| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Plötzlich spielt sich Ton ab.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.11.2015, 20:23
| #1 |
| |  Plötzlich spielt sich Ton ab. Guten Tag, wie oben schon beschrieben. Ich habe keine Ahnung woran es liegt oder was es sein könnte da ich nicht sehr viel Ahnung von Viren habe. Zur Beschreibung: Ich sitze ganz normal vor meinem PC und plötzlich fängt irgendeine Werbung an sich abzuspielen aber nirgends zu finden. Ich schließe alle mir unbekannten Prozesse im TaskManager und es hört nicht auf. Daraufhin schließe ich alle offenen Programme aber es hört immer noch nicht auf. Das Problem hatte ich schon mal mit einer mir unbekannten Webseite deren Name ich leider nicht mehr im Gedächtnis habe. Damals hat sich dieses Video erst abgespielt und sobald ich was angeklickt habe hat sich diese Webseite geöffnet. Daraufhin habe ich Skype deinstalliert da ich es nicht gebraucht habe zu dem Zeitpunkt. somit war dieses Problem gelöst. Jedoch habe ich mir letztens wieder Skype Installiert da ich es für Private zwecke benötige. Somit hat das Problem wieder angefangen aber dieses mal öffnet sich keine Webseite. |
|
22.11.2015, 07:28
| #2 |
| /// the machine /// TB-Ausbilder    | Plötzlich spielt sich Ton ab. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
22.11.2015, 13:14
| #3 |
| | FRST.txtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von user (Administrator) auf SVEN-PC (22-11-2015 13:09:45)
Gestartet von C:\Users\user\Downloads
Geladene Profile: user (Verfügbare Profile: user & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\user\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Trust) C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6418.23501.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6469736 2012-03-06] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4244744 2012-07-17] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Trust Gaming Mouse] => C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe [960512 2012-02-07] (Trust)
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-10-11]
ShortcutTarget: MEGAsync.lnk -> C:\Users\user\AppData\Local\MEGAsync\MEGAsync.exe (Keine Datei)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{afc01c71-c839-4d1e-8368-de79f0c5960c}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=hmp
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000 - (Kein Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - Keine Datei
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000 -> {40C011C5-BB03-48A0-A96D-244601255442} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=835367E5-1F3E-4A47-A257-E03A2627B9E1&apn_sauid=97FA8FDE-3331-4075-89ED-4C1EEF39F619
SearchScopes: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000 -> {D536C490-0A34-4F46-902D-8E962EB6FFA0} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020&SSPV=TB_IEOB19
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-02-19] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-07-23] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-07-23] (Oracle Corporation)
BHO-x32: Kein Name -> {71e129ff-6c2a-4984-818c-7e2c998b8d99} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
Toolbar: HKU\.DEFAULT -> Kein Name - {5786D022-540E-4699-B350-B4BE0AE94B79} - Keine Datei
Toolbar: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000 -> Kein Name - {5786D022-540E-4699-B350-B4BE0AE94B79} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default
FF DefaultSearchEngine: default-search.net
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=hmp
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-07-23] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-15] ()
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\user.js [2014-11-15]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\searchplugins\ashampoo-de-customized-web-search.xml [2013-02-22]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\searchplugins\askcom.xml [2013-02-20]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\searchplugins\default-search.xml [2014-05-18]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\default-search.xml [2014-05-18]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [nicht gefunden]
FF Extension: SaveSense - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [2014-11-15] [ist nicht signiert]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-20] [ist nicht signiert]
FF Extension: Better Battlelog (BBLog) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack [2015-07-23] [ist nicht signiert]
FF Extension: Ashampoo DE - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\Extensions\{5786d022-540e-4699-b350-b4be0ae94b79} [2015-07-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
Chrome:
=======
CHR HomePage: Default -> hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=hmp
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0\plugin/online_banking_npapi.dll => Keine Datei
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0\plugin/content_blocker_npapi.dll => Keine Datei
CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\npBP4FUpdater.dll => Keine Datei
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0\plugin/npABPlugin.dll => Keine Datei
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll => Keine Datei
CHR Plugin: (Battlelog Game Launcher) - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll => Keine Datei
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Keine Datei
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Unity Player) - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Keine Datei
CHR Plugin: (Facebook Desktop) - C:\Users\user\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll => Keine Datei
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\user\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Google Talk Plugin) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npo1d.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll => Keine Datei
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-08-01]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Kaspersky Protection) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-24]
CHR Extension: (Facebook Ads Blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhojjeeaapcofdjleiamnokcfdnna [2012-10-19]
CHR Extension: (EditThisCookie) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2015-04-18]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-17]
CHR Extension: (Plug+) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jflocljnfndnnnlmfaamgbkbibnfmlkf [2014-09-26]
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2013-04-23]
CHR Extension: (Download Master) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2013-11-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (ProxPrice) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2015-04-09]
CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\user\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\user\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\user\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx <nicht gefunden>
StartMenuInternet: Google Chrome - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-23] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-04] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [45832 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-21] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-11-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-13] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-13] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-21] (Microsoft Corporation)
S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-09-21] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-21] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll [504832 2015-09-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-20] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [925064 2015-10-20] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-20] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-21] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-22 13:09 - 2015-11-22 13:09 - 02345984 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2015-11-22 13:09 - 2015-11-22 13:09 - 00035055 _____ C:\Users\user\Downloads\FRST.txt
2015-11-22 13:09 - 2015-11-22 13:09 - 00000000 ____D C:\FRST
2015-11-22 13:08 - 2015-11-22 13:08 - 00016148 _____ C:\WINDOWS\system32\SVEN-PC_user_HistoryPrediction.bin
2015-11-11 15:08 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 15:08 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 15:08 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 15:08 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 15:08 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 15:08 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 15:08 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 15:08 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 15:08 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 15:08 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 15:08 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 15:08 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 15:08 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 15:08 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 15:08 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 15:08 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 15:08 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 15:08 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 15:08 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 15:08 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 15:08 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 15:08 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 15:08 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 15:08 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 15:08 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 15:08 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 15:08 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 15:08 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 15:08 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 15:08 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 15:08 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 15:08 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 15:08 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 15:08 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 15:08 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 15:08 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 15:08 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 15:08 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 15:08 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 15:08 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 15:08 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 15:08 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 15:08 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 15:08 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 15:08 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 15:08 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 15:08 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 15:08 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 15:08 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 15:08 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 15:08 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 15:08 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 15:08 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-04 21:55 - 2015-11-04 21:55 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-04 21:55 - 2015-11-04 21:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-04 21:55 - 2015-11-04 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-04 21:53 - 2015-11-04 21:53 - 01503872 _____ (Skype Technologies S.A.) C:\Users\user\Downloads\SkypeSetup.exe
2015-11-04 21:47 - 2015-11-04 21:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\user\Downloads\revosetup.exe
2015-11-04 21:47 - 2015-11-04 21:47 - 00001341 _____ C:\Users\user\Desktop\Revo Uninstaller.lnk
2015-11-04 21:47 - 2015-11-04 21:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-22 13:10 - 2013-05-24 21:41 - 00000000 ____D C:\Users\user\AppData\Roaming\NetSpeedMonitor
2015-11-22 13:10 - 2012-07-20 17:27 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2015-11-22 13:08 - 2014-03-28 00:32 - 00000924 _____ C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2015-11-22 13:08 - 2013-04-15 17:40 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 13:08 - 2012-08-28 16:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-11-22 13:08 - 2012-07-20 17:40 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-22 13:07 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-22 01:30 - 2012-07-20 18:42 - 00000000 ____D C:\Users\user\AppData\Roaming\TS3Client
2015-11-22 01:29 - 2012-07-20 23:18 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000UA.job
2015-11-22 01:19 - 2013-04-15 17:40 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-22 00:46 - 2015-02-22 10:28 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-22 00:37 - 2014-03-28 00:32 - 00000928 _____ C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2015-11-21 17:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-20 16:29 - 2012-07-20 23:18 - 00001064 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000Core.job
2015-11-20 12:23 - 2015-09-21 20:59 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-20 12:23 - 2015-07-10 17:34 - 00883662 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-20 12:23 - 2015-07-10 17:34 - 00195796 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-20 12:21 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-20 12:17 - 2015-09-21 20:57 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-20 12:17 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-19 19:50 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-18 14:57 - 2015-02-19 21:53 - 00000000 ____D C:\ProgramData\ProductData
2015-11-13 21:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 22:44 - 2015-09-21 20:52 - 00012418 _____ C:\WINDOWS\PFRO.log
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-11-11 15:46 - 2015-10-19 22:47 - 00000000 ____D C:\Users\user\Desktop\Ventilator - Die Orsons
2015-11-11 15:44 - 2012-10-22 13:40 - 00008704 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-11 15:37 - 2012-08-01 12:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 15:36 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 15:33 - 2014-03-01 15:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 15:23 - 2012-07-25 03:40 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-04 21:55 - 2014-03-03 19:20 - 00000000 ____D C:\Users\user\AppData\Local\Skype
2015-11-04 21:55 - 2012-07-20 17:27 - 00000000 ____D C:\ProgramData\Skype
2015-11-03 19:20 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 19:12 - 2012-07-20 18:10 - 00000000 ____D C:\Users\user\Downloads\Spiele
2015-11-02 23:05 - 2012-07-20 17:45 - 00000000 ____D C:\ProgramData\Origin
2015-11-02 19:44 - 2014-07-10 14:54 - 00001313 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2015-11-02 19:44 - 2012-12-25 17:11 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-02 18:55 - 2012-07-20 17:42 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-01 16:54 - 2014-12-24 13:31 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 00:54 - 2012-07-20 18:41 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-26 13:15 - 2015-09-21 21:46 - 00000000 ____D C:\Windows.old
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-06-17 20:04 - 2013-06-17 20:05 - 349319464 _____ () C:\Users\user\AppData\Roaming\.minecraft.rar
2013-02-01 13:41 - 2013-02-01 13:45 - 0000005 _____ () C:\Users\user\AppData\Roaming\version.ini
2014-03-28 19:33 - 2014-03-31 21:34 - 0000084 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2012-10-22 13:40 - 2015-11-11 15:44 - 0008704 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-08 22:04 - 2013-12-08 22:04 - 0000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND
2012-08-03 12:15 - 2013-10-06 00:16 - 0007605 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2012-07-25 13:50 - 2012-07-25 13:50 - 0017408 _____ () C:\Users\user\AppData\Local\WebpageIcons.db
2015-07-22 15:42 - 2015-07-22 15:42 - 0000000 _____ () C:\Users\user\AppData\Local\{6592B99C-4F52-4663-9DFD-6F004FEF430E}
2014-10-23 23:30 - 2014-08-24 23:30 - 0000032 ____R () C:\ProgramData\hash.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat
Einige Dateien in TEMP:
====================
C:\Users\user\AppData\Local\Temp\0098316e-ee51-4d67-9089-95ed719cde2e.exe
C:\Users\user\AppData\Local\Temp\a4087b60-5c58-41ce-ba10-d0bf34a71bdc.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-20 13:10
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von user (2015-11-22 13:11:16)
Gestartet von C:\Users\user\Downloads
Windows 10 Home (X64) (2015-09-21 20:21:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3869212048-3077100759-3598159068-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3869212048-3077100759-3598159068-503 - Limited - Disabled)
Gast (S-1-5-21-3869212048-3077100759-3598159068-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3869212048-3077100759-3598159068-1003 - Limited - Enabled)
user (S-1-5-21-3869212048-3077100759-3598159068-1000 - Administrator - Enabled) => C:\Users\user
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.6.2.40658 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
ClipGrab 3.4.9 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien)
CPUID HWMonitor 1.23 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DayZ Commander (HKLM-x32\...\{67686439-FBC8-4342-9748-D42BA10F7994}) (Version: 0.9.90 - Dotjosh Studios)
DayZLauncher version 0.0.0.7 (HKLM-x32\...\{E31045B4-9DB5-44DF-9EBD-BD4CFDE640FD}_is1) (Version: 0.0.0.7 - Maca134)
Dropbox (HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gameforge Live 1.5.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.5.0 - Gameforge)
Google Chrome (HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 1.0.24.3739 - Intel(R) Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSI Kombustor 2.3.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.5 - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.6.0.357 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.5 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Crew Wild Run Beta (HKLM-x32\...\Uplay Install 2356) (Version: - Ubisoft)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
Trust Gaming Mouse (HKLM-x32\...\{1EDE0243-CA4E-4613-B87B-C6B57C76C17C}) (Version: 1.0.0 - Trust)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Zoner Photo Studio - Weihnachten (HKLM\...\ZonerPhotoStudio17_Christmas_Envelopes_DE_is1) (Version: 17.0.1.4 - ZONER software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_DE_is1) (Version: 16.0.1.9 - ZONER software)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
13-11-2015 21:06:56 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01FE68F2-89F4-4533-B140-C68764F0D899} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3869212048-3077100759-3598159068-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {090A7C94-0BFC-4D7D-8C43-B464571EC44F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3869212048-3077100759-3598159068-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {0BF02A43-3391-440D-AE66-75DE7950AC18} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {0D81CC76-F132-473C-97A4-9C593D8EB2B7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {11C30311-7A77-4DF2-A3C8-D556BB82DE5D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {1F8EC2BC-BEAF-48C1-94F4-9FC2165B5E37} - System32\Tasks\{34E1C8FE-19C3-4E59-8B33-75A2190A14E5} => C:\Users\user\Downloads\Feed the Beast\FTB_Launcher.exe
Task: {22BCB910-BC8B-4FBB-97E9-A18140877C62} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {235B2DA7-7230-4AE4-948A-31623806898B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {242B54A1-55E7-40ED-8EF9-EAC5CE8A534C} - System32\Tasks\{73E5B872-9157-40AD-9F91-296B48EFA7EB} => pcalua.exe -a D:\setup.exe -d D:\
Task: {296AB9EE-5D32-4388-9FFE-7053E07EA311} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {37CBE56C-BDB0-48EF-96DC-EC747BDE86BD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {3EE96318-224A-4768-AFF5-0A3661A1A120} - System32\Tasks\{3C9A4561-0F5C-4CF0-B4A4-33D6CAF5910C} => pcalua.exe -a "C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe" -d "c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead"
Task: {42F4C33C-3841-486D-B50C-D7E0D5B61173} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4499D9F5-E3FE-4B71-98C6-74FA59A341A8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {48AF9EE3-367F-42B4-810B-046FC9E532F0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {4F97AC52-698B-439E-8A47-FA9A052B50E2} - System32\Tasks\SaveSense => C:\Users\user\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: {50063C13-058C-4710-B70F-BBC39FA38A58} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {53C512E0-9986-4F6F-8918-BED03D8BE92D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {5447CA27-DB16-44D0-9038-29955A5CF2C8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {562B82FB-1222-4877-A40D-4668831E5FD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5A1E01D4-905D-496D-A321-0455B588BD94} - System32\Tasks\Uninstaller_SkipUac_user => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-02-19] (IObit)
Task: {602A04CA-C26B-43BA-9B15-0DD04E17D542} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {6808CDA3-2AED-4782-B4BC-F513F61F7566} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6A26C304-8E00-46BD-87B8-2702D7C6749B} - System32\Tasks\{694B5FCB-E8A5-4728-A933-2B23AAF3FED4} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/33930
Task: {703C678A-AEE2-42C0-B6F0-D8A8C36FB694} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3869212048-3077100759-3598159068-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {719DA14F-BA39-40E7-9698-3209C5B8CC3E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7613E788-6A2A-4559-98BA-A3BF3BD7ECB2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3869212048-3077100759-3598159068-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {76145003-061E-4715-B400-05C4B2E34154} - System32\Tasks\{031C34B9-B9E4-4068-A03F-028E000FABF4} => C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe [2015-08-15] ()
Task: {7F9C7069-46BC-4DBF-B256-B0BEA864B6F3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {80D9EF05-6DD4-463A-9496-D7FCD4269DCA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {81E512F0-D30C-40B5-A34B-2D1762C71DE7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {8E60728A-BD46-496C-9A16-2A65CF94EADA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {9109A9E9-849B-479C-B861-9363CB7D673A} - System32\Tasks\{459E61AA-2463-4666-999D-372E744726E4} => pcalua.exe -a C:\Users\user\Desktop\3GP_Converter034\Setup.exe -d C:\Users\user\Desktop\3GP_Converter034
Task: {9141E804-4079-4B20-967C-06AAC6780F7F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {94DE5416-71C8-4408-9026-233EB3B86377} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {9A8A1993-F97B-4573-98FA-35B28726A7B5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {9C578D27-818E-4693-A781-BFB2A3C9D884} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A13E3ECD-330A-4ED1-8CB4-3FE4F27720F5} - System32\Tasks\{CC3D42CD-8CB1-4E1B-B565-20FA2A185775} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {A324A420-B3B1-461A-A69C-70ECFAA665D3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {AD075662-7F88-4CCE-B42B-81594F83155B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {B456E92D-57DE-4311-B706-558049A03F0D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B8B57F25-3D94-46B2-AECC-879B132256DB} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3869212048-3077100759-3598159068-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {BB4150F8-E1D6-40AE-BDB5-C326E93E1651} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C75BFF62-DC9D-494C-89D9-DCE2916F2588} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ACHTUNG
Task: {CFEB0B82-4276-4C97-8D45-9E7B0BC3FC7C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {D0C0059C-9AB2-4681-957F-B17EE38E3384} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {D14FB81B-1773-4DC6-835C-E3FF80137186} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DA9F7DC4-73B2-4270-862D-96D71AF68794} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DDD68B25-BFFB-4C0D-81FA-B73454AF6672} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DF9BFE7B-081A-4947-A06B-659616E13E37} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ACHTUNG
Task: {E1D6FD98-FF3A-4BBF-8918-B5502E82E353} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E81FBE76-6FA8-4307-8E09-3C8DB8BCD170} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {E9C4336F-E644-46DF-9810-848A56226AD5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F518261F-A1D2-4A27-A43B-86911A780D95} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F7FBC0CD-97EF-422C-81E6-116356B243AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SaveSense.job => C:\Users\user\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_user.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-21 21:45 - 2015-09-21 21:45 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-21 21:45 - 2015-09-21 21:45 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-05-13 22:31 - 2015-05-13 22:31 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-09-21 20:57 - 2015-08-07 01:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-04 10:06 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-10-04 10:06 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-04 10:06 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-04 10:06 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-04 10:06 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-04 10:06 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-04 10:06 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-19 15:24 - 2015-11-19 15:25 - 00048128 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-07-08 22:18 - 2015-07-08 22:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-02-19 21:53 - 2015-02-19 21:53 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2012-07-03 20:23 - 2012-02-21 05:09 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-07-03 20:25 - 2012-07-17 16:13 - 00030472 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\ProcessPrivileges.dll
2012-07-03 20:25 - 2012-07-17 16:13 - 00215304 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\System.ComponentModel.Composition.dll
2012-07-03 20:25 - 2012-07-17 16:13 - 00051464 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.TaskScheduler.dll
