21 20:42 - 2015-10-21 20:42 - 00000000 ____D C:\Users\Sonny\AppData\Local\{FE4CCBE7-EA6F-42D8-88A8-35B174533055} 2015-10-21 18:57 - 2015-11-15 16:39 - 00001008 _____ C:\Windows\Tasks\8k4zjaU.job 2015-10-21 18:57 - 2015-10-21 18:57 - 00004020 _____ C:\Windows\System32\Tasks\8k4zjaU 2015-10-21 18:56 - 2015-11-15 16:39 - 00001042 _____ C:\Windows\Tasks\yR3gyuB665QVn2tdcFm0JVBk.job 2015-10-21 18:56 - 2015-10-21 18:57 - 00004054 _____ C:\Windows\System32\Tasks\yR3gyuB665QVn2tdcFm0JVBk 2015-10-20 19:31 - 2015-11-12 21:33 - 00002226 _____ C:\Users\Sonny\Desktop\chrome.lnk 2015-10-20 19:26 - 2015-11-15 16:39 - 00001048 _____ C:\Windows\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl.job 2015-10-20 19:26 - 2015-11-15 16:39 - 00001030 _____ C:\Windows\Tasks\3c2jDM05M6ay9rgGcf.job 2015-10-20 19:26 - 2015-10-20 19:26 - 00004058 _____ C:\Windows\System32\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl 2015-10-20 19:26 - 2015-10-20 19:26 - 00004042 _____ C:\Windows\System32\Tasks\3c2jDM05M6ay9rgGcf 2015-10-20 19:23 - 2015-10-20 19:23 - 00003910 _____ C:\Windows\System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 2015-10-20 19:01 - 2015-11-15 16:39 - 00001018 _____ C:\Windows\Tasks\nAuWsaaA3Qnn.job 2015-10-20 19:01 - 2015-11-15 16:39 - 00001008 _____ C:\Windows\Tasks\ZkvbwFI.job 2015-10-20 19:01 - 2015-10-20 19:01 - 00004028 _____ C:\Windows\System32\Tasks\nAuWsaaA3Qnn 2015-10-20 19:01 - 2015-10-20 19:01 - 00004020 _____ C:\Windows\System32\Tasks\ZkvbwFI 2015-10-20 19:00 - 2015-11-15 16:39 - 00001024 _____ C:\Windows\Tasks\PciD5z2oV9Hq4LK.job 2015-10-20 19:00 - 2015-11-15 16:39 - 00001020 _____ C:\Windows\Tasks\tYyezAYRvk8jt.job 2015-10-20 19:00 - 2015-10-20 19:00 - 00004036 _____ C:\Windows\System32\Tasks\PciD5z2oV9Hq4LK 2015-10-20 19:00 - 2015-10-20 19:00 - 00004032 _____ C:\Windows\System32\Tasks\tYyezAYRvk8jt 2015-10-20 18:58 - 2015-10-22 11:56 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-10-20 18:58 - 2015-10-21 18:01 - 00000000 ____D C:\Program Files (x86)\3ff07109-e80a-45be-86af-4c8a97c65880 2015-10-20 18:23 - 2015-10-20 18:23 - 00003306 _____ C:\Windows\System32\Tasks\{62C4727E-EE8B-4CC4-ACF4-42684399E681} 2015-10-20 18:14 - 2015-09-06 11:15 - 00000856 _____ C:\Windows\system32\Drivers\etc\hp.bak 2015-10-16 17:04 - 2015-10-16 17:04 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Steam 2015-10-16 16:58 - 2015-10-20 19:59 - 00000000 ____D C:\Users\Sonny\Desktop\Life Is Strange 2015-10-16 13:05 - 2015-10-18 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-15 17:39 - 2015-07-10 00:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-15 17:30 - 2014-11-01 16:31 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-15 17:29 - 2014-07-31 20:19 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\TS3Client 2015-11-15 16:53 - 2014-07-23 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-15 16:41 - 2014-11-01 16:31 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-15 16:39 - 2014-08-10 22:05 - 04537856 ___SH C:\Users\Sonny\Desktop\Thumbs.db 2015-11-15 16:39 - 2014-07-24 10:11 - 00000000 __RDO C:\Users\Sonny\SkyDrive 2015-11-15 16:39 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-15 16:38 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-11-15 16:37 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-11-15 16:37 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2015-11-15 16:32 - 2014-07-23 23:29 - 00000000 ____D C:\Users\Sonny\AppData\Local\CrashDumps 2015-11-15 14:37 - 2014-12-14 15:44 - 00000000 ____D C:\Users\Sonny\AppData\Local\Battle.net 2015-11-15 14:37 - 2014-12-14 15:44 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-11-15 12:50 - 2014-07-23 19:25 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CBE7263C-E444-4178-9108-E09677EE42AD} 2015-11-15 02:22 - 2014-07-23 19:24 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2802146430-1798650074-2620433185-1002 2015-11-15 02:10 - 2015-07-26 00:55 - 00001960 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2015-11-14 20:31 - 2014-08-20 19:12 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\uTorrent 