2012-07-03 20:25 - 2012-07-17 16:13 - 00076040 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.WUApiLib.dll
2015-07-02 11:53 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-11 22:39 - 2015-11-07 05:36 - 01532744 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-11 22:39 - 2015-11-07 05:36 - 00081224 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\libegl.dll
2015-10-17 10:57 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-10-17 10:57 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-10-17 10:57 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-10-17 10:57 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-17 10:57 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-17 10:57 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-17 10:57 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-17 10:57 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-10-17 10:57 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-10-17 10:57 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-10-17 10:57 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-10-17 10:57 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-10-17 10:57 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-07-03 20:25 - 2012-07-17 16:14 - 00215304 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll
2012-07-03 20:25 - 2012-07-17 16:14 - 00051464 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll
2015-11-11 22:39 - 2015-11-07 05:36 - 16496456 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\aeriagames.com -> hxxp://aeriagames.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\Pictures\Sinnloser Kram\Bf3.png
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Facebook Update => "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: RoccatPowerGrid => "C:\Program Files (x86)\ROCCAT\Power-Grid\ROCCATPowerGrid.exe" /m
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
MSCONFIG\startupreg: Zoner Photo Studio Service 16 => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{2F36F4CD-96E8-4A7B-B75C-3948E24DC810}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{90231E46-92E6-4A87-9A44-70F8C9C73FF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{4E580276-536F-425F-8A8B-31060A637056}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{75805A10-5EB6-491F-8675-C876A33AA4FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{63E39856-7D8A-4C8E-AC66-0068074C42DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9BC646E3-BC3D-4E0A-8315-158BFE6BB3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{09A6B8C1-E61A-4440-9FF7-584A8B305B3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A91A99E1-F61A-41CB-BC3F-3D1B8AAB327B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\quadrant\workshop\uploadWorkshopItem.exe
FirewallRules: [{14FAE0B0-DE66-49D6-9C35-6F7D0ADCD820}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\quadrant\workshop\uploadWorkshopItem.exe
FirewallRules: [{F98F8AB0-CEFC-4BAF-9BC8-E134DF94C5BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{8E4057F0-AB2A-4165-8BBD-A7C1C8EC2BD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BDCB09E6-F9E6-4ACE-AEF3-EE7DDFC17E0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\quadrant\quadrant.exe
FirewallRules: [{3915EAF8-1973-4C64-A307-8F9BA1B1F03B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\quadrant\quadrant.exe
FirewallRules: [{397C6A48-B07E-4292-9A8E-2C3723830733}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fort Defense\Game.exe
FirewallRules: [{FB8CDD15-C2CE-4C32-8550-220D382C1F0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fort Defense\Game.exe
FirewallRules: [{B16D4B8A-A3CF-4FD8-8F48-D3FE251B9745}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9986DBD8-5C6E-4A79-B8FA-BF50FC2F74FF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{3E62B32C-3514-43AD-9540-99D71ED0E071}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{25133F69-1A8D-4B40-B055-5039DD68C82F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{77AA95BF-FFEB-4996-B173-3BC294495F9A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8D05C2BB-CEEA-4E4D-820E-E49F2670835F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{795E2EA7-77BD-4D38-8022-9DF74BE40D71}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8AFDD757-6580-43B6-B3A7-B9A27B3D67A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E5AA1B68-6572-40E7-BCBC-62E94B16FAF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B2EBD4C9-AD4E-4FD7-9B0D-6E1B3F49DEAA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CFAF775D-F4D4-4E66-9174-0813D6E56AC3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{589CAB3F-6A28-4049-B2CF-38D60018243A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E690FABD-1879-4B6C-B921-A6666E0C7B63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{97AEF055-D8C1-410C-8C2B-84F150D7AC4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{9DDFA2EA-D723-4DE7-93B2-7D5BAE027C8D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{505FBFAF-69B2-4210-AF02-963362A8CE89}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{1A3FC55A-FFAF-44DD-AB9F-51734D2B400D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{D92C907A-AB64-4469-967A-038FC37BAD78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{4FC97440-6234-4928-B47E-44E84AEEB247}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{17CAA787-DD68-40EF-BE7A-DEDD21287C7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2EC11C0B-A6D6-4E8F-B6EC-B1E05B980B20}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{147656A1-2FD0-4559-80FD-7AF92EC13CFF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{6FE459CE-608A-4674-AFF6-46F50EFA25B2}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{15452CD4-916A-454A-9BCF-6E273ACD71EE}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{ED9AFA2D-3540-4323-AAD6-6D20F3574BDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{79EBD382-64F5-494A-BC41-A88A8480058B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{53A2429F-9712-49B9-BBD2-D98E011F49E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{E0F13B50-A02B-4FF2-B4AD-63D51AC87389}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [UDP Query User{F16B7B1C-C95E-4A6D-86A9-23FA7EAFED67}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [TCP Query User{99C5C194-EBB1-430F-8FA5-E1DEDE36A686}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{B1DCE854-0171-416E-A8F2-C155FBC6452E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{02677D06-4AFD-48EF-B904-8E9D7F9BC48E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{138CB28A-C8AC-4E55-B739-B52E9843F743}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C21A247F-874F-4232-A4CB-38A81D39309A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{17EF5106-C189-4E38-AA88-E48019F1923C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{C1FF6D29-9D93-4A42-B799-974587A6EA7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8EBF1291-3BE8-4A04-BC07-C279DD15E5A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E403FA1B-8166-422C-8EB8-84FAF2648D50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07D5CBCF-6DD6-4192-A19C-D623D448A546}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{37A803B2-C1A2-41C3-ABBA-2CF750082D48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{3BEC43FD-A3B8-48CB-AA13-3FAC7CC51A83}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{A1C765C3-B77F-4029-82FE-9471BEF97450}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{199E6F8A-9F57-4D74-9A39-7331F326FD9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{36B24EAA-C715-4CEB-9327-C30EFD1518C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{81F131D0-506A-49DA-B737-5F8B065194FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{D0653B2B-E067-4E07-A542-DD245A6AB16C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{9AA18634-A449-407F-ACA9-0061DF00FC2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6977F39C-50CE-4740-B2B9-3FC99E5B2664}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0F85323E-2FFF-4095-A5A5-4884B3539080}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C2A4CAD2-2691-4A4A-8472-2A07329AB0E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B5BBA7CF-93A1-4C54-96C0-9B2BC8FF36C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{14853B85-63F2-4E52-A4F3-A6389AFF483A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4B664FE5-8543-47F6-82F1-23744DB3073E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{00B56BB6-8AB7-427D-9F88-4D84BECC41B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F1152C17-1278-4F7E-A68A-619ED2938459}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3790D204-F8D3-478F-94B4-77D9331EE2FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E654092-E744-49A6-A568-F2BFB8F30C71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2526AF1C-3DE3-4E2A-83E7-61F4903E5933}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B00AE325-02F4-44DA-9E89-7E11074BB975}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{4B5EA2DB-9E57-4413-B460-B1EA9BE6658E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{FB677CBF-D258-4830-88EF-8042A3863CD8}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{8C3A3707-A504-4AD4-A9CB-421705F4B375}] => (Block) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{99BA96EC-21FA-49CA-B332-01DA2FB62467}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{743444CA-F2E7-4AD1-8232-5CD44B13B92B}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{F46EE21E-C2C3-4B90-9218-B7B8AAE624BB}C:\users\user\downloads\installer\utorrent.exe] => (Allow) C:\users\user\downloads\installer\utorrent.exe
FirewallRules: [TCP Query User{7A568A36-76A7-441B-90AA-55AD7BEA3C7D}C:\users\user\downloads\installer\utorrent.exe] => (Allow) C:\users\user\downloads\installer\utorrent.exe
FirewallRules: [{65B3B04E-67FA-4FE9-9411-634F28A65AB7}] => (Allow) C:\Program Files (x86)\War Thunder\launcher.exe
FirewallRules: [{E656136F-01DA-42CF-AF4F-8B111B17F4A6}] => (Allow) C:\Program Files (x86)\War Thunder\launcher.exe
FirewallRules: [{EBA4252C-941F-4303-9662-A67674D6E576}] => (Allow) C:\Program Files (x86)\Steam\steam.exe
FirewallRules: [{E8465BE2-C631-4AF5-A0D9-106FB3770EEB}] => (Allow) C:\Program Files (x86)\Steam\steam.exe
FirewallRules: [{F7543A98-2C50-4EDF-8BE8-D0A446F4C482}] => (Block) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4m.dat
FirewallRules: [{A204FEE8-777A-4303-8606-3757B9BFA096}] => (Block) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4m.dat
FirewallRules: [UDP Query User{42FE8C79-4D9F-40B4-B7DC-18FD3A5BDACA}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4m.dat] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4m.dat
FirewallRules: [TCP Query User{FD0DE69E-5AAF-4F62-8032-AEABA15CDBBC}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4m.dat] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4m.dat
FirewallRules: [{3D058519-928B-4DCB-B751-5974B94D4418}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D6A099D4-4364-48E5-BF73-C6B473979E38}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D2158F9A-DCFD-4692-92CA-CE6C0371604B}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{409DFD31-821A-45D7-AC46-3D01D58DF038}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{097E993E-76E5-4628-88DE-6221C58EDB70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{577964BF-7FA4-42F2-A0E5-74D7A266FCA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{FB1D00F1-8508-41FB-AEFF-C3B78774558C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D9F572B9-19C1-4A0B-BB2A-2C9AE152ACC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{7458885B-37E7-48ED-B722-0A5E45EE1001}] => (Block) C:\users\user\documents\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [{A752B966-831B-4A0D-A2BA-C5A62AB8F8A8}] => (Block) C:\users\user\documents\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{E672B149-5BF7-42B2-BB9A-1DF3719D1010}C:\users\user\documents\arma 2\expansion\beta\arma2oa.exe] => (Allow) C:\users\user\documents\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{3E0163B5-C062-45E7-9F0D-014DC7095114}C:\users\user\documents\arma 2\expansion\beta\arma2oa.exe] => (Allow) C:\users\user\documents\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [{1AF9969B-20A6-47E1-8148-C84696DB6450}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [{BC971D2A-B51C-4A10-BD19-EE96021CEE4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [{82F986D4-30C2-4694-9D7F-109DFB525175}] => (Block) C:\games\world_of_tanks - kopie\worldoftanks.exe
FirewallRules: [{0E67F727-394C-4F77-9282-01755D27A0F4}] => (Block) C:\games\world_of_tanks - kopie\worldoftanks.exe
FirewallRules: [UDP Query User{B97411FE-CD60-4058-9FF7-3FB4839EC881}C:\games\world_of_tanks - kopie\worldoftanks.exe] => (Allow) C:\games\world_of_tanks - kopie\worldoftanks.exe
FirewallRules: [TCP Query User{3656A415-6B07-4817-A24A-2F4FD512320C}C:\games\world_of_tanks - kopie\worldoftanks.exe] => (Allow) C:\games\world_of_tanks - kopie\worldoftanks.exe
FirewallRules: [{24572E0A-1B54-4F3F-B7F4-DE0CC469CC6A}] => (Block) C:\games\world_of_tanks - kopie\wotlauncher.exe
FirewallRules: [{DF88B47E-CB93-4942-B42D-A0CA3557CC13}] => (Block) C:\games\world_of_tanks - kopie\wotlauncher.exe
FirewallRules: [UDP Query User{1D4962E8-95E2-429D-9A37-E73C5AAC79CF}C:\games\world_of_tanks - kopie\wotlauncher.exe] => (Allow) C:\games\world_of_tanks - kopie\wotlauncher.exe
FirewallRules: [TCP Query User{E0B668AD-072A-4AA6-A250-51FBCE1FC84B}C:\games\world_of_tanks - kopie\wotlauncher.exe] => (Allow) C:\games\world_of_tanks - kopie\wotlauncher.exe
FirewallRules: [{FB7B2FAA-F584-415E-A427-D0F92E0C3573}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{12CF140C-B9C5-4149-BFF7-42B6BD28CADE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{10895288-461E-496A-9D94-9FA1B16472EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C91348CA-A62A-481B-A7B8-3E373DFEE9F9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{49D280C2-43CA-44AF-BD06-2B4657436ED0}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{8C834922-5BF5-477E-A7EA-B567DA74999D}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{980FC345-70DE-4585-87EA-54694733CD1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{204D3E04-37FA-40CD-B3F5-83CBC6203B99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{C5E3A566-73B6-4BED-A2FE-ECA72DB478FF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew Wild Run Beta\TheCrew.exe
FirewallRules: [{544C7C85-A223-4E7A-B61F-D680AA907EC1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew Wild Run Beta\TheCrew.exe
FirewallRules: [{846AD3DC-B4CD-4755-8E5C-CABB93F5FD68}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{5168B64C-B737-4149-8596-813E3CCD2BB6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{413EA04C-8198-4464-B5CE-E210B6F915AA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D8422896-C1DB-4184-A043-F5122C698E0D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{28013DF1-C698-4392-9BB3-3FE5F9CCDA4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/22/2015 01:30:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/20/2015 04:47:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/19/2015 07:49:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/19/2015 00:32:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/17/2015 11:17:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/17/2015 05:05:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Video.UI.exe, Version 1.6.1508.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 32c8
Startzeit: 01d1215060aa7952
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe\Video.UI.exe
Berichts-ID: 0fd457fe-8d45-11e5-9bc9-8c89a5dbcc74
Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: Microsoft.ZuneVideo
Error: (11/16/2015 10:17:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/16/2015 07:35:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ts3client_win64.exe, Version 3.0.18.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2dd0
Startzeit: 01d12093f7a76819
Beendigungszeit: 5
Anwendungspfad: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
Berichts-ID: d6662703-8c90-11e5-9bc9-8c89a5dbcc74
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (11/15/2015 11:36:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/15/2015 03:46:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ts3client_win64.exe, Version 3.0.18.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ff0
Startzeit: 01d11fb40290806e
Beendigungszeit: 3
Anwendungspfad: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
Berichts-ID: aaea7161-8ba7-11e5-9bc9-8c89a5dbcc74
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Systemfehler:
=============
Error: (11/22/2015 01:30:41 AM) (Source: DCOM) (EventID: 10010) (User: SVEN-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (11/22/2015 01:30:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/21/2015 06:06:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (11/21/2015 05:32:57 PM) (Source: DCOM) (EventID: 10016) (User: SVEN-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SVEN-PCuserS-1-5-21-3869212048-3077100759-3598159068-1000LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (11/20/2015 04:47:45 PM) (Source: DCOM) (EventID: 10010) (User: SVEN-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (11/20/2015 04:47:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/20/2015 00:32:47 PM) (Source: DCOM) (EventID: 10016) (User: SVEN-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SVEN-PCuserS-1-5-21-3869212048-3077100759-3598159068-1000LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (11/20/2015 00:23:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/20/2015 00:21:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Small Business Advantage" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/20/2015 00:21:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Small Business Advantage erreicht.
CodeIntegrity:
===================================
Date: 2015-11-13 18:24:46.042
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:24:45.999
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:24:45.969
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:24:45.907
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:24:45.864
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:24:45.827
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:24:44.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:24:44.678
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:12:48.327
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-13 18:12:48.287
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16322.19 MB
Verfügbarer physikalischer RAM: 12932.96 MB
Summe virtueller Speicher: 32706.19 MB
Verfügbarer virtueller Speicher: 29050.43 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931.29 GB) (Free:261.61 GB) NTFS
Drive e: (Sven Extern) (Fixed) (Total:465.66 GB) (Free:290.89 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: E2AAA176)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
23.11.2015, 19:09
| #4 |
| /// the machine /// TB-Ausbilder | Plötzlich spielt sich Ton ab. hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.11.2015, 21:08
| #5 |
| | mbar-log-2015-11-23 (20-30-47) Ich musste komischerweise meinen PC nicht neustarten, bzw wurde nicht danach gefragt. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.11.23.07
rootkit: v2015.11.23.01
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16590
user :: SVEN-PC [administrator]
23.11.2015 20:30:47
mbar-log-2015-11-23 (20-30-47).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 419769
Time elapsed: 25 minute(s), 21 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
TDSSKiller Report 1/2 Code:
ATTFilter 21:02:02.0191 0x147c TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
21:02:02.0191 0x147c UEFI system
21:02:11.0150 0x147c ============================================================
21:02:11.0150 0x147c Current date / time: 2015/11/23 21:02:11.0150
21:02:11.0150 0x147c SystemInfo:
21:02:11.0150 0x147c
21:02:11.0150 0x147c OS Version: 10.0.10240 ServicePack: 0.0
21:02:11.0150 0x147c Product type: Workstation
21:02:11.0150 0x147c ComputerName: SVEN-PC
21:02:11.0150 0x147c UserName: user
21:02:11.0150 0x147c Windows directory: C:\WINDOWS
21:02:11.0150 0x147c System windows directory: C:\WINDOWS
21:02:11.0150 0x147c Running under WOW64
21:02:11.0150 0x147c Processor architecture: Intel x64
21:02:11.0150 0x147c Number of processors: 8
21:02:11.0150 0x147c Page size: 0x1000
21:02:11.0150 0x147c Boot type: Normal boot
21:02:11.0150 0x147c ============================================================
21:02:11.0424 0x147c KLMD registered as C:\WINDOWS\system32\drivers\99749442.sys
21:02:11.0696 0x147c System UUID: {DECFCEF9-69A3-A081-AC1F-40577ADBA0B5}
21:02:12.0184 0x147c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:02:12.0194 0x147c Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:02:13.0968 0x147c ============================================================
21:02:13.0968 0x147c \Device\Harddisk0\DR0:
21:02:13.0997 0x147c GPT partitions:
21:02:13.0997 0x147c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {BAA6EAD7-CD04-4E86-8FC9-4A1BB5176DD5}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
21:02:13.0998 0x147c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DEC80E60-BF16-4CDB-A5FB-8A4C71ACD38F}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
21:02:13.0998 0x147c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EFB5C48E-E250-4A85-92A3-48BC83D47364}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x74694000
21:02:13.0998 0x147c MBR partitions:
21:02:13.0998 0x147c \Device\Harddisk1\DR1:
21:02:13.0998 0x147c MBR partitions:
21:02:13.0998 0x147c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
21:02:13.0998 0x147c ============================================================
21:02:14.0029 0x147c C: <-> \Device\Harddisk0\DR0\Partition3
21:02:14.0051 0x147c E: <-> \Device\Harddisk1\DR1\Partition1
21:02:14.0051 0x147c ============================================================
21:02:14.0051 0x147c Initialize success
21:02:14.0051 0x147c ============================================================
21:02:35.0372 0x1c04 ============================================================
21:02:35.0372 0x1c04 Scan started
21:02:35.0372 0x1c04 Mode: Manual; SigCheck; TDLFS;
21:02:35.0372 0x1c04 ============================================================
21:02:35.0372 0x1c04 KSN ping started
21:02:37.0842 0x1c04 KSN ping finished: true
21:02:40.0233 0x1c04 ================ Scan system memory ========================
21:02:40.0233 0x1c04 System memory - ok
21:02:40.0234 0x1c04 ================ Scan services =============================
21:02:40.0412 0x1c04 [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
21:02:40.0528 0x1c04 1394ohci - ok
21:02:40.0587 0x1c04 [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
21:02:40.0611 0x1c04 3ware - ok
21:02:40.0651 0x1c04 [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:02:40.0673 0x1c04 ACPI - ok
21:02:40.0682 0x1c04 [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
21:02:40.0694 0x1c04 acpiex - ok
21:02:40.0706 0x1c04 [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
21:02:40.0726 0x1c04 acpipagr - ok
21:02:40.0745 0x1c04 [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
21:02:40.0816 0x1c04 AcpiPmi - ok
21:02:40.0830 0x1c04 [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
21:02:40.0868 0x1c04 acpitime - ok
21:02:40.0949 0x1c04 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:02:40.0964 0x1c04 AdobeARMservice - ok
21:02:41.0049 0x1c04 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:02:41.0068 0x1c04 AdobeFlashPlayerUpdateSvc - ok
21:02:41.0103 0x1c04 [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:02:41.0144 0x1c04 ADP80XX - ok
21:02:41.0181 0x1c04 [ A3D96563BF46FC8A0E5756B796127D14, BAD3C30714F6514D2AF725077A79FF671CC022E415786E1666C0B7C24CE3670A ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:02:41.0204 0x1c04 AFD - ok
21:02:41.0217 0x1c04 [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
21:02:41.0227 0x1c04 agp440 - ok
21:02:41.0244 0x1c04 [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:02:41.0290 0x1c04 ahcache - ok
21:02:41.0321 0x1c04 [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
21:02:41.0379 0x1c04 AJRouter - ok
21:02:41.0412 0x1c04 [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG C:\WINDOWS\System32\alg.exe
21:02:41.0462 0x1c04 ALG - ok
21:02:41.0478 0x1c04 [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
21:02:41.0524 0x1c04 AmdK8 - ok
21:02:41.0535 0x1c04 [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
21:02:41.0553 0x1c04 AmdPPM - ok
21:02:41.0568 0x1c04 [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:02:41.0579 0x1c04 amdsata - ok
21:02:41.0593 0x1c04 [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:02:41.0608 0x1c04 amdsbs - ok
21:02:41.0620 0x1c04 [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:02:41.0629 0x1c04 amdxata - ok
21:02:41.0677 0x1c04 [ E4AFE476D9F758514A8A571DF6A24372, A37055A2CDB577CC8B76D4B020924A6C68D94166C1C9A64F7C0E9E16692709FC ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
21:02:41.0729 0x1c04 AppHostSvc - ok
21:02:41.0745 0x1c04 [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:02:41.0756 0x1c04 AppID - ok
21:02:41.0768 0x1c04 [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:02:41.0819 0x1c04 AppIDSvc - ok
21:02:41.0829 0x1c04 [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:02:41.0858 0x1c04 Appinfo - ok
21:02:41.0886 0x1c04 [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
21:02:41.0985 0x1c04 AppReadiness - ok
21:02:42.0061 0x1c04 [ 43BE4036BC793A48BB0021B0FFF943CF, 233102A2B0D4B0527C6C2894EA5D14D556AD4C00BCFFC4E2B171F8B9DD200BAA ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
21:02:42.0173 0x1c04 AppXSvc - ok
21:02:42.0186 0x1c04 [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:02:42.0196 0x1c04 arcsas - ok
21:02:42.0297 0x1c04 [ BD63768F58666341BE007DAA21B3A063, 1D6112E97042E19E4D916AA22F8AEB7FCC2F36CA45F55049D77042DAF3B8847C ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:02:42.0317 0x1c04 aspnet_state - ok
21:02:42.0329 0x1c04 [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
21:02:42.0380 0x1c04 AsyncMac - ok
21:02:42.0404 0x1c04 [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:02:42.0415 0x1c04 atapi - ok
21:02:42.0460 0x1c04 [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:02:42.0554 0x1c04 AudioEndpointBuilder - ok
21:02:42.0588 0x1c04 [ 6300722E8527EC54D426FD00EE5196B2, 71376BE797E8F3E2E671167DA400239D5289DE7EE56CF29564C98715B9DB1D09 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
21:02:42.0672 0x1c04 Audiosrv - ok
21:02:42.0747 0x1c04 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
21:02:42.0760 0x1c04 AVP16.0.0 - ok
21:02:42.0786 0x1c04 [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:02:42.0801 0x1c04 AxInstSV - ok
21:02:42.0828 0x1c04 [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:02:42.0858 0x1c04 b06bdrv - ok
21:02:42.0873 0x1c04 [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:02:42.0921 0x1c04 BasicDisplay - ok
21:02:42.0925 0x1c04 [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
21:02:42.0942 0x1c04 BasicRender - ok
21:02:42.0958 0x1c04 [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
21:02:42.0964 0x1c04 bcmfn2 - ok
21:02:42.0979 0x1c04 [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:02:43.0034 0x1c04 BDESVC - ok
21:02:43.0067 0x1c04 [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:02:43.0114 0x1c04 Beep - ok
21:02:43.0190 0x1c04 [ 12A7660F0666033B98510A1C45EE0C34, 280350B3E960479A0CE4848916804950CF241846162955EB9D12E725CFF0ADD7 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
21:02:43.0263 0x1c04 BEService - ok
21:02:43.0315 0x1c04 [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE C:\WINDOWS\System32\bfe.dll
21:02:43.0376 0x1c04 BFE - ok
21:02:43.0428 0x1c04 [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS C:\WINDOWS\System32\qmgr.dll
21:02:43.0557 0x1c04 BITS - ok
21:02:43.0564 0x1c04 [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:02:43.0598 0x1c04 bowser - ok
21:02:43.0643 0x1c04 [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:02:43.0764 0x1c04 BrokerInfrastructure - ok
21:02:43.0801 0x1c04 [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser C:\WINDOWS\System32\browser.dll
21:02:43.0846 0x1c04 Browser - ok
21:02:43.0860 0x1c04 [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:02:43.0923 0x1c04 BthAvrcpTg - ok
21:02:43.0955 0x1c04 [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
21:02:44.0047 0x1c04 BthHFEnum - ok
21:02:44.0063 0x1c04 [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
21:02:44.0084 0x1c04 bthhfhid - ok
21:02:44.0108 0x1c04 [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
21:02:44.0131 0x1c04 BthHFSrv - ok
21:02:44.0144 0x1c04 [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
21:02:44.0162 0x1c04 BTHMODEM - ok
21:02:44.0177 0x1c04 [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv C:\WINDOWS\system32\bthserv.dll
21:02:44.0204 0x1c04 bthserv - ok
21:02:44.0227 0x1c04 [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
21:02:44.0292 0x1c04 buttonconverter - ok
21:02:44.0306 0x1c04 [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
21:02:44.0323 0x1c04 CapImg - ok
21:02:44.0335 0x1c04 [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:02:44.0351 0x1c04 cdfs - ok
21:02:44.0371 0x1c04 [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
21:02:44.0404 0x1c04 CDPSvc - ok
21:02:44.0419 0x1c04 [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
21:02:44.0443 0x1c04 cdrom - ok
21:02:44.0454 0x1c04 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:02:44.0477 0x1c04 CertPropSvc - ok
21:02:44.0486 0x1c04 [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
21:02:44.0498 0x1c04 circlass - ok
21:02:44.0517 0x1c04 [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
21:02:44.0534 0x1c04 CLFS - ok
21:02:44.0563 0x1c04 [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
21:02:44.0593 0x1c04 ClipSVC - ok
21:02:44.0618 0x1c04 [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
21:02:44.0668 0x1c04 CmBatt - ok
21:02:44.0705 0x1c04 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys
21:02:44.0722 0x1c04 cm_km - ok
21:02:44.0744 0x1c04 [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:02:44.0767 0x1c04 CNG - ok
21:02:44.0782 0x1c04 [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
21:02:44.0791 0x1c04 cnghwassist - ok
21:02:44.0841 0x1c04 [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
21:02:44.0862 0x1c04 CompositeBus - ok
21:02:44.0864 0x1c04 COMSysApp - ok
21:02:44.0876 0x1c04 [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
21:02:44.0919 0x1c04 condrv - ok
21:02:44.0961 0x1c04 [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
21:02:44.0992 0x1c04 CoreMessagingRegistrar - ok
21:02:45.0002 0x1c04 [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:02:45.0042 0x1c04 CryptSvc - ok
21:02:45.0074 0x1c04 [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam C:\WINDOWS\system32\drivers\dam.sys
21:02:45.0084 0x1c04 dam - ok
21:02:45.0134 0x1c04 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:02:45.0216 0x1c04 DcomLaunch - ok
21:02:45.0262 0x1c04 [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
21:02:45.0318 0x1c04 DcpSvc - ok
21:02:45.0340 0x1c04 [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:02:45.0372 0x1c04 defragsvc - ok
21:02:45.0388 0x1c04 [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:02:45.0423 0x1c04 DeviceAssociationService - ok
21:02:45.0453 0x1c04 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
21:02:45.0469 0x1c04 DeviceInstall - ok
21:02:45.0477 0x1c04 [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
21:02:45.0534 0x1c04 DevQueryBroker - ok
21:02:45.0571 0x1c04 [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
21:02:45.0598 0x1c04 Dfsc - ok
21:02:45.0648 0x1c04 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:02:45.0658 0x1c04 dg_ssudbus - ok
21:02:45.0676 0x1c04 [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:02:45.0739 0x1c04 Dhcp - ok
21:02:45.0773 0x1c04 [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:02:45.0793 0x1c04 diagnosticshub.standardcollector.service - ok
21:02:45.0855 0x1c04 [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
21:02:45.0918 0x1c04 DiagTrack - ok
21:02:45.0923 0x1c04 [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk C:\WINDOWS\system32\drivers\disk.sys
21:02:45.0934 0x1c04 disk - ok
21:02:45.0963 0x1c04 [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
21:02:46.0033 0x1c04 DmEnrollmentSvc - ok
21:02:46.0047 0x1c04 [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
21:02:46.0099 0x1c04 dmvsc - ok
21:02:46.0111 0x1c04 [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
21:02:46.0150 0x1c04 dmwappushservice - ok
21:02:46.0164 0x1c04 [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:02:46.0194 0x1c04 Dnscache - ok
21:02:46.0214 0x1c04 [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:02:46.0256 0x1c04 dot3svc - ok
21:02:46.0281 0x1c04 [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS C:\WINDOWS\system32\dps.dll
21:02:46.0345 0x1c04 DPS - ok
21:02:46.0379 0x1c04 [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:02:46.0397 0x1c04 drmkaud - ok
21:02:46.0430 0x1c04 [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
21:02:46.0509 0x1c04 DsmSvc - ok
21:02:46.0541 0x1c04 [ D920A8B070A9BA5C9DEFC3BA7C3883B5, 8EA05CDE58930EB16B4B502561AF2DB5229658FDC1948A9A8F249A7402C21398 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
21:02:46.0590 0x1c04 DsSvc - ok
21:02:46.0643 0x1c04 [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:02:46.0707 0x1c04 DXGKrnl - ok
21:02:46.0742 0x1c04 [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost C:\WINDOWS\System32\eapsvc.dll
21:02:46.0756 0x1c04 Eaphost - ok
21:02:46.0830 0x1968 Object required for P2P: [ 6300722E8527EC54D426FD00EE5196B2 ] Audiosrv
21:02:46.0866 0x1c04 [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:02:46.0968 0x1c04 ebdrv - ok
21:02:47.0004 0x1c04 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS C:\WINDOWS\System32\lsass.exe
21:02:47.0019 0x1c04 EFS - ok
21:02:47.0032 0x1c04 [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
21:02:47.0046 0x1c04 EhStorClass - ok
21:02:47.0058 0x1c04 [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:02:47.0071 0x1c04 EhStorTcgDrv - ok
21:02:47.0084 0x1c04 [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
21:02:47.0121 0x1c04 embeddedmode - ok
21:02:47.0137 0x1c04 [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
21:02:47.0174 0x1c04 EntAppSvc - ok
21:02:47.0181 0x1c04 [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
21:02:47.0192 0x1c04 ErrDev - ok
21:02:47.0209 0x1c04 [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem C:\WINDOWS\system32\es.dll
21:02:47.0254 0x1c04 EventSystem - ok
21:02:47.0270 0x1c04 [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:02:47.0307 0x1c04 exfat - ok
21:02:47.0322 0x1c04 [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:02:47.0337 0x1c04 fastfat - ok
21:02:47.0372 0x1c04 [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:02:47.0449 0x1c04 Fax - ok
21:02:47.0483 0x1c04 [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc C:\WINDOWS\System32\drivers\fcvsc.sys
21:02:47.0544 0x1c04 fcvsc - ok
21:02:47.0566 0x1c04 [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
21:02:47.0604 0x1c04 fdc - ok
21:02:47.0616 0x1c04 [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:02:47.0640 0x1c04 fdPHost - ok
21:02:47.0650 0x1c04 [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:02:47.0677 0x1c04 FDResPub - ok
21:02:47.0714 0x1c04 [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc C:\WINDOWS\system32\fhsvc.dll
21:02:47.0751 0x1c04 fhsvc - ok
21:02:47.0767 0x1c04 [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
21:02:47.0788 0x1c04 FileCrypt - ok
21:02:47.0793 0x1c04 [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:02:47.0802 0x1c04 FileInfo - ok
21:02:47.0813 0x1c04 [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:02:47.0833 0x1c04 Filetrace - ok
21:02:47.0849 0x1c04 [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
21:02:47.0860 0x1c04 flpydisk - ok
21:02:47.0869 0x1c04 [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:02:47.0886 0x1c04 FltMgr - ok
21:02:47.0953 0x1c04 [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache C:\WINDOWS\system32\FntCache.dll
21:02:48.0158 0x1c04 FontCache - ok
21:02:48.0217 0x1c04 [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:02:48.0225 0x1c04 FontCache3.0.0.0 - ok
21:02:48.0240 0x1c04 [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:02:48.0250 0x1c04 FsDepends - ok
21:02:48.0255 0x1c04 [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:02:48.0263 0x1c04 Fs_Rec - ok
21:02:48.0287 0x1c04 [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:02:48.0310 0x1c04 fvevol - ok
21:02:48.0326 0x1c04 [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
21:02:48.0336 0x1c04 gagp30kx - ok
21:02:48.0344 0x1c04 [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
21:02:48.0362 0x1c04 gencounter - ok
21:02:48.0373 0x1c04 [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
21:02:48.0585 0x1c04 genericusbfn - ok
21:02:48.0699 0x1c04 [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:02:48.0729 0x1c04 GfExperienceService - ok
21:02:48.0749 0x1c04 [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:02:48.0761 0x1c04 GPIOClx0101 - ok
21:02:48.0815 0x1c04 [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:02:48.0880 0x1c04 gpsvc - ok
21:02:48.0889 0x1c04 [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
21:02:48.0915 0x1c04 GpuEnergyDrv - ok
21:02:48.0968 0x1c04 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:02:48.0975 0x1c04 gupdate - ok
21:02:48.0980 0x1c04 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:02:48.0986 0x1c04 gupdatem - ok
21:02:49.0014 0x1c04 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
21:02:49.0019 0x1c04 hamachi - ok
21:02:49.0024 0x1c04 [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
21:02:49.0044 0x1c04 HDAudBus - ok
21:02:49.0054 0x1c04 [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
21:02:49.0065 0x1c04 HidBatt - ok
21:02:49.0078 0x1c04 [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
21:02:49.0130 0x1c04 HidBth - ok
21:02:49.0145 0x1c04 [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
21:02:49.0168 0x1c04 hidi2c - ok
21:02:49.0183 0x1c04 [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
21:02:49.0191 0x1c04 hidinterrupt - ok
21:02:49.0206 0x1c04 [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
21:02:49.0229 0x1c04 HidIr - ok
21:02:49.0233 0x1c04 [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv C:\WINDOWS\system32\hidserv.dll
21:02:49.0246 0x1c04 hidserv - ok
21:02:49.0249 0x1c04 [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
21:02:49.0303 0x1c04 HidUsb - ok
21:02:49.0334 0x1c04 [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:02:49.0359 0x1c04 HomeGroupListener - ok
21:02:49.0408 0x1c04 [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:02:49.0448 0x1c04 HomeGroupProvider - ok
21:02:49.0461 0x1c04 [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:02:49.0471 0x1c04 HpSAMD - ok
21:02:49.0505 0x1c04 [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:02:49.0553 0x1c04 HTTP - ok
21:02:49.0558 0x1c04 [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:02:49.0566 0x1c04 hwpolicy - ok
21:02:49.0576 0x1c04 [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
21:02:49.0596 0x1c04 hyperkbd - ok
21:02:49.0606 0x1c04 [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
21:02:49.0623 0x1c04 HyperVideo - ok
21:02:49.0633 0x1c04 [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
21:02:49.0672 0x1c04 i8042prt - ok
21:02:49.0679 0x1c04 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:02:49.0686 0x1c04 iaLPSSi_GPIO - ok
21:02:49.0702 0x1c04 [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:02:49.0711 0x1c04 iaLPSSi_I2C - ok
21:02:49.0729 0x1c04 [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
21:02:49.0753 0x1c04 iaStorAV - ok
21:02:49.0771 0x1c04 [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:02:49.0789 0x1c04 iaStorV - ok
21:02:49.0809 0x1c04 [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
21:02:49.0828 0x1c04 ibbus - ok
21:02:49.0876 0x1c04 [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc C:\WINDOWS\System32\tetheringservice.dll
21:02:50.0020 0x1c04 icssvc - ok
21:02:50.0026 0x1c04 IEEtwCollectorService - ok
21:02:50.0071 0x1c04 [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:02:50.0110 0x1c04 IKEEXT - ok
21:02:50.0277 0x1c04 [ 059DDDEDBE5701DC3B779D32798108AC, 4735C52D5F7A7AC07985835C17955C96418BB3C3316264CF6A44F6150E10755B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:02:50.0283 0x1968 Object send P2P result: true
21:02:50.0438 0x1c04 IntcAzAudAddService - ok
21:02:50.0486 0x1c04 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:02:50.0502 0x1c04 Intel(R) Capability Licensing Service Interface - ok
21:02:50.0542 0x1c04 [ 5279C26E7949D73EBA3423A89AA88BA6, 70A72A1C14762DA3F21B5640EFF428BF15170AEB62E5F36DCB6197CBA7207E8A ] Intel(R) Small Business Advantage C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
21:02:50.0547 0x1c04 Intel(R) Small Business Advantage - ok
21:02:50.0557 0x1c04 [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:02:50.0566 0x1c04 intelide - ok
21:02:50.0578 0x1c04 [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
21:02:50.0587 0x1c04 intelpep - ok
21:02:50.0599 0x1c04 [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
21:02:50.0620 0x1c04 intelppm - ok
21:02:50.0623 0x1c04 [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
21:02:50.0654 0x1c04 IoQos - ok
21:02:50.0668 0x1c04 [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:02:50.0694 0x1c04 IpFilterDriver - ok
21:02:50.0749 0x1c04 [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:02:50.0834 0x1c04 iphlpsvc - ok
21:02:50.0849 0x1c04 [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:02:50.0882 0x1c04 IPMIDRV - ok
21:02:50.0894 0x1c04 [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:02:50.0922 0x1c04 IPNAT - ok
21:02:50.0949 0x1c04 [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:02:50.0976 0x1c04 IRENUM - ok
21:02:50.0987 0x1c04 [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:02:51.0002 0x1c04 isapnp - ok
21:02:51.0017 0x1c04 [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
21:02:51.0036 0x1c04 iScsiPrt - ok
21:02:51.0066 0x1c04 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\WINDOWS\system32\drivers\iusb3hcs.sys
21:02:51.0073 0x1c04 iusb3hcs - ok
21:02:51.0119 0x1c04 [ 0043D9FB61C35F90886B1E93DD556FAF, B17B993928281252A75997939F2E45E98E7FB9D22941CC76E332AFF8706EDEC9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:02:51.0128 0x1c04 jhi_service - ok
21:02:51.0133 0x1c04 [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
21:02:51.0145 0x1c04 kbdclass - ok
21:02:51.0148 0x1c04 [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
21:02:51.0169 0x1c04 kbdhid - ok
21:02:51.0171 0x1c04 [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
21:02:51.0205 0x1c04 kdnic - ok
21:02:51.0221 0x1c04 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso C:\WINDOWS\system32\lsass.exe
21:02:51.0230 0x1c04 KeyIso - ok
21:02:51.0267 0x1c04 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
21:02:51.0283 0x1c04 kl1 - ok
21:02:51.0298 0x1c04 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
21:02:51.0305 0x1c04 klbackupdisk - ok
21:02:51.0315 0x1c04 [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
21:02:51.0324 0x1c04 klbackupflt - ok
21:02:51.0331 0x1c04 [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
21:02:51.0339 0x1c04 kldisk - ok
21:02:51.0374 0x1c04 [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
21:02:51.0412 0x1c04 klelam - ok
21:02:51.0429 0x1c04 [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
21:02:51.0440 0x1c04 klflt - ok
21:02:51.0464 0x1c04 [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys
21:02:51.0475 0x1c04 klhk - ok
21:02:51.0498 0x1c04 [ EBDECA2C6072F1FA09BDB660EA6017FA, 0F2FCBE85350EB8AC709069C61E18797E18A33E0BD03D84C2B61059BEC705099 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
21:02:51.0541 0x1c04 KLIF - ok
21:02:51.0553 0x1c04 [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
21:02:51.0560 0x1c04 KLIM6 - ok
21:02:51.0563 0x1c04 [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
21:02:51.0571 0x1c04 klkbdflt - ok
21:02:51.0583 0x1c04 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
21:02:51.0597 0x1c04 klmouflt - ok
21:02:51.0609 0x1c04 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
21:02:51.0617 0x1c04 klpd - ok
21:02:51.0630 0x1c04 [ 26D3895A519220E94D241A8858D40CD9, CBDE2B937D2897FC2F356F73D983023F7CBE3C9E8A2873877E5CAF40F3D9A680 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
21:02:51.0639 0x1c04 klwfp - ok
21:02:51.0647 0x1c04 [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
21:02:51.0656 0x1c04 Klwtp - ok
21:02:51.0662 0x1c04 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
21:02:51.0672 0x1c04 kneps - ok
21:02:51.0687 0x1c04 [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:02:51.0698 0x1c04 KSecDD - ok
21:02:51.0704 0x1c04 [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:02:51.0715 0x1c04 KSecPkg - ok
21:02:51.0719 0x1c04 [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:02:51.0742 0x1c04 ksthunk - ok
21:02:51.0775 0x1c04 [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:02:51.0832 0x1c04 KtmRm - ok
21:02:51.0904 0x1c04 [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
21:02:51.0937 0x1c04 LanmanServer - ok
21:02:51.0972 0x1c04 [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:02:52.0020 0x1c04 LanmanWorkstation - ok
21:02:52.0058 0x1c04 [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
21:02:52.0112 0x1c04 lfsvc - ok
21:02:52.0123 0x1c04 [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
21:02:52.0178 0x1c04 LicenseManager - ok
21:02:52.0285 0x1c04 [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
21:02:52.0342 0x1c04 LiveUpdateSvc - ok
21:02:52.0356 0x1c04 [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
21:02:52.0382 0x1c04 lltdio - ok
21:02:52.0406 0x1c04 [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:02:52.0431 0x1c04 lltdsvc - ok
21:02:52.0463 0x1c04 [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:02:52.0485 0x1c04 lmhosts - ok
21:02:52.0506 0x1c04 [ 2FB262276D1C689C6886B1C0710342FA, 99129F79FB17B7224CF7C8324A12D464D2611BF6B4467A3697B8E3AFE8A95052 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:02:52.0515 0x1c04 LMS - ok
21:02:52.0529 0x1c04 [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:02:52.0540 0x1c04 LSI_SAS - ok
21:02:52.0549 0x1c04 [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
21:02:52.0560 0x1c04 LSI_SAS2i - ok
21:02:52.0574 0x1c04 [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
21:02:52.0585 0x1c04 LSI_SAS3i - ok
21:02:52.0597 0x1c04 [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
21:02:52.0608 0x1c04 LSI_SSS - ok
21:02:52.0624 0x1c04 [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM C:\WINDOWS\System32\lsm.dll
21:02:52.0699 0x1c04 LSM - ok
21:02:52.0731 0x1c04 [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:02:52.0756 0x1c04 luafv - ok
21:02:52.0767 0x1c04 [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker C:\WINDOWS\System32\moshost.dll
21:02:52.0886 0x1c04 MapsBroker - ok
21:02:52.0898 0x1c04 [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:02:52.0917 0x1c04 megasas - ok
21:02:52.0953 0x1c04 [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
21:02:52.0987 0x1c04 megasr - ok
21:02:53.0027 0x1c04 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
21:02:53.0032 0x1c04 MEIx64 - ok
21:02:53.0070 0x1c04 Microsoft SharePoint Workspace Audit Service - ok
21:02:53.0104 0x1c04 [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
21:02:53.0135 0x1c04 mlx4_bus - ok
21:02:53.0139 0x1c04 [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
21:02:53.0224 0x1c04 MMCSS - ok
21:02:53.0239 0x1c04 [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:02:53.0271 0x1c04 Modem - ok
21:02:53.0277 0x1c04 [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
21:02:53.0325 0x1c04 monitor - ok
21:02:53.0338 0x1c04 [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
21:02:53.0349 0x1c04 mouclass - ok
21:02:53.0354 0x1c04 [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
21:02:53.0383 0x1c04 mouhid - ok
21:02:53.0411 0x1c04 [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:02:53.0421 0x1c04 mountmgr - ok
21:02:53.0465 0x1c04 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:02:53.0474 0x1c04 MozillaMaintenance - ok
21:02:53.0478 0x1c04 [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:02:53.0523 0x1c04 mpsdrv - ok
21:02:53.0573 0x1c04 [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:02:53.0654 0x1c04 MpsSvc - ok
21:02:53.0689 0x1c04 [ 5B37FDC07159FE9F5F52399F7D78F60B, A0C20EB9A7918395A13A5E21917887DDC9897C475D33091B518354163CAE108A ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
21:02:53.0751 0x1c04 MQAC - ok
21:02:53.0762 0x1c04 [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:02:53.0797 0x1c04 MRxDAV - ok
21:02:53.0826 0x1c04 [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:02:53.0878 0x1c04 mrxsmb - ok
21:02:53.0892 0x1c04 [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:02:53.0947 0x1c04 mrxsmb10 - ok
21:02:53.0959 0x1c04 [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:02:53.0991 0x1c04 mrxsmb20 - ok
21:02:54.0025 0x1c04 [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
21:02:54.0056 0x1c04 MsBridge - ok
21:02:54.0093 0x1c04 [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:02:54.0129 0x1c04 MSDTC - ok
21:02:54.0136 0x1c04 [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:02:54.0149 0x1c04 Msfs - ok
21:02:54.0175 0x1c04 [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:02:54.0186 0x1c04 msgpiowin32 - ok
21:02:54.0199 0x1c04 [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:02:54.0224 0x1c04 mshidkmdf - ok
21:02:54.0238 0x1c04 [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
21:02:54.0260 0x1c04 mshidumdf - ok
21:02:54.0265 0x1c04 [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:02:54.0276 0x1c04 msisadrv - ok
21:02:54.0313 0x1c04 [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:02:54.0331 0x1c04 MSiSCSI - ok
21:02:54.0333 0x1c04 msiserver - ok
21:02:54.0343 0x1c04 [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:02:54.0360 0x1c04 MSKSSRV - ok
21:02:54.0375 0x1c04 [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
21:02:54.0402 0x1c04 MsLldp - ok
21:02:54.0435 0x1c04 [ 85EBF0A28B8B132B67C84C6CE5EBAC29, D0012CF4822A3D16F7BF61C94C5650DC1ED310A0DD1A3333465D28C73D40ECDB ] MSMQ C:\WINDOWS\system32\mqsvc.exe
21:02:54.0446 0x1c04 MSMQ - ok
21:02:54.0472 0x1c04 [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:02:54.0483 0x1c04 MSPCLOCK - ok
21:02:54.0489 0x1c04 [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:02:54.0513 0x1c04 MSPQM - ok
21:02:54.0530 0x1c04 [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:02:54.0563 0x1c04 MsRPC - ok
21:02:54.0570 0x1c04 [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
21:02:54.0578 0x1c04 mssmbios - ok
21:02:54.0594 0x1c04 [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:02:54.0613 0x1c04 MSTEE - ok
21:02:54.0625 0x1c04 [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
21:02:54.0636 0x1c04 MTConfig - ok
21:02:54.0649 0x1c04 [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:02:54.0660 0x1c04 Mup - ok
21:02:54.0676 0x1c04 [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
21:02:54.0686 0x1c04 mvumis - ok
21:02:54.0707 0x1c04 [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:02:54.0944 0x1c04 NativeWifiP - ok
21:02:54.0979 0x1c04 [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
21:02:55.0045 0x1c04 NcaSvc - ok
21:02:55.0063 0x1c04 [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService C:\WINDOWS\System32\ncbservice.dll
21:02:55.0131 0x1c04 NcbService - ok
21:02:55.0139 0x1c04 [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
21:02:55.0227 0x1c04 NcdAutoSetup - ok
21:02:55.0244 0x1c04 [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
21:02:55.0264 0x1c04 ndfltr - ok
21:02:55.0324 0x1c04 [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:02:55.0401 0x1c04 NDIS - ok
21:02:55.0413 0x1c04 [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
21:02:55.0449 0x1c04 NdisCap - ok
21:02:55.0464 0x1c04 [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
21:02:55.0494 0x1c04 NdisImPlatform - ok
21:02:55.0504 0x1c04 [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:02:55.0532 0x1c04 NdisTapi - ok
21:02:55.0546 0x1c04 [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
21:02:55.0568 0x1c04 Ndisuio - ok
21:02:55.0571 0x1c04 [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:02:55.0586 0x1c04 NdisVirtualBus - ok
21:02:55.0605 0x1c04 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
21:02:55.0630 0x1c04 NdisWan - ok
21:02:55.0637 0x1c04 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:02:55.0653 0x1c04 ndiswanlegacy - ok
21:02:55.0662 0x1c04 [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
21:02:55.0676 0x1c04 ndproxy - ok
21:02:55.0684 0x1c04 [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
21:02:55.0731 0x1c04 Ndu - ok
21:02:55.0736 0x1c04 [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
21:02:55.0745 0x1c04 NetBIOS - ok