2015-11-14 14:48 - 2014-12-14 15:45 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-11-14 01:40 - 2014-04-27 02:21 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-13 10:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-11-13 08:30 - 2014-08-21 13:11 - 00000000 ____D C:\Users\Sonny\Documents\My Games 2015-11-12 22:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore 2015-11-12 22:57 - 2014-11-01 16:10 - 00000000 ____D C:\AdwCleaner 2015-11-12 21:35 - 2015-02-14 19:46 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-11-12 21:35 - 2014-04-27 02:32 - 00001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM.lnk 2015-11-12 21:35 - 2014-04-27 02:20 - 00000712 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk 2015-11-12 21:35 - 2013-11-13 20:31 - 00001388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-11-12 21:35 - 2013-11-13 20:31 - 00001319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-11-12 21:34 - 2015-10-11 00:51 - 00002046 _____ C:\Users\Public\Desktop\TERA Launcher.lnk 2015-11-12 21:34 - 2015-09-09 20:39 - 00001401 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-11-12 21:34 - 2015-07-10 00:49 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-12 21:34 - 2015-07-07 03:19 - 00001619 _____ C:\Users\Public\Desktop\League of Legends.lnk 2015-11-12 21:34 - 2014-12-14 15:45 - 00001175 _____ C:\Users\Public\Desktop\Hearthstone.lnk 2015-11-12 21:34 - 2014-11-22 20:12 - 00001851 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-11-12 21:34 - 2014-11-17 19:06 - 00002090 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk 2015-11-12 21:34 - 2014-10-30 16:12 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-11-12 21:34 - 2014-10-11 08:25 - 00001937 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\setup.lnk 2015-11-12 21:34 - 2014-08-22 19:10 - 00000295 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk 2015-11-12 21:34 - 2014-07-23 19:18 - 00001464 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-11-12 21:34 - 2013-11-13 20:01 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2015-11-12 21:33 - 2015-06-14 00:20 - 00000961 _____ C:\Users\Sonny\Desktop\Open Broadcaster Software.lnk 2015-11-12 21:33 - 2014-12-22 21:20 - 00001031 _____ C:\Users\Sonny\Desktop\WinRAR.lnk 2015-11-12 21:33 - 2014-11-15 18:15 - 00000911 _____ C:\Users\Sonny\Desktop\µTorrent.lnk 2015-11-12 21:33 - 2014-11-15 18:15 - 00000891 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-11-12 21:33 - 2014-08-07 22:20 - 00001144 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Minecraft 1.5.2.lnk 2015-11-12 21:17 - 2015-07-10 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-12 21:17 - 2015-07-10 00:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-11 20:08 - 2013-08-22 15:44 - 00486512 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-11 20:04 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-11-11 19:52 - 2014-11-05 21:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-11-11 19:52 - 2014-11-05 21:43 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-11 19:52 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-11-11 19:33 - 2014-11-13 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-11-11 19:09 - 2014-07-24 10:47 - 00000000 ____D C:\Windows\system32\MRT 2015-11-11 19:09 - 2013-08-22 14:25 - 00000167 _____ C:\Windows\win.ini 2015-11-11 19:04 - 2014-07-24 10:47 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-11-11 00:53 - 2014-07-23 20:16 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-10 13:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-11-09 19:13 - 2014-12-23 12:23 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Skype 2015-11-07 22:28 - 2014-11-13 20:35 - 00000000 ____D C:\Users\Sonny\Downloads\Gameforge Live 2015-11-07 21:51 - 2015-06-05 21:12 - 00000074 _____ C:\Users\Sonny\Documents\ClownfishForTeamspeak.ini 2015-11-07 17:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2015-11-07 03:19 - 2014-10-13 18:31 - 00000044 _____ C:\Users\Sonny\jagex_cl_oldschool_LIVE.dat 