21:02:55.0754 0x1c04 [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:02:55.0792 0x1c04 NetBT - ok
21:02:55.0804 0x1c04 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:02:55.0813 0x1c04 Netlogon - ok
21:02:55.0842 0x1c04 [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman C:\WINDOWS\System32\netman.dll
21:02:55.0868 0x1c04 Netman - ok
21:02:55.0910 0x1c04 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:02:55.0920 0x1c04 NetMsmqActivator - ok
21:02:55.0925 0x1c04 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:02:55.0934 0x1c04 NetPipeActivator - ok
21:02:55.0983 0x1c04 [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
21:02:56.0030 0x1c04 netprofm - ok
21:02:56.0071 0x1c04 [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
21:02:56.0147 0x1c04 NetSetupSvc - ok
21:02:56.0153 0x1c04 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:02:56.0163 0x1c04 NetTcpActivator - ok
21:02:56.0168 0x1c04 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:02:56.0177 0x1c04 NetTcpPortSharing - ok
21:02:56.0184 0x1c04 [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
21:02:56.0196 0x1c04 netvsc - ok
21:02:56.0213 0x1c04 [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
21:02:56.0240 0x1c04 NgcCtnrSvc - ok
21:02:56.0244 0x1c04 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc C:\WINDOWS\system32\lsass.exe
21:02:56.0256 0x1c04 NgcSvc - ok
21:02:56.0292 0x1c04 [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:02:56.0367 0x1c04 NlaSvc - ok
21:02:56.0375 0x1c04 [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:02:56.0396 0x1c04 Npfs - ok
21:02:56.0399 0x1c04 [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
21:02:56.0443 0x1c04 npsvctrig - ok
21:02:56.0451 0x1c04 [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi C:\WINDOWS\system32\nsisvc.dll
21:02:56.0484 0x1c04 nsi - ok
21:02:56.0487 0x1c04 [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:02:56.0509 0x1c04 nsiproxy - ok
21:02:56.0577 0x1c04 [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
21:02:56.0685 0x1c04 NTFS - ok
21:02:56.0700 0x1c04 [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null C:\WINDOWS\system32\drivers\Null.sys
21:02:56.0711 0x1c04 Null - ok
21:02:56.0743 0x1c04 [ 598E707D7053535D2BCD9F7779D15AB7, A8709F1123758D73C9C616003F7502CCE485A6DD23EF82B211AA7AE4FCC3C314 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
21:02:56.0753 0x1c04 NVHDA - ok
21:02:57.0015 0x1c04 [ 1BAA8D6913574F87F5983294A076631D, 9B6D4E9E8DECC6A2D788ED1CF629A0713708BB3788B4AC43902B8B5E180166C8 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:02:57.0282 0x1c04 nvlddmkm - ok
21:02:57.0402 0x1c04 [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:02:57.0440 0x1c04 NvNetworkService - ok
21:02:57.0457 0x1c04 [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:02:57.0468 0x1c04 nvraid - ok
21:02:57.0477 0x1c04 [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:02:57.0489 0x1c04 nvstor - ok
21:02:57.0530 0x1c04 [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:02:57.0535 0x1c04 NvStreamKms - ok
21:02:57.0686 0x1c04 [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
21:02:57.0788 0x1c04 NvStreamSvc - ok
21:02:57.0840 0x1c04 [ 90566025EFD5BA4005A5C9A2773B230B, 9075981E7020250E38D25C046E39C69B252B46888A9F6F749FF50FB442907E37 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
21:02:57.0877 0x1c04 nvsvc - ok
21:02:57.0900 0x1c04 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:02:57.0906 0x1c04 nvvad_WaveExtensible - ok
21:02:57.0920 0x1c04 [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
21:02:57.0932 0x1c04 nv_agp - ok
21:02:57.0971 0x1c04 [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
21:02:58.0002 0x1c04 OneSyncSvc - ok
21:02:58.0183 0x1c04 [ F34655869378762CEEF159E82BE95C3E, 346211DEB3D9C1D4C0688F737BF154A75C986921465FAF04E8CFED48385E64E8 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
21:02:58.0262 0x1c04 Origin Client Service - ok
21:02:58.0308 0x1c04 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:02:58.0325 0x1c04 ose - ok
21:02:58.0493 0x1c04 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:02:58.0638 0x1c04 osppsvc - ok
21:02:58.0680 0x1c04 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:02:58.0751 0x1c04 p2pimsvc - ok
21:02:58.0771 0x1c04 [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:02:58.0793 0x1c04 p2psvc - ok
21:02:58.0801 0x1c04 [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport C:\WINDOWS\System32\drivers\parport.sys
21:02:58.0824 0x1c04 Parport - ok
21:02:58.0828 0x1c04 [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:02:58.0838 0x1c04 partmgr - ok
21:02:58.0861 0x1c04 [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:02:58.0882 0x1c04 PcaSvc - ok
21:02:58.0911 0x1c04 [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci C:\WINDOWS\system32\drivers\pci.sys
21:02:58.0927 0x1c04 pci - ok
21:02:58.0942 0x1c04 [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:02:58.0950 0x1c04 pciide - ok
21:02:58.0967 0x1c04 [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:02:58.0978 0x1c04 pcmcia - ok
21:02:58.0982 0x1c04 [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:02:58.0990 0x1c04 pcw - ok
21:02:59.0019 0x1c04 [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc C:\WINDOWS\system32\drivers\pdc.sys
21:02:59.0031 0x1c04 pdc - ok
21:02:59.0083 0x1c04 [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:02:59.0124 0x1c04 PEAUTH - ok
21:02:59.0148 0x1c04 [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
21:02:59.0157 0x1c04 percsas2i - ok
21:02:59.0166 0x1c04 [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
21:02:59.0175 0x1c04 percsas3i - ok
21:02:59.0246 0x1c04 [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:02:59.0293 0x1c04 PerfHost - ok
21:02:59.0332 0x1c04 [ 839BD56425530973FF3F6F7C0057CD22, 9BADF39BC4628409CFCD5F1300C6040C49B2ED72D0FA389C6BB042E5B17E1A40 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
21:02:59.0406 0x1c04 PimIndexMaintenanceSvc - ok
21:02:59.0503 0x1c04 [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla C:\WINDOWS\system32\pla.dll
21:02:59.0566 0x1c04 pla - ok
21:02:59.0596 0x1c04 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:02:59.0618 0x1c04 PlugPlay - ok
21:02:59.0639 0x1c04 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
21:02:59.0652 0x1c04 PnkBstrA - ok
21:02:59.0666 0x1c04 [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:02:59.0686 0x1c04 PNRPAutoReg - ok
21:02:59.0706 0x1c04 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:02:59.0727 0x1c04 PNRPsvc - ok
21:02:59.0764 0x1c04 [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:02:59.0785 0x1c04 PolicyAgent - ok
21:02:59.0791 0x1c04 [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power C:\WINDOWS\system32\umpo.dll
21:02:59.0803 0x1c04 Power - ok
21:02:59.0817 0x1c04 [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
21:02:59.0842 0x1c04 PptpMiniport - ok
21:02:59.0982 0x1c04 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:03:00.0157 0x1c04 PrintNotify - ok
21:03:00.0171 0x1c04 [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor C:\WINDOWS\System32\drivers\processr.sys
21:03:00.0207 0x1c04 Processor - ok
21:03:00.0227 0x1c04 [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:03:00.0261 0x1c04 ProfSvc - ok
21:03:00.0270 0x1c04 [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched C:\WINDOWS\system32\drivers\pacer.sys
21:03:00.0281 0x1c04 Psched - ok
21:03:00.0294 0x1c04 [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE C:\WINDOWS\system32\qwave.dll
21:03:00.0329 0x1c04 QWAVE - ok
21:03:00.0354 0x1c04 [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:03:00.0365 0x1c04 QWAVEdrv - ok
21:03:00.0371 0x1c04 [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:03:00.0392 0x1c04 RasAcd - ok
21:03:00.0413 0x1c04 [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
21:03:00.0454 0x1c04 RasAgileVpn - ok
21:03:00.0475 0x1c04 [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto C:\WINDOWS\System32\rasauto.dll
|
|
23.11.2015, 21:10
| #6 |
| | TDSSKiller Report 2/2 TDSSKiller Report 2/2 Code:
ATTFilter 21:03:00.0501 0x1c04 RasAuto - ok
21:03:00.0512 0x1c04 [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
21:03:00.0536 0x1c04 Rasl2tp - ok
21:03:00.0566 0x1c04 [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:03:00.0604 0x1c04 RasMan - ok
21:03:00.0616 0x1c04 [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
21:03:00.0635 0x1c04 RasPppoe - ok
21:03:00.0647 0x1c04 [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
21:03:00.0668 0x1c04 RasSstp - ok
21:03:00.0685 0x1c04 [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:03:00.0714 0x1c04 rdbss - ok
21:03:00.0718 0x1c04 [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
21:03:00.0748 0x1c04 rdpbus - ok
21:03:00.0760 0x1c04 [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:03:00.0780 0x1c04 RDPDR - ok
21:03:00.0794 0x1c04 [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:03:00.0802 0x1c04 RdpVideoMiniport - ok
21:03:00.0840 0x1c04 [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:03:00.0853 0x1c04 rdyboost - ok
21:03:00.0880 0x1c04 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
21:03:00.0910 0x1c04 ReFSv1 - ok
21:03:00.0951 0x1c04 [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:03:00.0996 0x1c04 RemoteAccess - ok
21:03:01.0011 0x1c04 [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:03:01.0047 0x1c04 RemoteRegistry - ok
21:03:01.0090 0x1c04 [ DF84555A734BA2BDA55BCCCC47095ADD, 639814A7F5B758792FE6D84E3FF312F9CE9DACB21B93EA43394DC7A04526CB81 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
21:03:01.0181 0x1c04 RetailDemo - ok
21:03:01.0227 0x1c04 [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:03:01.0244 0x1c04 RpcEptMapper - ok
21:03:01.0271 0x1c04 [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:03:01.0284 0x1c04 RpcLocator - ok
21:03:01.0313 0x1c04 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:03:01.0348 0x1c04 RpcSs - ok
21:03:01.0353 0x1c04 [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
21:03:01.0366 0x1c04 rspndr - ok
21:03:01.0380 0x1c04 [ 179E6BCF8D16AD39C137CB4FCFE015C5, A1DF499AA378BDB1CB7F95ACC0C7D6929358AF4596A47FDEDFAE115461563CD5 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
21:03:01.0421 0x1c04 rt640x64 - ok
21:03:01.0431 0x1c04 [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
21:03:01.0450 0x1c04 s3cap - ok
21:03:01.0475 0x1c04 [ B08581EDF3290210D3366CD2D992F6C2, FF1BE97B8F37FF39B784CAB254F2460B7F7A84C45BAD5CDB06FE5C29CF293BE5 ] SaiMini C:\WINDOWS\System32\drivers\SaiMini.sys
21:03:01.0481 0x1c04 SaiMini - ok
21:03:01.0509 0x1c04 [ D086C2F45D328C2F63FC6B4CD79FCB66, BF3D27D95C83D2454AE62BAFE9297E08BB58EA4C7FBFBDEE075A4FFC6085735C ] SaiNtBus C:\WINDOWS\system32\drivers\SaiBus.sys
21:03:01.0514 0x1c04 SaiNtBus - ok
21:03:01.0521 0x1c04 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs C:\WINDOWS\system32\lsass.exe
21:03:01.0531 0x1c04 SamSs - ok
21:03:01.0565 0x1c04 [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:03:01.0576 0x1c04 sbp2port - ok
21:03:01.0588 0x1c04 [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:03:01.0607 0x1c04 SCardSvr - ok
21:03:01.0623 0x1c04 [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
21:03:01.0653 0x1c04 ScDeviceEnum - ok
21:03:01.0670 0x1c04 [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:03:01.0691 0x1c04 scfilter - ok
21:03:01.0722 0x1c04 [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:03:01.0823 0x1c04 Schedule - ok
21:03:01.0871 0x1c04 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:03:01.0889 0x1c04 SCPolicySvc - ok
21:03:01.0922 0x1c04 [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
21:03:01.0936 0x1c04 sdbus - ok
21:03:01.0950 0x1c04 [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
21:03:02.0026 0x1c04 SDRSVC - ok
21:03:02.0037 0x1c04 [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
21:03:02.0051 0x1c04 sdstor - ok
21:03:02.0060 0x1c04 [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon C:\WINDOWS\system32\seclogon.dll
21:03:02.0104 0x1c04 seclogon - ok
21:03:02.0111 0x1c04 [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS C:\WINDOWS\System32\sens.dll
21:03:02.0135 0x1c04 SENS - ok
21:03:02.0166 0x1c04 [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
21:03:02.0269 0x1c04 SensorDataService - ok
21:03:02.0291 0x1c04 [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService C:\WINDOWS\system32\SensorService.dll
21:03:02.0361 0x1c04 SensorService - ok
21:03:02.0386 0x1c04 [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:03:02.0458 0x1c04 SensrSvc - ok
21:03:02.0479 0x1c04 [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
21:03:02.0500 0x1c04 SerCx - ok
21:03:02.0549 0x1c04 [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
21:03:02.0564 0x1c04 SerCx2 - ok
21:03:02.0575 0x1c04 [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
21:03:02.0586 0x1c04 Serenum - ok
21:03:02.0590 0x1c04 [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial C:\WINDOWS\System32\drivers\serial.sys
21:03:02.0602 0x1c04 Serial - ok
21:03:02.0614 0x1c04 [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
21:03:02.0637 0x1c04 sermouse - ok
21:03:02.0657 0x1c04 [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:03:02.0679 0x1c04 SessionEnv - ok
21:03:02.0688 0x1c04 [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
21:03:02.0698 0x1c04 sfloppy - ok
21:03:02.0731 0x1c04 [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:03:02.0765 0x1c04 SharedAccess - ok
21:03:02.0789 0x1c04 [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:03:02.0824 0x1c04 ShellHWDetection - ok
21:03:02.0837 0x1c04 [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:03:02.0847 0x1c04 SiSRaid2 - ok
21:03:02.0859 0x1c04 [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:03:02.0869 0x1c04 SiSRaid4 - ok
21:03:02.0900 0x1c04 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:03:02.0914 0x1c04 SkypeUpdate - ok
21:03:02.0941 0x1c04 [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost C:\WINDOWS\System32\smphost.dll
21:03:02.0966 0x1c04 smphost - ok
21:03:02.0988 0x1c04 [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
21:03:03.0028 0x1c04 SmsRouter - ok
21:03:03.0059 0x1c04 [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:03:03.0081 0x1c04 SNMPTRAP - ok
21:03:03.0117 0x1c04 [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
21:03:03.0137 0x1c04 spaceport - ok
21:03:03.0151 0x1c04 [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
21:03:03.0161 0x1c04 SpbCx - ok
21:03:03.0178 0x1c04 [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:03:03.0224 0x1c04 Spooler - ok
21:03:03.0358 0x1c04 [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:03:03.0507 0x1c04 sppsvc - ok
21:03:03.0522 0x1c04 [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:03:03.0544 0x1c04 srv - ok
21:03:03.0570 0x1c04 [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:03:03.0631 0x1c04 srv2 - ok
21:03:03.0638 0x1c04 [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:03:03.0655 0x1c04 srvnet - ok
21:03:03.0669 0x1c04 [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:03:03.0687 0x1c04 SSDPSRV - ok
21:03:03.0698 0x1c04 [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:03:03.0715 0x1c04 SstpSvc - ok
21:03:03.0799 0x1c04 [ 78760751FBCB900F6F68CA1700DAE2DC, 356914797056B11745E18ECD033B8DC801C3C3DD6C5127FCD430A02C4FDD34A9 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
21:03:03.0954 0x1c04 StateRepository - ok
21:03:04.0028 0x1c04 [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:03:04.0060 0x1c04 Steam Client Service - ok
21:03:04.0114 0x1c04 [ 89123DFAC7E1E6E664D19622D135571B, 6870050EA5B4C0E9091C87FC42767BAD84E726FEC43DB989CE35650ABF9ED09E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:03:04.0128 0x1c04 Stereo Service - ok
21:03:04.0138 0x1c04 [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:03:04.0147 0x1c04 stexstor - ok
21:03:04.0181 0x1c04 [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:03:04.0223 0x1c04 stisvc - ok
21:03:04.0228 0x1c04 [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
21:03:04.0240 0x1c04 storahci - ok
21:03:04.0257 0x1c04 [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
21:03:04.0266 0x1c04 storflt - ok
21:03:04.0309 0x1c04 [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
21:03:04.0319 0x1c04 stornvme - ok
21:03:04.0323 0x1c04 [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
21:03:04.0392 0x1c04 storqosflt - ok
21:03:04.0413 0x1c04 [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:03:04.0568 0x1c04 StorSvc - ok
21:03:04.0580 0x1c04 [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
21:03:04.0593 0x1c04 storufs - ok
21:03:04.0598 0x1c04 [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:03:04.0608 0x1c04 storvsc - ok
21:03:04.0619 0x1c04 [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc C:\WINDOWS\system32\svsvc.dll
21:03:04.0634 0x1c04 svsvc - ok
21:03:04.0692 0x1c04 [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
21:03:04.0700 0x1c04 swenum - ok
21:03:04.0727 0x1c04 [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv C:\WINDOWS\System32\swprv.dll
21:03:04.0753 0x1c04 swprv - ok
21:03:04.0764 0x1c04 [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
21:03:04.0783 0x1c04 Synth3dVsc - ok
21:03:04.0833 0x1c04 [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain C:\WINDOWS\system32\sysmain.dll
21:03:04.0991 0x1c04 SysMain - ok
21:03:05.0034 0x1c04 [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:03:05.0097 0x1c04 SystemEventsBroker - ok
21:03:05.0116 0x1c04 [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:03:05.0173 0x1c04 TabletInputService - ok
21:03:05.0205 0x1c04 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\WINDOWS\system32\DRIVERS\tap0901.sys
21:03:05.0213 0x1c04 tap0901 - ok
21:03:05.0252 0x1c04 [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:03:05.0264 0x1624 Object required for P2P: [ F34655869378762CEEF159E82BE95C3E ] Origin Client Service
21:03:05.0286 0x1c04 TapiSrv - ok
21:03:05.0343 0x1c04 [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:03:05.0419 0x1c04 Tcpip - ok
21:03:05.0476 0x1c04 [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
21:03:05.0536 0x1c04 Tcpip6 - ok
21:03:05.0542 0x1c04 [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:03:05.0566 0x1c04 tcpipreg - ok
21:03:05.0590 0x1c04 [ D42AC03ACF9CA67693D1D9BB4D2A0BC8, D39D5180F3CDB23B4551A8C98F3C92A960B4CC9FA48E0FE11A6D89B0C247783F ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:03:05.0601 0x1c04 tdx - ok
21:03:05.0783 0x1c04 [ E1E13735B6D2FE4FFEAEB91989B9C46F, 32CCCDD17C72ECBD96BB15B9362AD5BC0B173E95F9A4045F084719A5E956932B ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
21:03:05.0884 0x1c04 TeamViewer - ok
21:03:05.0899 0x1c04 [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
21:03:05.0908 0x1c04 terminpt - ok
21:03:05.0937 0x1c04 [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService C:\WINDOWS\System32\termsrv.dll
21:03:05.0992 0x1c04 TermService - ok
21:03:06.0007 0x1c04 [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes C:\WINDOWS\system32\themeservice.dll
21:03:06.0037 0x1c04 Themes - ok
21:03:06.0067 0x1c04 [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
21:03:06.0133 0x1c04 tiledatamodelsvc - ok
21:03:06.0147 0x1c04 [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
21:03:06.0178 0x1c04 TimeBroker - ok
21:03:06.0220 0x1c04 [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
21:03:06.0248 0x1c04 TPM - ok
21:03:06.0259 0x1c04 [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:03:06.0296 0x1c04 TrkWks - ok
21:03:06.0352 0x1c04 [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:03:06.0401 0x1c04 TrustedInstaller - ok
21:03:06.0409 0x1c04 [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
21:03:06.0475 0x1c04 TsUsbFlt - ok
21:03:06.0486 0x1c04 [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:03:06.0510 0x1c04 TsUsbGD - ok
21:03:06.0549 0x1c04 [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
21:03:06.0609 0x1c04 tunnel - ok
21:03:06.0615 0x1c04 [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
21:03:06.0625 0x1c04 uagp35 - ok
21:03:06.0637 0x1c04 [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
21:03:06.0647 0x1c04 UASPStor - ok
21:03:06.0651 0x1c04 [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
21:03:06.0679 0x1c04 UcmCx0101 - ok
21:03:06.0714 0x1c04 [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
21:03:06.0799 0x1c04 UcmUcsi - ok
21:03:06.0819 0x1c04 [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
21:03:06.0835 0x1c04 Ucx01000 - ok
21:03:06.0849 0x1c04 [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
21:03:06.0897 0x1c04 UdeCx - ok
21:03:06.0917 0x1c04 [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:03:06.0947 0x1c04 udfs - ok
21:03:06.0963 0x1c04 [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
21:03:06.0980 0x1c04 UEFI - ok
21:03:06.0997 0x1c04 [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
21:03:07.0013 0x1c04 Ufx01000 - ok
21:03:07.0025 0x1c04 [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
21:03:07.0035 0x1c04 UfxChipidea - ok
21:03:07.0050 0x1c04 [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
21:03:07.0062 0x1c04 ufxsynopsys - ok
21:03:07.0090 0x1c04 [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:03:07.0103 0x1c04 UI0Detect - ok
21:03:07.0114 0x1c04 [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
21:03:07.0124 0x1c04 uliagpkx - ok
21:03:07.0127 0x1c04 [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
21:03:07.0138 0x1c04 umbus - ok
21:03:07.0145 0x1c04 [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
21:03:07.0162 0x1c04 UmPass - ok
21:03:07.0195 0x1c04 [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:03:07.0221 0x1c04 UmRdpService - ok
21:03:07.0275 0x1c04 [ 0D5C9E27E93AAEA3E30A1E59A7AC3DFF, 31A203DA03877E6B887930990C5BB53402F0DFFB22A6F8FC5A34EF0B99CD8A7E ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
21:03:07.0332 0x1c04 UnistoreSvc - ok
21:03:07.0402 0x1c04 [ CABEC311CEA77EAEA3DC04A1ADFC0459, EC857EB3E22941E8915709B2E2CFB7BB662004121EC7DBE495FC40597BF194CB ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:03:07.0424 0x1c04 UNS - ok
21:03:07.0466 0x1c04 [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost C:\WINDOWS\System32\upnphost.dll
21:03:07.0500 0x1c04 upnphost - ok
21:03:07.0510 0x1c04 [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
21:03:07.0518 0x1c04 UrsChipidea - ok
21:03:07.0530 0x1c04 [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
21:03:07.0540 0x1c04 UrsCx01000 - ok
21:03:07.0567 0x1c04 [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
21:03:07.0576 0x1c04 UrsSynopsys - ok
21:03:07.0587 0x1c04 [ 1DC6166DB6C4FEFE87D9B9105044E5BE, D19B867C0E900B596B4180390A6E4F2ECCBDF8FBD49561C23DBA7D460B8F44A9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:03:07.0613 0x1c04 usbaudio - ok
21:03:07.0619 0x1c04 [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
21:03:07.0631 0x1c04 usbccgp - ok
21:03:07.0646 0x1c04 [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
21:03:07.0665 0x1c04 usbcir - ok
21:03:07.0696 0x1c04 [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
21:03:07.0707 0x1c04 usbehci - ok
21:03:07.0759 0x1c04 [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
21:03:07.0786 0x1c04 usbhub - ok
21:03:07.0827 0x1c04 [ C08449092043601887A1743350888635, 5CD916649D2CD8823B89C9E7459AD76AA8E54D70B6D9F40AD4A41144E22ACBE0 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
21:03:07.0848 0x1c04 USBHUB3 - ok
21:03:07.0870 0x1c04 [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
21:03:08.0001 0x1c04 usbohci - ok
21:03:08.0015 0x1c04 [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
21:03:08.0038 0x1c04 usbprint - ok
21:03:08.0055 0x1c04 [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
21:03:08.0136 0x1c04 usbser - ok
21:03:08.0142 0x1c04 [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:03:08.0157 0x1c04 USBSTOR - ok
21:03:08.0172 0x1c04 [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
21:03:08.0183 0x1c04 usbuhci - ok
21:03:08.0193 0x1c04 [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
21:03:08.0211 0x1c04 usbvideo - ok
21:03:08.0227 0x1c04 [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:03:08.0246 0x1c04 USBXHCI - ok
21:03:08.0290 0x1c04 [ 32212C0FE0556915E763C29DEB6D267E, C5BC9DA3AB0C41604E8F3D01AFC2C25351FF5D3967E766DD0CDB4C0239ED6312 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
21:03:08.0360 0x1c04 UserDataSvc - ok
21:03:08.0402 0x1c04 [ 19DB66E644058AA880AE20144FA40839, 3622EBD3E203C436000947666E7CDF9B075951CC1929241CCCDB123F55F93E46 ] UserManager C:\WINDOWS\System32\usermgr.dll
21:03:08.0441 0x1c04 UserManager - ok
21:03:08.0485 0x1c04 [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc C:\WINDOWS\system32\usocore.dll
21:03:08.0564 0x1c04 UsoSvc - ok
21:03:08.0571 0x1c04 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:03:08.0581 0x1c04 VaultSvc - ok
21:03:08.0584 0x1c04 [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:03:08.0593 0x1c04 vdrvroot - ok
21:03:08.0634 0x1c04 [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds C:\WINDOWS\System32\vds.exe
21:03:08.0697 0x1c04 vds - ok
21:03:08.0717 0x1c04 [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
21:03:08.0729 0x1624 Object send P2P result: true
21:03:08.0733 0x1c04 VerifierExt - ok
21:03:08.0770 0x1c04 [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
21:03:08.0796 0x1c04 vhdmp - ok
21:03:08.0806 0x1c04 [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
21:03:08.0819 0x1c04 vhf - ok
21:03:08.0849 0x1c04 [ 1161ACFF728D97F75D74D2F1465F8A46, 8AB5DB3FA0AA5E049E1A9A17F93CF9B0281F8944AB0BBB8A78B18ED5B5C18E47 ] vhidmini C:\WINDOWS\System32\drivers\vHidDev.sys
21:03:08.0920 0x1c04 vhidmini - ok
21:03:08.0940 0x1c04 [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:03:08.0964 0x1c04 vmbus - ok
21:03:08.0979 0x1c04 [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
21:03:09.0005 0x1c04 VMBusHID - ok
21:03:09.0055 0x1c04 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
21:03:09.0097 0x1c04 vmicguestinterface - ok
21:03:09.0110 0x1c04 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
21:03:09.0135 0x1c04 vmicheartbeat - ok
21:03:09.0146 0x1c04 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:03:09.0170 0x1c04 vmickvpexchange - ok
21:03:09.0181 0x1c04 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
21:03:09.0204 0x1c04 vmicrdv - ok
21:03:09.0215 0x1c04 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
21:03:09.0240 0x1c04 vmicshutdown - ok
21:03:09.0251 0x1c04 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
21:03:09.0275 0x1c04 vmictimesync - ok
21:03:09.0286 0x1c04 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
21:03:09.0309 0x1c04 vmicvmsession - ok
21:03:09.0329 0x1c04 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
21:03:09.0353 0x1c04 vmicvss - ok
21:03:09.0357 0x1c04 [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:03:09.0367 0x1c04 volmgr - ok
21:03:09.0376 0x1c04 [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:03:09.0393 0x1c04 volmgrx - ok
21:03:09.0402 0x1c04 [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:03:09.0420 0x1c04 volsnap - ok
21:03:09.0430 0x1c04 [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
21:03:09.0440 0x1c04 vpci - ok
21:03:09.0451 0x1c04 [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:03:09.0463 0x1c04 vsmraid - ok
21:03:09.0498 0x1c04 [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS C:\WINDOWS\system32\vssvc.exe
21:03:09.0550 0x1c04 VSS - ok
21:03:09.0636 0x1c04 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
21:03:09.0651 0x1c04 vssbrigde64 - ok
21:03:09.0669 0x1c04 [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
21:03:09.0688 0x1c04 VSTXRAID - ok
21:03:09.0715 0x1c04 [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
21:03:09.0774 0x1c04 vwifibus - ok
21:03:09.0784 0x1c04 [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
21:03:09.0808 0x1c04 vwififlt - ok
21:03:09.0835 0x1c04 [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time C:\WINDOWS\system32\w32time.dll
21:03:09.0880 0x1c04 W32Time - ok
21:03:09.0936 0x1c04 [ 9776E4816D92B766F461957FBDA84360, 048F6ADC97767AFAB50582D0AE1E67A15B038A1C02F7982A6AD30B61AC5C7369 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
21:03:09.0961 0x1c04 w3logsvc - ok
21:03:09.0999 0x1c04 [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:03:10.0025 0x1c04 W3SVC - ok
21:03:10.0040 0x1c04 [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
21:03:10.0052 0x1c04 WacomPen - ok
21:03:10.0072 0x1c04 [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService C:\WINDOWS\system32\WalletService.dll
21:03:10.0139 0x1c04 WalletService - ok
21:03:10.0154 0x1c04 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:03:10.0173 0x1c04 wanarp - ok
21:03:10.0176 0x1c04 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:03:10.0189 0x1c04 wanarpv6 - ok
21:03:10.0224 0x1c04 [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:03:10.0260 0x1c04 WAS - ok
21:03:10.0303 0x1c04 [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine C:\WINDOWS\system32\wbengine.exe
21:03:10.0385 0x1c04 wbengine - ok
21:03:10.0405 0x1c04 [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:03:10.0471 0x1c04 WbioSrvc - ok
21:03:10.0529 0x1c04 [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
21:03:10.0609 0x1c04 Wcmsvc - ok
21:03:10.0627 0x1c04 [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:03:10.0674 0x1c04 wcncsvc - ok
21:03:10.0701 0x1c04 [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:03:10.0722 0x1c04 WcsPlugInService - ok
21:03:10.0734 0x1c04 [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
21:03:10.0743 0x1c04 WdBoot - ok
21:03:10.0782 0x1c04 [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:03:10.0831 0x1c04 Wdf01000 - ok
21:03:10.0848 0x1c04 [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
21:03:10.0863 0x1c04 WdFilter - ok
21:03:10.0867 0x1c04 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:03:10.0884 0x1c04 WdiServiceHost - ok
21:03:10.0887 0x1c04 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:03:10.0903 0x1c04 WdiSystemHost - ok
21:03:10.0949 0x1c04 [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
21:03:10.0979 0x1c04 wdiwifi - ok
21:03:10.0993 0x1c04 [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:03:11.0005 0x1c04 WdNisDrv - ok
21:03:11.0034 0x1c04 WdNisSvc - ok
21:03:11.0046 0x1c04 [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:03:11.0072 0x1c04 WebClient - ok
21:03:11.0091 0x1c04 [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:03:11.0121 0x1c04 Wecsvc - ok
21:03:11.0136 0x1c04 [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
21:03:11.0174 0x1c04 WEPHOSTSVC - ok
21:03:11.0190 0x1c04 [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:03:11.0260 0x1c04 wercplsupport - ok
21:03:11.0280 0x1c04 [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:03:11.0330 0x1c04 WerSvc - ok
21:03:11.0335 0x1c04 wfpcapture - ok
21:03:11.0352 0x1c04 [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
21:03:11.0364 0x1c04 WFPLWFS - ok
21:03:11.0380 0x1c04 [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
21:03:11.0403 0x1c04 WiaRpc - ok
21:03:11.0430 0x1c04 [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:03:11.0439 0x1c04 WIMMount - ok
21:03:11.0441 0x1c04 WinDefend - ok
21:03:11.0448 0x1c04 [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
21:03:11.0459 0x1c04 WindowsTrustedRT - ok
21:03:11.0473 0x1c04 [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
21:03:11.0481 0x1c04 WindowsTrustedRTProxy - ok
21:03:11.0530 0x1c04 [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:03:11.0629 0x1c04 WinHttpAutoProxySvc - ok
21:03:11.0659 0x1c04 [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
21:03:11.0668 0x1c04 WinMad - ok
21:03:11.0725 0x1c04 [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:03:11.0785 0x1c04 Winmgmt - ok
21:03:11.0864 0x1c04 [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:03:11.0958 0x1c04 WinRM - ok
21:03:11.0977 0x1c04 [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
21:03:11.0989 0x1c04 WINUSB - ok
21:03:12.0003 0x1c04 [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
21:03:12.0013 0x1c04 WinVerbs - ok
21:03:12.0083 0x1c04 [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
21:03:12.0166 0x1c04 WlanSvc - ok
21:03:12.0221 0x1c04 [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
21:03:12.0362 0x1c04 wlidsvc - ok
21:03:12.0375 0x1c04 [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
21:03:12.0414 0x1c04 WmiAcpi - ok
21:03:12.0445 0x1c04 [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:03:12.0483 0x1c04 wmiApSrv - ok
21:03:12.0519 0x1c04 WMPNetworkSvc - ok
21:03:12.0556 0x1c04 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:03:12.0572 0x1c04 Wof - ok
21:03:12.0630 0x1c04 [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
21:03:12.0736 0x1c04 workfolderssvc - ok
21:03:12.0778 0x1c04 [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:03:12.0801 0x1c04 wpcfltr - ok
21:03:12.0825 0x1c04 [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:03:12.0870 0x1c04 WPDBusEnum - ok
21:03:12.0877 0x1c04 [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:03:12.0886 0x1c04 WpdUpFltr - ok
21:03:12.0894 0x1c04 [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService C:\WINDOWS\system32\WpnService.dll
21:03:12.0935 0x1c04 WpnService - ok
21:03:12.0963 0x1c04 [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:03:12.0987 0x1c04 ws2ifsl - ok
21:03:13.0005 0x1c04 [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
21:03:13.0023 0x1c04 wscsvc - ok
21:03:13.0026 0x1c04 WSearch - ok
21:03:13.0101 0x1c04 [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService C:\WINDOWS\System32\WSService.dll
21:03:13.0254 0x1c04 WSService - ok
21:03:13.0309 0x1c04 [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:03:13.0432 0x1c04 wuauserv - ok
21:03:13.0446 0x1c04 [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:03:13.0472 0x1c04 WudfPf - ok
21:03:13.0484 0x1c04 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
21:03:13.0509 0x1c04 WUDFRd - ok
21:03:13.0518 0x1c04 [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:03:13.0547 0x1c04 wudfsvc - ok
21:03:13.0553 0x1c04 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:03:13.0581 0x1c04 WUDFWpdFs - ok
21:03:13.0592 0x1c04 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:03:13.0624 0x1c04 WUDFWpdMtp - ok
21:03:13.0678 0x1c04 [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:03:13.0734 0x1c04 WwanSvc - ok
21:03:13.0773 0x1c04 [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
21:03:13.0837 0x1c04 XblAuthManager - ok
21:03:13.0890 0x1c04 [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
21:03:13.0994 0x1c04 XblGameSave - ok
21:03:14.0009 0x1c04 [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
21:03:14.0069 0x1c04 xboxgip - ok
21:03:14.0119 0x1c04 [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
21:03:14.0205 0x1c04 XboxNetApiSvc - ok
21:03:14.0218 0x1c04 [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
21:03:14.0231 0x1c04 xinputhid - ok
21:03:14.0247 0x1c04 [ 1E80EDF59994925D6AF76D87564588E1, 40D02073F3A17B6C10F496341598D39F55CE70AD626BADE1BBD2021AB1A018F9 ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys
21:03:14.0262 0x1c04 xusb22 - ok
21:03:14.0262 0x1c04 ================ Scan global ===============================
21:03:14.0316 0x1c04 [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
21:03:14.0347 0x1c04 [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
21:03:14.0374 0x1c04 [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
21:03:14.0396 0x1c04 [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
21:03:14.0403 0x1c04 [ Global ] - ok
21:03:14.0404 0x1c04 ================ Scan MBR ==================================
21:03:14.0411 0x1c04 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:03:14.0475 0x1c04 \Device\Harddisk0\DR0 - ok
21:03:14.0479 0x1c04 [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk1\DR1
21:03:16.0349 0x1c04 \Device\Harddisk1\DR1 - ok
21:03:16.0350 0x1c04 ================ Scan VBR ==================================
21:03:16.0367 0x1c04 [ C28ED2FF635E97AF4CEB7F7EF05B1514 ] \Device\Harddisk0\DR0\Partition1
21:03:16.0414 0x1c04 \Device\Harddisk0\DR0\Partition1 - ok
21:03:16.0428 0x1c04 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
21:03:16.0428 0x1c04 \Device\Harddisk0\DR0\Partition2 - ok
21:03:16.0436 0x1c04 [ FB248939E47CAAC806211A311A0A4095 ] \Device\Harddisk0\DR0\Partition3
21:03:16.0477 0x1c04 \Device\Harddisk0\DR0\Partition3 - ok
21:03:16.0478 0x1c04 [ D8479B63D79D7BC45C5C824E0A1D62F3 ] \Device\Harddisk1\DR1\Partition1
21:03:16.0480 0x1c04 \Device\Harddisk1\DR1\Partition1 - ok
21:03:16.0480 0x1c04 ================ Scan generic autorun ======================
21:03:16.0715 0x1c04 [ F9E8F9104C629608470B2E6D6A3AC59A, BA848885F031A505A69BDA59888CE858FBBF856F1DF9C47068D0A6142602E74C ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:03:16.0830 0x1c04 RTHDVCPL - ok
21:03:16.0966 0x1c04 [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:03:17.0015 0x1c04 NvBackend - ok
21:03:17.0021 0x1c04 [ 5DED2A3F11AE916C8F2724947E736261, 35402466FE6D02CC85A27171F55D9F7FD0AAF018D3CC410E46F0B43DCE7EA080 ] C:\Windows\system32\rundll32.exe
21:03:17.0048 0x1c04 ShadowPlay - ok
21:03:17.0080 0x1c04 [ F442241ED1840450DE1572BAAACC0EE0, 8878637DF4475BA967120470037CFDB147C46D8B4ED1661D4379D30EB3341135 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
21:03:17.0093 0x1c04 IMSS - ok
21:03:17.0127 0x1c04 [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:03:17.0138 0x1c04 USB3MON - ok
21:03:17.0161 0x1c04 [ 15CDF6250BE2CAC214C5F437BD7FB886, B82130B1C87759002659D3F02EC0B5788FDF43D303AF4C6394218C0BD1ED609D ] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe
21:03:17.0168 0x1c04 IntelSBA - ok
21:03:17.0222 0x1c04 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
21:03:17.0234 0x1c04 BCSSync - ok
21:03:17.0485 0x1c04 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:03:17.0628 0x1c04 OneDriveSetup - ok
21:03:17.0812 0x1c04 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:03:17.0956 0x1c04 OneDriveSetup - ok
21:03:17.0972 0x1c04 Sidebar - ok
21:03:18.0007 0x1c04 [ 985AA2B4944765D4E12EC1957F89B426, 894093E34F2B0ADCA4BD5E265BE55F41E597C9F4F92147B9FF55911D7AA9BE21 ] C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe
21:03:18.0052 0x1c04 Trust Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 )
21:03:19.0114 0x2bb8 Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip
21:03:20.0586 0x1c04 Trust Gaming Mouse ( UnsignedFile.Multi.Generic ) - warning
21:03:22.0576 0x2bb8 Object send P2P result: true
21:03:22.0577 0x2bb8 Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6
21:03:23.0172 0x1c04 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
21:03:23.0186 0x1c04 Google Update - ok
21:03:23.0280 0x1c04 [ 716F5828497A7739B1BCCEE4D0E8A80F, D9D3BB3910AD9A5B43E3AFAEBABB474975F30F0C7B82B035B82F39D4B54F7C33 ] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE
21:03:23.0302 0x1c04 Zoner Photo Studio Autoupdate - ok
21:03:23.0423 0x1c04 [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] C:\Program Files (x86)\Steam\steam.exe
21:03:23.0478 0x1c04 Steam - ok
21:03:23.0498 0x1c04 Skype - ok
21:03:23.0655 0x1c04 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:03:23.0797 0x1c04 OneDriveSetup - ok
21:03:23.0802 0x1c04 Waiting for KSN requests completion. In queue: 143
21:03:24.0803 0x1c04 Waiting for KSN requests completion. In queue: 143
21:03:25.0803 0x1c04 Waiting for KSN requests completion. In queue: 143
21:03:26.0032 0x2bb8 Object send P2P result: true
21:03:26.0051 0x2bb8 Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc
21:03:26.0279 0x2cd0 Object required for P2P: [ 5353A34090BABE3CD48B70569AF0DD12 ] C:\Program Files (x86)\Steam\steam.exe
21:03:26.0804 0x1c04 Waiting for KSN requests completion. In queue: 26
21:03:27.0804 0x1c04 Waiting for KSN requests completion. In queue: 26
21:03:28.0805 0x1c04 Waiting for KSN requests completion. In queue: 26
21:03:29.0500 0x2bb8 Object send P2P result: true
21:03:29.0751 0x2cd0 Object send P2P result: true
21:03:29.0853 0x1c04 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
21:03:29.0861 0x1c04 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
21:03:29.0873 0x1c04 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
21:03:32.0306 0x1c04 ============================================================
21:03:32.0306 0x1c04 Scan finished
21:03:32.0306 0x1c04 ============================================================
21:03:32.0314 0x1bdc Detected object count: 1
21:03:32.0314 0x1bdc Actual detected object count: 1
21:03:59.0459 0x1bdc Trust Gaming Mouse ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:59.0459 0x1bdc Trust Gaming Mouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
24.11.2015, 22:18
| #7 |
| /// the machine /// TB-Ausbilder | Plötzlich spielt sich Ton ab. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.11.2015, 16:11
| #8 |
| | mbam.txt Log 1/2 mbam.txt Log 1/2 Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 25.11.2015 Suchlaufzeit: 15:43 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.25.04 Rootkit-Datenbank: v2015.11.23.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: user Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 419024 Abgelaufene Zeit: 15 Min., 30 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 82 PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [142485fda5e61224c52b80c3867c05fb], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [142485fda5e61224c52b80c3867c05fb], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [142485fda5e61224c52b80c3867c05fb], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [142485fda5e61224c52b80c3867c05fb], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [142485fda5e61224c52b80c3867c05fb], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [142485fda5e61224c52b80c3867c05fb], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [142485fda5e61224c52b80c3867c05fb], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [142485fda5e61224c52b80c3867c05fb], PUP.Optional.Linkey, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, In Quarantäne, [af89354d3f4cc6706540f44c25dd2fd1], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{71e129ff-6c2a-4984-818c-7e2c998b8d99}, In Quarantäne, [84b4631f711a7cba24cb0043fd0552ae], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [67d1572bf299aa8c579c4c4e32d151af], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [93a55b271675ab8b945ff2a82cd77c84], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [fa3e7f03addec67015dea8f2748f2ed2], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [56e29de5375422148f649dfdaa5904fc], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [2216bec492f98bab787b851541c26b95], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [1325c3bf850672c4975cc4d66e9507f9], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [90a8562cacdf2016fcf7ddbd50b3da26], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [37011f63b5d63afc1bd84f4be023e21e], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [2315166cbfcc9c9aed06069428db9c64], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [64d4730ffc8f3402ab48faa0f2111be5], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [62d6acd6f299f73f62915a406d967e82], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [72c6fa881f6c8ea8ec07fb9f48bb51af], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [0a2e631f7a11280e797a405a42c1ce32], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [1e1a52307d0e59ddea09adedda29db25], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [88b0d2b0870416206c87a7f30bf8d927], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [ab8d98ea1c6faf8733c0d9c12dd68c74], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [b583037f58335ed85d969109dd269868], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [87b195ed9af134028d668c0ea36038c8], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [3afe4a38612a1d198f648d0dca395ea2], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [d2662260dfac82b4a053cdcde02347b9], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [17217d0578131f1763909109ca3950b0], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [5eda3c467219b87eb0431387be4546ba], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [0f291c66157688ae4ea5a4f6c043e31d], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [ec4c532fff8cce681fd45c3e699a3dc3], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [4eeabcc63556cc6a63905743be45916f], PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [87b1f78b3f4c69cdac47c4d6fb08f20e], PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}, In Quarantäne, [4cec057d6b207abce637bc29838038c8], PUP.Optional.SaveSense, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SaveSense, Löschen bei Neustart, [0236fd8597f44aec5f4141568d7513ed], PUP.Optional.SaveSense, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SaveSenseLiveUpdateTaskMachineCore, Löschen bei Neustart, [1226dda5fd8e9a9c6c341681db276f91], PUP.Optional.SaveSense, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SaveSenseLiveUpdateTaskMachineUA, Löschen bei Neustart, [3dfbacd6f69553e36739a9ee8e74df21], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\SaveSenseLive, In Quarantäne, [1028f38f1477d066b4441288c53e8d73], PUP.Optional.SystemK, HKLM\SOFTWARE\WOW6432NODE\SystemK, In Quarantäne, [25131c6644470b2bac361093bc47659b], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [f543f48e9cef76c05f9491091ce714ec], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [e652aed4fe8df14531c2683239ca20e0], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [94a41072e4a7f640797a3367986b6799], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [1424770bc6c5ac8a1fd414865fa4926e], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [c672e49eec9f25117b789a00857e5ca4], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [fc3cf88a7d0e6dc9f5fe15851fe4b24e], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [82b60f7345465bdb07ec0199d52eee12], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [f04887fb59329d991cd79bffea19936d], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [3701f88a1d6eb18551a20298ac57ce32], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [72c639495a31f145757e0991e22105fb], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [7bbd6e142368fa3c797a168438cbf010], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [73c5176b464594a2d81bdfbb6b9853ad], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [54e4255d0f7ce45234bf059546bd0ef2], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [f147a4de0e7de551797ad4c612f106fa], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [2a0e0d75a7e4e94de40f4b4f7d8606fa], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [9f991171acdf211582716c2e45be50b0], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [46f2f78bcac188aedf145c3e60a3d828], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [b1872c5693f8f73f6d865c3e659e6997], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [f345f38f27648fa7876c2e6c17ecb44c], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [b187e0a20784e15506ed21799271e818], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [be7acdb5434852e49a59900ada297888], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [6aced2b0523951e5cc273b5fa45fad53], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [9b9d532f008b2115e112e5b59c6754ac], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [57e1275b2467b77f658e54461fe4e41c], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [68d09ae8642703332cc7d1c95ea5cf31], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [d266443e0d7e35019e558812877c7090], PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\FKJOIGGKBEPEDJMJJBHHECJIIMLCKCGA, In Quarantäne, [191f176b53382f07df973464738fb947], PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}, In Quarantäne, [50e896ec2f5c3006110c895cb25124dc], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=3, In Quarantäne, [94a4275bd2b9d561de18ecae0af948b8], PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=9, In Quarantäne, [a3955a2897f4eb4be412c8d2e12223dd], PUP.Optional.SettingsManager, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, In Quarantäne, [62d686fc0289181ee7e8f5a8ef14fe02], PUP.Optional.BundleInstaller, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, In Quarantäne, [4fe921619bf0e45274ac046e4bb8e61a], PUP.Optional.SystemK, HKU\S-1-5-18\SOFTWARE\SystemK, In Quarantäne, [87b170120289082eae33bfe4867d867a], PUP.Optional.SaveSense, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\SaveSenseLive, In Quarantäne, [47f130524e3d4cea65908317bc4732ce], PUP.Optional.Conduit, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, In Quarantäne, [0a2e89f9345759dd4268066f8b78c739], PUP.Optional.PriceGong, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [54e4681a1c6f65d1b9435e386f9422de], PUP.Optional.Conduit, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\CONDUIT\FF, In Quarantäne, [4bed94eea2e954e23a717df823e034cc], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\FKJOIGGKBEPEDJMJJBHHECJIIMLCKCGA, In Quarantäne, [11277d0557347bbb6215ebadfd050af6], PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}, In Quarantäne, [eb4d2a585a31072ffa227a6ba2616997], PUP.Optional.Conduit, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D536C490-0A34-4F46-902D-8E962EB6FFA0}, In Quarantäne, [98a07d05d9b2f6405c54f481788b956b], Registrierungswerte: 13 PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|URL, hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}, In Quarantäne, [4cec057d6b207abce637bc29838038c8] PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|DisplayName, default-search.net, In Quarantäne, [97a11c66fd8e2610e486601b62a122de] PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|SuggestionsURL_JSON, hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}&ft=json, In Quarantäne, [23152e544a4102347cee502b857e649c] PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fkjoiggkbepedjmjjbhhecjiimlckcga|path, C:\Users\user\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx, In Quarantäne, [191f176b53382f07df973464738fb947] PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|URL, hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}, In Quarantäne, [50e896ec2f5c3006110c895cb25124dc] PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|DisplayName, default-search.net, In Quarantäne, [61d7f989b6d53204fe6c0378cf3451af] PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|SuggestionsURL_JSON, hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}&ft=json, In Quarantäne, [d1673e4498f3c373f377dd9e3bc844bc] PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fkjoiggkbepedjmjjbhhecjiimlckcga|path, C:\Users\user\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx, In Quarantäne, [11277d0557347bbb6215ebadfd050af6] PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|URL, hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}, In Quarantäne, [eb4d2a585a31072ffa227a6ba2616997] PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|DisplayName, default-search.net, In Quarantäne, [ef49fe84a7e4d95d600887f48a791be5] PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|SuggestionsURL_JSON, hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p={searchTerms}&ft=json, In Quarantäne, [3305255da5e6270fa3c5a0db54af5ca4] PUP.Optional.Conduit, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D536C490-0A34-4F46-902D-8E962EB6FFA0}|URL, hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020&SSPV=TB_IEOB19, In Quarantäne, [98a07d05d9b2f6405c54f481788b956b] PUP.Optional.Conduit, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D536C490-0A34-4F46-902D-8E962EB6FFA0}|FaviconURL, hxxp://search.conduit.com/favicon.ico, In Quarantäne, [df592c560586aa8c763a9fd624dfd030] Registrierungsdaten: 1 PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=hmp, Gut: (www.google.com), Schlecht: (hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=hmp),Ersetzt,[69cfe89a69220e28b9514f17a55fb050] Ordner: 141 PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\11585FF0DED34B72A6B8F22AC6856D11, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\76C4B7845523413E9F9A6732650AEA83, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\9DC577B771854B3D84ECD82903BA8448, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\E535EDAECC374DB38FB43ADB5E7C02A7, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\EDAEB90283B748199E3267EFE26BA788, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\F06BE999C817448C90E37374C4F09CD7, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\OpenCandy_11585FF0DED34B72A6B8F22AC6856D11, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\OpenCandy_E535EDAECC374DB38FB43ADB5E7C02A7, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive, In Quarantäne, [dd5b98eaa5e661d5e285104c38caa55b], PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update, In Quarantäne, [dd5b98eaa5e661d5e285104c38caa55b], PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log, In Quarantäne, [dd5b98eaa5e661d5e285104c38caa55b], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\SaveSense, In Quarantäne, [3bfd6b173a514beb98d0cf8ddd250000], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\SaveSense\UpdateProc, In Quarantäne, [3bfd6b173a514beb98d0cf8ddd250000], PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit\Community