2015-11-06 11:14 - 2015-06-15 14:47 - 03020192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-11-06 11:14 - 2014-11-10 15:03 - 03418456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-11-06 10:02 - 2014-04-27 02:20 - 00031860 _____ C:\Windows\system32\nvinfo.pb 2015-11-04 13:15 - 2014-07-25 20:46 - 00000000 ____D C:\Users\Sonny\Desktop\Slender v0.9.7 2015-11-03 13:28 - 2014-08-14 17:31 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-02 14:24 - 2015-02-22 01:08 - 00880432 _____ C:\Users\Sonny\Desktop\OSBuddy.exe 2015-10-30 19:23 - 2015-05-13 13:16 - 00000000 ___RD C:\Users\Sonny\OneDrive 2015-10-30 19:23 - 2014-11-01 21:08 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2802146430-1798650074-2620433185-1002 2015-10-28 15:27 - 2013-11-13 20:00 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-10-27 14:02 - 2014-11-29 10:55 - 00000000 ____D C:\Users\Sonny\Desktop\Neuer Ordner 2015-10-27 13:17 - 2014-08-07 20:10 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\.minecraft 2015-10-27 07:13 - 2013-11-12 22:26 - 00766620 _____ C:\Windows\system32\perfh007.dat 2015-10-27 07:13 - 2013-11-12 22:26 - 00159902 _____ C:\Windows\system32\perfc007.dat 2015-10-27 07:13 - 2013-11-12 21:54 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-24 18:57 - 2014-10-30 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-24 18:40 - 2014-11-17 19:07 - 00000000 ____D C:\.jagex_cache_32 2015-10-24 18:39 - 2015-09-05 08:56 - 00000000 ____D C:\Users\Sonny\.oracle_jre_usage 2015-10-24 18:37 - 2014-10-30 16:56 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-10-24 18:37 - 2014-08-07 20:09 - 00000000 ____D C:\Program Files (x86)\Java 2015-10-24 13:41 - 2014-11-17 19:07 - 00000023 _____ C:\Users\Sonny\jagexappletviewer.preferences 2015-10-24 13:40 - 2014-11-17 19:07 - 00000044 _____ C:\Users\Sonny\jagex_cl_runescape_LIVE.dat 2015-10-23 20:43 - 2014-10-13 18:31 - 00000000 ____D C:\Users\Sonny\jagexcache 2015-10-22 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2015-10-22 14:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\tracing 2015-10-21 17:49 - 2014-12-23 12:23 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-10-20 18:20 - 2014-04-27 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2015-10-20 18:19 - 2015-08-12 19:29 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-20 18:12 - 2015-07-07 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-10-20 18:12 - 2014-11-01 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-19 21:10 - 2014-07-31 20:18 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-10-19 19:45 - 2014-07-23 19:27 - 00000000 ____D C:\Users\Sonny\AppData\Local\Google 2015-10-18 11:26 - 2014-07-23 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-18 11:25 - 2014-12-11 21:01 - 00000000 ____D C:\Windows\system32\appraiser 2015-10-18 11:25 - 2014-07-25 18:55 - 00000000 ___SD C:\Windows\system32\CompatTel ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2005-04-08 03:16 - 2015-02-28 22:03 - 0142572 ____H () C:\Users\Sonny\AppData\Roaming\Sonnylog.dat 2015-10-21 20:42 - 2015-10-21 20:42 - 1852453 _____ () C:\Users\Sonny\AppData\Local\curl.zip 2015-10-21 20:42 - 2015-10-21 20:42 - 0000002 _____ () C:\Users\Sonny\AppData\Local\OczLpK.vbs 2015-03-23 18:53 - 2015-10-11 11:58 - 0007605 _____ () C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg 2015-06-20 15:06 - 2015-06-20 15:06 - 0000003 _____ () C:\Users\Sonny\AppData\Local\updater.log 2015-06-20 15:06 - 2015-10-02 11:12 - 0000424 _____ () C:\Users\Sonny\AppData\Local\UserProducts.xml Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Sonny\matrix_cl_CloudIn_LIVE.dat ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-07 22:46 ==================== Ende von FRST.txt ============================ |
Themen zu Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht |
admins, aktualisiert, ausführen, bildschirm, blick, cmd, community, desktop, funktioniert, google, krieg, langer, nicht mehr, ordner, problem, programme, rechtsklick, schei, screen, screenshot, sobald, tipps, wenige, windows, ähnliches |