Alerts, In Quarantäne, [2f096f13236842f42845204b9e64817f], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}\content, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}\content\images, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}\defaults, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}\defaults\preferences, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.SaveSense, C:\Users\user\AppData\Local\SaveSenseLive, In Quarantäne, [9e9af48eb3d88babf3ff43408a78738d], PUP.Optional.SaveSense, C:\Users\user\AppData\Local\SaveSenseLive\CrashReports, In Quarantäne, [9e9af48eb3d88babf3ff43408a78738d], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer, In Quarantäne, [b880e9991e6d8fa77d34652d10f2af51], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}, In Quarantäne, [b880e9991e6d8fa77d34652d10f2af51], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache, In Quarantäne, [b880e9991e6d8fa77d34652d10f2af51], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\res, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\api, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\msd, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\js\resources, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spsd, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spsd\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gadgetFrame, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\img, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\img, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\APPLICATION_BUTTON, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\APPLICATION_BUTTON\Js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\APPLICATION_BUTTON\resources, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\img, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\js\resources, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\dark, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\light, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\Optimizer, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\Optimizer\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\agreement, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\css\custom-theme, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\css\custom-theme, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\resources, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\buildSettings, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\Css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\resources, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\view, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\view\script, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\view\style, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\view\style\rsx, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\img, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\core, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.alerts, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.alerts\images, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.jscrollpane, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\sl, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\lib, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\components, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\components\mam, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\ctypes, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\defaults, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\defaults\preferences, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\lib, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\META-INF, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\modules, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Plugins, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], Dateien: 453 PUP.Optional.SaveSense, C:\Windows\System32\Tasks\SaveSense, In Quarantäne, [f7412b57e8a3dc5a83d32f7906fccb35], PUP.Optional.SaveSense, C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore, In Quarantäne, [74c4483a0784b38366f09a0eef13b050], PUP.Optional.SaveSense, C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA, In Quarantäne, [7cbc7a088902f442fe587c2c45bd53ad], PUP.Optional.Conduit, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\searchplugins\ashampoo-de-customized-web-search.xml, In Quarantäne, [4bed176bb1dad95d9d1be094857e39c7], PUP.Optional.DefaultSearch.ShrtCln, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\searchplugins\default-search.xml, In Quarantäne, [62d63250bbd02d0977ec651620e349b7], PUP.Optional.DefaultSearch.ShrtCln, C:\Program Files (x86)\Mozilla Firefox\searchplugins\default-search.xml, In Quarantäne, [6ccc3052d3b8023414537efd7e856b95], PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSense.job, In Quarantäne, [1e1a552dd4b73ef88f620e8c3ac90ff1], PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job, In Quarantäne, [59dfdda55e2dc0769f523565d72c1be5], PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job, In Quarantäne, [df595230761544f2b93863370201ba46], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\11585FF0DED34B72A6B8F22AC6856D11\TuneUpUtilities2013-2200218-p3v0.exe, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\9DC577B771854B3D84ECD82903BA8448\TuneUp2014GER1day-de-DE-p4v1.exe, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\E535EDAECC374DB38FB43ADB5E7C02A7\TuneUpUtilities2013_2200218_de-DE.exe, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\EDAEB90283B748199E3267EFE26BA788\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\F06BE999C817448C90E37374C4F09CD7\Opera_NI_stable.exe, In Quarantäne, [28106e14f596a39333af0853c9397789], PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log, In Quarantäne, [dd5b98eaa5e661d5e285104c38caa55b], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\SaveSense\UpdateProc\config.dat, In Quarantäne, [3bfd6b173a514beb98d0cf8ddd250000], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\SaveSense\UpdateProc\info.dat, In Quarantäne, [3bfd6b173a514beb98d0cf8ddd250000], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\SaveSense\UpdateProc\STTL.DAT, In Quarantäne, [3bfd6b173a514beb98d0cf8ddd250000], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\SaveSense\UpdateProc\TTL.DAT, In Quarantäne, [3bfd6b173a514beb98d0cf8ddd250000], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\1.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\a.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\b.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\c.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\d.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\e.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\f.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\g.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\h.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\i.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\j.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\k.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\l.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\m.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\n.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\o.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\p.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\q.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\r.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\s.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\t.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\u.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\v.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\w.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\wlu.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\x.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\y.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.PriceGong, C:\Users\user\AppData\LocalLow\PriceGong\Data\z.txt, In Quarantäne, [fb3d562c4f3c4ee8953200810ff317e9], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}\chrome.manifest, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}\install.rdf, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}\content\images\icon32.png, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.SaveSense, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}\defaults\preferences\defaults.js, In Quarantäne, [fd3bd3afafdc3df9628b5b28f012a35d], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat, In Quarantäne, [b880e9991e6d8fa77d34652d10f2af51], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe, In Quarantäne, [b880e9991e6d8fa77d34652d10f2af51], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico, In Quarantäne, [b880e9991e6d8fa77d34652d10f2af51], PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll, In Quarantäne, [b880e9991e6d8fa77d34652d10f2af51], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\chrome.manifest, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\install.rdf, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\sspv.txt, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\version.txt, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\AbstractionLayer.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\AbstractionLayerBack.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\AbstractionLayerFront.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\BrowserContextMenuManager.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\popup.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\popup.xul, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\popupTransparent.xul, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\preferences.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\preferences.xul, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\toolbaroverlay.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\toolbaroverlay.xul, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tooltips.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\version.xul, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\autoComplete.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\priceGongMigration.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\MozillaRetentionDialog.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\RetentionDialog.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\css\MozillaRetentionDialog.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\css\RetentionDialog.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\images\2.0--spec--kicker.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\images\content-pattern.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\images\content-sep.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\images\OK-Button-Default.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\images\OK-Button-MouseOver.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\images\OK-Button-OnClick.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\images\x.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\js\MozillaRetentionDialog.view.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\logic\uninstall\dialog\js\RetentionDialog.view.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\backstage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e], |
|
25.11.2015, 16:15
| #9 |
| | mbam.txt Log mbam.txt Log 2/2 Code:
ATTFilter PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\version.txt, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\al.view.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\aboutBox.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\images\logo.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\images\OK-Button-Default.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\images\OK-Button-MouseOver.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\images\OK-Button-OnClick.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\images\truste.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\images\x.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\aboutBox\js\aboutBox.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\appManager.controller.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\appManager.model.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\appManager.view.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\css\toolbar.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\ajax-loader.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\buttonSprites.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\chevron_sprites.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\fallback24.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\ie8_mouseover_button.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\ie8_onclick_button.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\loader-icon.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\menu_arrow.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\minibrowser.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\minibrowser24.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\mp_sprites.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\new_chevron_sprites.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\rounded_corners_left_transparent.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\rounded_corners_left_white.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\rounded_corners_left_white_34.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\rounded_corners_right_transparent.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\rounded_corners_right_white.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\rounded_corners_right_white_34.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\separator.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\separator_hover.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\img\uus.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ac\res\yoxscroll.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\api\toolbarapi.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\api\webAppApi.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\api\webAppApiFront.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\msd\excanvas.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\msd\trusted.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\msd\trusted.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\msd\untrusted.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\msd\untrusted.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\msd\untrusted.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\options.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\css\jquery.jscrollpane.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\css\options.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\css\reset.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\bg-hide-click.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\bg-hide.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\checkbox-check-off.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\checkbox-check-on.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\ic_Closer.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\ic_Closer_hover.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\logo.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\minibrowser.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\scroller.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\sprite-ok-button.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\truste.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\images\x.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\js\html5SupportIe.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\js\options.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\js\resources\html5shiv.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\js\resources\jquery.jscrollpane.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\options\js\resources\jquery.mousewheel.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\js\searchProtectorManager.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\bubble.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\bubble.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\main.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\images\information.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\images\x-default-LTR.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\images\x-default-RTL.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\images\x-mouseover-LTR.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spbd\images\x-mouseover-RTL.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spsd\main.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spsd\SearchProtector.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spsd\settings.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spsd\images\ok-button.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spsd\images\separation-line.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\sp\spsd\images\warning.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menus.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\popups.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\DialogsAPI.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\excanvas.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\generalDialogStyle.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\PIE.htc, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\main.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\app-store-icon.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\arrow.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\dialog_tip_left.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\dialog_tip_right.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\divider.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\emailNotifier.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\facebook.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\radio.GIF, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\Thumbs.db, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\truste_welcome.GIF, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\ftd\images\weather.GIF, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\main.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\restartDialog.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\restartDialog.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\images\2.0--spec--kicker.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\images\content-pattern.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\images\content-sep.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\images\OK-Button-Default.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\images\OK-Button-MouseOver.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\images\OK-Button-OnClick.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\dlg\restart\images\x.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gadgetFrame\gf.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gadgetFrame\lgf.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\gf.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\lgf.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\css\gf.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\css\gf_ie.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\img\ie_back.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\img\loader.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\img\resize.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\img\sprites.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\js\gf.view.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\gf\js\lgf.view.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\popup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\css\menu.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\img\arrow-down-strong.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\img\arrow-down.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\img\arrow-left-strong.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\img\arrow-left.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\img\arrow-right-strong.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\img\arrow-right.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\img\arrows.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\js\jquery.ellipsis.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\js\jquery.scrollTo-1.4.2-min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\js\menu.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\js\renderHandler.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\js\scrollers.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\ui\menu\js\showHandler.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\browserAppApi.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\APPLICATION_BUTTON\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\APPLICATION_BUTTON\Js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\APPLICATION_BUTTON\resources\defaultEngineImage.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\bgPage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\popup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\css\en.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\css\en_rtl.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\css\jquery.jscrollpane.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\AccountManager.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\bgPage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\EN.model.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\IMAPExecuter.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\Inboxer.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\Invoker.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\MailDecoder.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\MailMerger.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\POP3Executer.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\Popup.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\providerHelper.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\Providers.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\SettingsManager.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\Timer.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\Translation.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\EMAIL_NOTIFIER\js\Utils.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\embedded.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\popup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\css\embedded.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\css\popup.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\css\reset.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\js\embedded.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\js\higlighter_script.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\HIGHLIGHTER\js\popup.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\popup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\css\popup.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\img\arrows.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\img\badges.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\img\icons.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\js\popup.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\MULTI_RSS\js\resources\webAppUtils.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\embedded.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\NotificationPopup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\Settings.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\css\gadget.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\css\general.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\css\Main.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\css\newMain.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\css\settings.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\css\ui.stepper.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\closeIcon.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\downArrow.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\settingsIcon.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\upArrow.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\dark\close.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\dark\Next.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\dark\Next_hover.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\dark\powered-by.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\dark\Prev.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\dark\Prev_hover.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\dark\settings.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\light\close.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\light\Next.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\light\Next_hover.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\light\powered-by.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\light\Prev.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\light\Prev_hover.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\images\light\settings.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\AppName.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\bgpageEarly.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\commons.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\jquery.ezmark.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\notification.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\NotificationSettings.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\notificationUIManger.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\Settings.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\stepper.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\NOTIFICATION\js\ToolbarAndAppsSettings.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\Optimizer\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\Optimizer\js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\pg_offers.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\pg_offers.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\agreement\agree.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\agreement\agree.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\agreement\Close.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\agreement\Image.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\agreement\Logo.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\agreement\OK_Btn.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\agreement\Topbg.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\css\gadget.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\css\ie7styles.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\css\iestyle.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\css\custom-theme\jquery-ui-1.8.10.custom.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\PRICE_GONG\images\icon.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\embedded.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\popup2.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\css\gadget.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\css\jquery.jscrollpane.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\css\reset.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\css\stations.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\css\custom-theme\jquery-ui-1.8.10.custom.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\bgpageEarly.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\embedded.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\embeddedEarly.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\localization.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\player.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\popup.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\resources\BrowserDetect.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery-ui-1.8.10.custom.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.jscrollpane.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.scrollTo-1.4.2-min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\resources\radioCommon.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\resources\system.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\RADIO_PLAYER\js\resources\utils.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\embedded.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\information.popup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\buildSettings\SearchApp_Ant.xml, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\Css\information.popup.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\common.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\contentManager.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\historyProvider.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\information.popup.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\layoutManager.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\searchListener.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\selectionListener.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\js\suggestProvider.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\resources\history--x-default.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\resources\history--x-mouseover.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\resources\menu.icon.apps.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\view\script\view.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\view\style\default.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\view\style\rsx\dd-arrow.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\SEARCH\view\style\rsx\ie8.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\popup.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\popup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\img\icons.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\img\inbox.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\img\scroll_down.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\img\scroll_up.png, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\js\localization.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\TWITTER\js\popup.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\bgpage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\popup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\css\gadget.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\css\ie7styles.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\css\iestyle.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\bgpage.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\common.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\date-functions.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\gadget.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\jquery.autocomplete.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\jquery.textshadow.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\logic.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\main.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\al\wa\WEATHER\js\xPath.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\core\corelibs.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\core\framework.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\core\utils.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\al.view.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\al.viewPerformanceLog.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\background.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\ie_fix.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.mousewheel.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.text-overflow.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.tmpl.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.xml2json.custom.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.xml2json.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\json2.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\json2.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\script2injectEmbedded.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\script2injectPopup.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\sdk.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.alerts\jquery.alerts.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.alerts\jquery.alerts.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.alerts\images\help.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.alerts\images\important.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.alerts\images\info.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.alerts\images\title.gif, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.jscrollpane\jquery.jscrollpane.css, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\lib\jquery.jscrollpane\jquery.jscrollpane.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\tb\sl\serviceLayer.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\backstage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\frontstage.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\navigationTests.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\popup.html, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\js\framework.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\lib\jquery-1.4.1.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\lib\jquery-1.5.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\lib\jquery-1.6.2.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\lib\json2.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\lib\LAB.min.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\lib\log4javascript.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Chrome\CT2481020\content\test\toolbar\lib\log4javascriptStub4Release.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\components\autoCompleteManager.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\components\mam\mamModule.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\ctypes\FirefoxCtype.dll, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\defaults\preferences\defaults.js, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\lib\log4conduit.jsm, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\lib\log4moz.jsm, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\META-INF\manifest.mf, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\META-INF\zigbert.rsa, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\META-INF\zigbert.sf, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\modules\BackStage.jsm, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\modules\Commons.jsm, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\modules\FrontStage.jsm, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.ConduitTB.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}\Plugins\np-mswmp.dll, In Quarantäne, [7ebac7bb553656e02a6397f3996bb24e],
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaultenginename", "default-search.net");), Ersetzt,[b38560221e6ddb5b54b72962b84c8977]
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "default-search.net");), Ersetzt,[1c1c493938532412c14b513ad4308d73]
PUP.Optional.Conduit, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js, Gut: (), Schlecht: (user_pref("CT2481020.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2481020&octid=CT2481020&SearchSource=15&CUI=UN54061923724835273&SSPV=&Lay=1&UM=\"}");), Ersetzt,[3701a4dea0ebb38347527f0cd4304cb4]
PUP.Optional.Conduit, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js, Gut: (), Schlecht: (user_pref("CT2481020.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020&SearchSource=2&q=");), Ersetzt,[e94ffa8899f284b233672d5e39cb32ce]
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=476&aid=164&itype=a&ver=12692&tm=341&src=ds&p=");), Ersetzt,[3bfdadd5602b63d316968506af55b848]
PUP.Optional.DefaultSearch.ShrtCln, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js, Gut: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (browser.startup.homepage", "hxxp://www.default-search.net), Ersetzt,[ff392a5879122f07159d5a38e420837d]
PUP.Optional.ASK.Gen, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\searchplugins\askcom.xml, In Quarantäne, [6aced3afa3e8af87af0b7719e61ef20e],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
25.11.2015, 16:34
| #10 |
| | AdwCleaner LogCode:
ATTFilter # AdwCleaner v5.022 - Bericht erstellt am 25/11/2015 um 16:21:24
# Aktualisiert am 22/11/2015 von Xplode
# Datenbank : 2015-11-22.2 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : user - SVEN-PC
# Gestartet von : C:\Users\user\Downloads\AdwCleaner_5.022.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\Conduit
[-] Ordner Gelöscht : C:\ProgramData\Ask
[-] Ordner Gelöscht : C:\users\user\AppData\Local\Conduit
[-] Ordner Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg
[-] Ordner Gelöscht : C:\users\user\AppData\LocalLow\Conduit
[-] Ordner Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\Smartbar
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fngmhnnpilhplaeedifhccceomclgfbg_0.localstorage
[-] Datei Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fngmhnnpilhplaeedifhccceomclgfbg_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_ciuvo.com_0.localstorage
[-] Datei Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_ciuvo.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage
[-] Datei Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\user.js
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.ssliveupdate.oneclickctrl.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.ssliveupdate.update3webcontrol.3
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99DCF141-03F9-4363-8D79-640FA646DEED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3AF4400F-CDC5-4F2D-B3F1-74348E5D5CCC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{422E1393-7A4C-44FF-A7E1-8B9D146E0666}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4807D6D8-ADC8-41AF-AB9D-AE1086D1E62F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6E1CD171-29C1-4D56-A223-E31C57A0A25A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70E96298-17FC-4020-A7CF-6F81ED8CF3AB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84A81B7E-B8CD-4891-BEA0-548D65E9610A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{867DF9A9-D013-4A1A-B685-DFF65D225ED4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{889074FC-1456-4CE8-88F7-154264DC275F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91F4CF02-F675-4E6A-B4E8-C13DF09B9B1B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A902A36E-0C79-4BD7-B561-9C058BD60210}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AB778974-218E-4734-90F0-731BE7E50E77}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADE6A9C0-12B3-457D-9A86-548FA87E04DB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B7C67027-15EB-489F-A9EA-286076CF7540}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CDB98856-BEA3-4073-AF57-23A3583AE9E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CDED8922-BB3D-4E3A-9C2C-89B1C927F48B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D79CBD8E-D857-4D05-B3AD-26F722CF5B6E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7EA7058-B19B-4A27-B50A-87A1B8FC5F30}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0EE6D408-6ED5-40C6-8C42-A041D5DE9AB0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{13A42355-1F94-4459-B19E-F60B2C607C77}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{293DD661-C540-4AC4-9B4C-42E68369CE1B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2EC58BDB-0694-4D54-80DD-A8F2AA0427A1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{313B508D-596D-4BDF-B0B5-E41F224E184A}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A18D16ED-27B2-4B83-B70C-15E73F099546}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\PIP
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\Linkey
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\savesenselive.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{40C011C5-BB03-48A0-A96D-244601255442}
***** [ Internetbrowser ] *****
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.1000082.isDisplayHidden", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.1000082.isPlayDisplay", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.1000082.muteState", "off");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.CBOpenMAMSettings.enc", "MA==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.Facebook_Mode.enc", "Mg==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.Facebook_User_Locale.enc", "ZGU=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.FirstTime", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.FirstTimeFF3", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.LoginRevertSettingsEnabled", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.PG_ENABLE.enc", "dHJ1ZQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.RevertSettingsEnabled", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.SF_JUST_INSTALLED.enc", "RkFMU0U=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.SF_STATUS.enc", "RU5BQkxFRA==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.SF_USER_ID.enc", "Y2lkXzI1NDIwMTMyMDE3NDIzNjUyMzU=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.UserID", "UN54061923724835273");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020._key_cl_active.enc", "NjYyMzdlNjgtY2ZmMC00ZGIzLWE1YzktZTA3MWRmMDI1MTQw");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.addressBarTakeOverEnabledInHidden", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.autoDisableScopes", -1);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.browser.search.defaultthis.engineName", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.cbcountry_001.enc", "REU=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.cbfirsttime.enc", "U2F0IERlYyAyMiAyMDEyIDE1OjIwOjAzIEdNVCswMTAw");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.countryCode", "DE");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.defaultSearch", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.embeddedsData", "[{\"appId\":\"129058856464656507\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.enableAlerts", "false");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.enableFix404ByUser", "TRUE");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.enableSearchFromAddressBar", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.firstTimeDialogOpened", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.fixPageNotFoundError", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.fixPageNotFoundErrorByUser", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.fixPageNotFoundErrorInHidden", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.fixUrls", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.fullUserID", "UN54061923724835273.UP.202308142258");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9sbD0wLHZzY3JvbGw9MCx0aXRsZWJhcj0xLGNsb3NlYnV0dG9uPTEsc2F2ZXJlc2l6ZWRzaXplPTAsb3BlbnBvc2l0aW9uPWFsaWd[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.installId", "conduitnsisintegration");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.installType", "conduitnsisintegration");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.isCheckedStartAsHidden", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.isFirstTimeToolbarLoading", "false");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.isNewTabEnabled", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.isPerformedSmartBarTransition", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.keyword", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.lastVersion", "10.21.1.507");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appStateReportTime", "%B7%B9%BF%BA%BE%BF%BB%BE%B9%B7%B9%B6%B8");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appStateReportTime.enc", "MTM5NDg5NTgzMTMwMg==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appState_Clarity_Active", "%F5%F4");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appState_Clarity_Active.enc", "b24=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appState_CouponBuddy.enc", "b24=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appState_Easytobook.enc", "b24=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appState_Easytobook_targeted.enc", "b24=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appState_PriceGong.enc", "b24=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJFYXN5dG9ib29rX3RhcmdldGVkIiwidXJsIjoiaHR0cDovL2NvbmQwMS5ldGJ4bWwuY29tL2NvbmR1aXRfYnVuZGxlL3dlYi9jaGVhcC5odG1sIiwic2[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_calledSetupService.enc", "MQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_currentBadgeValue", "%B7");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_currentBadgeValue.enc", "MQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_currentVersion", "%B7%B4%B7%B9%B4%B6%B4%B7%BD");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_currentVersion.enc", "MS4xMy4wLjE3");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_first_time", "%B7");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_first_time.enc", "MQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_globalKeysMigratedToLocalStorage.enc", "MQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_lastLoginTime", "%B7%B9%BF%BA%BE%BF%BB%BE%B9%B7%BC%BC%BB");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_lastLoginTime.enc", "MTM5NDg5NTgzMTY2NQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJBbmdlYm90XG5kZXMgVGFnZXMifSwiZG1ib3gyIjp7IlRleHQiOiJLb3N0ZW5sb3NlclxuVmVyc2FuZCJ9LCJkbWJ1bGxl[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_newApps", "%E1%E3");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_newApps.enc", "W10=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMDIiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjQ2XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.11.4.2", "ā%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0ā%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.11.4.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMTciLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjQ2XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.12.0.5", "ā%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0ā%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.12.0.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxNDAxMTciLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjExMDFfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.13.0.17", "ā%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0ā%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.13.0.17.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxNDAzMTUiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjExMDJfMCIsIlJUSyI6Ikg0c0lBQUFBQUFBRUFPeTl[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCIsImlzVGVzdCI6dHJ1ZSwiaXNXZWxjb21lRXhwZXJpZW5jZUVuYWJsZWRCeURlZmF1bHQiO[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiREUiLCJpc1dlbGNvbWVFeHBlc[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_stamp", "%B7%B7%B6%B8%E5%B6");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_stamp.enc", "MTEwMl8w");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_userBornDate", "%D4%B5%C7");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_userBornDate.enc", "Ti9B");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_userId", "%BC%BB%EB%B9%EA%E8%E7%B9%B3%BA%BB%BC%E8%B3%BA%BD%BE%BE%B3%BF%BD%E7%E9%B3%BA%BC%E8%EA%BA%EA%BC%B8%E8%BB%E9%B9");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_userId.enc", "NjVlM2RiYTMtNDU2Yi00Nzg4LTk3YWMtNDZiZDRkNjJiNWMz");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_user_approval_interacted", "%B7");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_user_approval_interacted.enc", "MQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_welcomeDialogMode", "%B7");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.mam_gk_welcomeDialogMode.enc", "MQ==");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.migrateAppsAndComponents", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://AshampooDE.OurToolbar.com/\",\"EB_TOOL[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.openThankYouPage", "false");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.openUninstallPage", "false");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020&SearchSource=2&CUI=UN54061923724835273&UM=&q=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"12\\\\/18\\\\/2012 20\\\"}\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.revertSettingsEnabled", "false");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.search.searchAppId", "129058856464656507");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.search.searchCount", "0");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.searchInNewTabEnabledByUser", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.searchInNewTabEnabledInHidden", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.searchSuggestEnabledByUser", "true");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2481020\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://AshampooDE.OurToolbar.com//xpi\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Ashampoo DE \"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_Configuration_lastUpdate", "1394895826378");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1394895825520");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_appsMetadata_lastUpdate", "1394895825500");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1394895824974");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_location_lastUpdate", "1375574594854");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_login_10.13.40.15_lastUpdate", "1360963706628");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_login_10.14.65.43_lastUpdate", "1366043262962");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_login_10.15.0.562_lastUpdate", "1367139399217");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_login_10.15.2.523_lastUpdate", "1375574595030");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_login_10.16.70.505_lastUpdate", "1383091021276");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_login_10.21.1.507_lastUpdate", "1394895824917");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1394895825015");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_searchAPI_lastUpdate", "1394895825574");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_serviceMap_lastUpdate", "1394895824476");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_setupAPI_lastUpdate", "1366043263265");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_toolbarContextMenu_lastUpdate", "1394895825147");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_toolbarSettings_lastUpdate", "1394895824873");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_translation_lastUpdate", "1394895825568");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_userApps1ec55dac-8dca-406b-9697-5d68893c1c0c_lastUpdate", "1389969300542");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.serviceLayer_services_userApps_lastUpdate", "1389969300548");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.settingsINI", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.shouldFirstTimeDialog", "false");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.showToolbarPermission", "false");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.smartbar.CTID", "CT2481020");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.smartbar.Uninstall", "0");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.smartbar.homepage", true);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.smartbar.toolbarName", "Ashampoo DE ");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.toolbarBornServerTime", "18-12-2012");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.toolbarCurrentServerTime", "15-3-2014");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.toolbarLoginClientTime", "Sun Apr 21 2013 22:44:01 GMT+0200");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.url_history0001", "%EE%FA%FA%F6%F9%C0%B5%B5%FD%FD%FD%B4%EC%E7%E9%EB%E8%F5%F5%F1%B4%E9%F5%F3%B5%F6%EE%F5%FA%F5%B4%F6%EE%F6%C5%FC%C3%BB%BA%BA%B9%B8%BA%BD%BA%BB%BC%B8%B7%B7%B9%BC%C0%[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020.url_history0001.enc", "aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL3Bob3RvLnBocD92PTU0NDMyNDc0NTYyMTEzNjo6OmNsaWNraGFuZGxlcjo6OjEzODM1MTc2NTEwNTIsLCxodHRwczovL3d3dy5mYWNlYm9vay5jb20vcGhvdG8u[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("CT2481020_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1394895822748,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=13&CUI=SB_CUI");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo DE Customized Web Search");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020&SearchSource=2&q=");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481020");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "default-search.net");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("plugin.state.npconduitfirefoxplugin", 2);
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartBar.searchInNewTabOwner", "CT2481020");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT2481020");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=13&CUI=SB_CUI");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020&SearchSource=2&CU[...]
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT2481020");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.machineId", "+PSIY+L2JRRYZGAPLLZCNFNBKLRBHZOCDD0G/GX05OLOB6ZWTXB3+WHAV7HIAXMUDLMCBZGQPEYVFDWCKXK7GW");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.originalSearchAddressUrl", "");
[-] [C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\prefs.js] [Preference] Gelöscht : user_pref("smartbar.originalSearchEngine", false);
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : fngmhnnpilhplaeedifhccceomclgfbg
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npnkeeiehehhefofiekoflfedgehcdhl
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://www.default-search.net?sid=476&aid=164&itype=a&ver=12692&tm=341&src=hmp
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [45500 Bytes] ##########
JRT.txt Log Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Home x64
Ran by user (Administrator) on 25.11.2015 at 16:27:09,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 13
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\ProgramData\Start Menu\Programs\clipgrab (Folder)
Successfully deleted: C:\Users\Public\Desktop\clipgrab.lnk (Shortcut)
Successfully deleted: C:\Users\user\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\user\AppData\Local\cre (Folder)
Successfully deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage-journal (File)
Successfully deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage (File)
Successfully deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal (File)
Successfully deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage (File)
Successfully deleted: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\CT2481020\conduit.xml (File)
Successfully deleted: C:\Users\user\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_user.job (Task)
Successfully deleted: C:\Program Files (x86)\clipgrab (Folder)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5786D022-540E-4699-B350-B4BE0AE94B79} (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.11.2015 at 16:29:28,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-11-2015 durchgeführt von user (Administrator) auf SVEN-PC (25-11-2015 16:32:52) Gestartet von C:\Users\user\Downloads Geladene Profile: user (Verfügbare Profile: user & DefaultAppPool) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\System32\PnkBstrA.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6469736 2012-03-06] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation) HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4244744 2012-07-17] (Intel Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Trust Gaming Mouse] => C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe [960512 2012-02-07] (Trust) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-07-10] (Microsoft Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-11-25] ShortcutTarget: MEGAsync.lnk -> C:\Users\user\AppData\Local\MEGAsync\MEGAsync.exe (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{afc01c71-c839-4d1e-8368-de79f0c5960c}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp URLSearchHook: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000 - (Kein Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - Keine Datei SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-07-23] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-07-23] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) Toolbar: HKU\.DEFAULT -> Kein Name - {5786D022-540E-4699-B350-B4BE0AE94B79} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/?sid=476&aid=164&itype=a&ver=12692&tm=341&src=hmp FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-07-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-07-23] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-15] () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [nicht gefunden] FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-20] [ist nicht signiert] FF Extension: Better Battlelog (BBLog) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack [2015-07-23] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.de/" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0\plugin/online_banking_npapi.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0\plugin/content_blocker_npapi.dll => Keine Datei CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\npBP4FUpdater.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0\plugin/npABPlugin.dll => Keine Datei CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll => Keine Datei CHR Plugin: (Battlelog Game Launcher) - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll => Keine Datei CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll => Keine Datei CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Keine Datei CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () CHR Plugin: (Unity Player) - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Keine Datei CHR Plugin: (Facebook Desktop) - C:\Users\user\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll => Keine Datei CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei CHR Plugin: (Google Update) - C:\Users\user\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Google Talk Plugin) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Keine Datei CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npo1d.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll => Keine Datei CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-08-01] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google-Suche) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Kaspersky Protection) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-24] CHR Extension: (Facebook Ads Blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhojjeeaapcofdjleiamnokcfdnna [2012-10-19] CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-17] CHR Extension: (Plug+) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jflocljnfndnnnlmfaamgbkbibnfmlkf [2014-09-26] CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2013-04-23] CHR Extension: (Download Master) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2013-11-11] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01] CHR Extension: (ProxPrice) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2015-04-09] CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\user\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka StartMenuInternet: Google Chrome - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-23] (Kaspersky Lab ZAO) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-04] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [45832 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-21] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-22] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-13] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-13] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-21] (Microsoft Corporation) S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-09-21] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-21] (Microsoft Corporation) R2 W3SVC; C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll [504832 2015-09-21] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-20] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-20] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [925064 2015-10-20] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-20] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-25] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-21] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) U3 idsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-25 16:32 - 2015-11-25 16:32 - 00000000 ____D C:\Users\user\Downloads\FRST-OlderVersion 2015-11-25 16:29 - 2015-11-25 16:29 - 00001975 _____ C:\Users\user\Desktop\JRT.txt 2015-11-25 16:26 - 2015-11-25 16:27 - 01599336 _____ (Malwarebytes) C:\Users\user\Downloads\JRT.exe 2015-11-25 16:23 - 2015-11-25 16:23 - 00016148 _____ C:\WINDOWS\system32\SVEN-PC_user_HistoryPrediction.bin 2015-11-25 16:18 - 2015-11-25 16:21 - 00000000 ____D C:\AdwCleaner 2015-11-25 16:16 - 2015-11-25 16:16 - 01733632 _____ C:\Users\user\Downloads\AdwCleaner_5.022.exe 2015-11-25 16:08 - 2015-11-25 16:08 - 00162517 _____ C:\Users\user\Desktop\mbam.txt 2015-11-25 15:41 - 2015-11-25 16:06 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-25 15:41 - 2015-11-25 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-25 15:41 - 2015-11-25 15:41 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-25 15:41 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-11-25 15:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-11-25 15:40 - 2015-11-25 15:41 - 22908888 _____ (Malwarebytes ) C:\Users\user\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-23 21:00 - 2015-11-23 21:02 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\user\Downloads\tdsskiller.exe 2015-11-23 20:30 - 2015-11-25 16:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-23 20:30 - 2015-11-25 15:41 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-23 20:30 - 2015-11-23 20:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-11-23 20:29 - 2015-11-23 20:29 - 00000000 ____D C:\Users\user\Desktop\Neuer Ordner 2015-11-23 20:29 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-11-22 13:11 - 2015-11-22 13:11 - 00065242 _____ C:\Users\user\Downloads\Addition.txt 2015-11-22 13:09 - 2015-11-25 16:32 - 02348544 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2015-11-22 13:09 - 2015-11-25 16:32 - 00030661 _____ C:\Users\user\Downloads\FRST.txt 2015-11-22 13:09 - 2015-11-25 16:32 - 00000000 ____D C:\FRST 2015-11-11 15:08 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-11 15:08 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-11-11 15:08 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-11-11 15:08 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-11 15:08 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-11-11 15:08 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-11 15:08 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-11-11 15:08 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-11-11 15:08 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-11-11 15:08 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-11 15:08 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-11-11 15:08 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-11-11 15:08 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-11 15:08 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-11-11 15:08 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-11-11 15:08 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-11-11 15:08 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-11 15:08 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-11-11 15:08 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-11-11 15:08 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-11-11 15:08 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2015-11-11 15:08 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-11-11 15:08 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-11 15:08 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-11-11 15:08 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-11-11 15:08 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-11-11 15:08 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-11-11 15:08 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-11 15:08 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-11-11 15:08 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-11-11 15:08 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-11 15:08 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-11-11 15:08 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-11-11 15:08 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-11-11 15:08 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-11-11 15:08 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-11-11 15:08 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-11-11 15:08 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-11-11 15:08 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-11-11 15:08 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-11-11 15:08 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-11 15:08 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-11-11 15:08 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-11-11 15:08 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-11-11 15:08 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-11-11 15:08 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-11-11 15:08 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-11 15:08 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-11 15:08 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-11 15:08 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-11 15:08 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-11-11 15:08 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-11-11 15:08 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-11-04 21:55 - 2015-11-25 16:06 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk 2015-11-04 21:55 - 2015-11-04 21:55 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-11-04 21:55 - 2015-11-04 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-11-04 21:53 - 2015-11-04 21:53 - 01503872 _____ (Skype Technologies S.A.) C:\Users\user\Downloads\SkypeSetup.exe 2015-11-04 21:47 - 2015-11-25 16:05 - 00001341 _____ C:\Users\user\Desktop\Revo Uninstaller.lnk 2015-11-04 21:47 - 2015-11-04 21:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\user\Downloads\revosetup.exe 2015-11-04 21:47 - 2015-11-04 21:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-25 16:29 - 2015-09-21 20:59 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-25 16:29 - 2015-07-10 17:34 - 00883662 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-25 16:29 - 2015-07-10 17:34 - 00195796 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-25 16:29 - 2012-07-20 23:18 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000UA.job 2015-11-25 16:29 - 2012-07-20 23:18 - 00001064 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000Core.job 2015-11-25 16:25 - 2012-07-20 17:27 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2015-11-25 16:23 - 2013-05-24 21:41 - 00000000 ____D C:\Users\user\AppData\Roaming\NetSpeedMonitor 2015-11-25 16:23 - 2013-04-15 17:40 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-25 16:23 - 2012-08-28 16:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-11-25 16:23 - 2012-07-20 17:40 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-25 16:22 - 2015-09-21 20:57 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-25 16:22 - 2015-09-21 20:52 - 00220628 _____ C:\WINDOWS\PFRO.log 2015-11-25 16:22 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-25 16:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-25 16:22 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-11-25 16:19 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-25 16:19 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-25 16:19 - 2013-04-15 17:40 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-25 16:07 - 2015-09-21 21:29 - 00002392 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-11-25 16:07 - 2015-09-21 21:25 - 00001051 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk 2015-11-25 16:07 - 2015-09-21 21:07 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-11-25 16:07 - 2015-03-24 07:09 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-11-25 16:07 - 2014-12-23 21:35 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-11-25 16:07 - 2012-10-12 17:43 - 00001416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\DayZ Commander.lnk 2015-11-25 16:07 - 2012-10-02 19:46 - 00001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-11-25 16:06 - 2015-10-20 20:43 - 00001052 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-11-25 16:06 - 2015-10-17 10:54 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk 2015-11-25 16:06 - 2015-03-24 07:09 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-11-25 16:06 - 2015-03-21 20:31 - 00000961 _____ C:\Users\Public\Desktop\Minecraft.lnk 2015-11-25 16:06 - 2015-02-19 21:53 - 00001256 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2015-11-25 16:06 - 2014-12-02 14:17 - 00001922 _____ C:\Users\Public\Desktop\Zoner Photo Studio 16.lnk 2015-11-25 16:06 - 2014-12-02 14:17 - 00001922 _____ C:\Users\Public\Desktop\Zoner Photo Studio 16 x64.lnk 2015-11-25 16:06 - 2012-10-07 16:23 - 00001682 _____ C:\Users\Public\Desktop\League of Legends spielen .lnk 2015-11-25 16:06 - 2012-10-02 19:46 - 00001134 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-11-25 16:06 - 2012-07-28 18:48 - 00000915 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-11-25 16:06 - 2012-07-20 17:42 - 00000983 _____ C:\Users\Public\Desktop\Origin.lnk 2015-11-25 16:05 - 2015-09-23 15:24 - 00002497 _____ C:\Users\user\Desktop\Sicherer Zahlungsverkehr.lnk 2015-11-25 16:05 - 2015-09-23 14:48 - 00002357 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2015-11-25 16:05 - 2015-05-13 21:55 - 00001174 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk 2015-11-25 16:05 - 2015-03-23 17:40 - 00001251 _____ C:\Users\user\Desktop\The Elder Scrolls Online.lnk 2015-11-25 16:05 - 2015-02-19 21:53 - 00001232 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2015-11-25 16:05 - 2014-12-23 21:35 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2015-11-25 16:05 - 2014-12-01 20:11 - 00001059 _____ C:\Users\Public\Desktop\DayZLauncher.lnk 2015-11-25 16:05 - 2014-07-28 10:24 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-11-25 16:05 - 2014-07-23 17:16 - 00001348 _____ C:\Users\user\Desktop\Technic Launcher.lnk 2015-11-25 16:05 - 2014-07-10 14:54 - 00001313 _____ C:\Users\Public\Desktop\Battlefield 4.lnk 2015-11-25 16:05 - 2013-09-01 21:04 - 00000974 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk 2015-11-25 16:05 - 2013-08-29 12:01 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-11-25 16:05 - 2012-12-27 14:03 - 00001756 _____ C:\Users\user\Desktop\Trust Gaming Mouse.lnk 2015-11-25 16:05 - 2012-12-26 00:37 - 00001001 _____ C:\Users\user\Desktop\Dropbox.lnk 2015-11-25 16:05 - 2012-12-17 14:16 - 00001205 _____ C:\Users\user\Desktop\Uplay.lnk 2015-11-25 16:05 - 2012-11-17 01:26 - 00002137 _____ C:\Users\user\Desktop\Enable 3D Vision.lnk 2015-11-25 16:05 - 2012-10-22 13:30 - 00001168 _____ C:\Users\Public\Desktop\Camtasia Studio 7.lnk 2015-11-25 16:05 - 2012-10-21 00:19 - 00001202 _____ C:\Users\user\Desktop\Format Factory.lnk 2015-11-25 16:05 - 2012-10-12 17:43 - 00001410 _____ C:\Users\Public\Desktop\DayZ Commander.lnk 2015-11-25 16:05 - 2012-09-12 13:54 - 00001096 _____ C:\Users\user\Desktop\MSI Kombustor 2.3.lnk 2015-11-25 16:05 - 2012-09-11 14:38 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk 2015-11-25 16:05 - 2012-08-10 15:53 - 00001470 _____ C:\Users\Public\Desktop\Intel(R) Small Business Advantage.lnk 2015-11-25 16:05 - 2012-07-20 19:53 - 00001175 _____ C:\Users\user\Desktop\Pinball.lnk 2015-11-25 16:02 - 2012-07-20 19:53 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-11-25 16:02 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-11-25 15:46 - 2015-02-22 10:28 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-11-24 17:49 - 2012-07-20 18:42 - 00000000 ____D C:\Users\user\AppData\Roaming\TS3Client 2015-11-22 21:08 - 2012-07-20 17:45 - 00000000 ____D C:\ProgramData\Origin 2015-11-22 16:07 - 2012-07-20 17:45 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-11-22 16:05 - 2012-07-20 17:42 - 00000000 ____D C:\Program Files (x86)\Origin 2015-11-13 21:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas 2015-11-11 15:46 - 2015-10-19 22:47 - 00000000 ____D C:\Users\user\Desktop\Ventilator - Die Orsons 2015-11-11 15:44 - 2012-10-22 13:40 - 00008704 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-11 15:37 - 2012-08-01 12:48 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-11 15:36 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-11-11 15:33 - 2014-03-01 15:57 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-11 15:23 - 2012-07-25 03:40 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-04 21:55 - 2014-03-03 19:20 - 00000000 ____D C:\Users\user\AppData\Local\Skype 2015-11-04 21:55 - 2012-07-20 17:27 - 00000000 ____D C:\ProgramData\Skype 2015-11-03 19:20 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-11-03 19:20 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-03 19:12 - 2012-07-20 18:10 - 00000000 ____D C:\Users\user\Downloads\Spiele 2015-11-02 19:44 - 2012-12-25 17:11 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-01 16:54 - 2014-12-24 13:31 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-10-27 00:54 - 2012-07-20 18:41 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-10-26 13:15 - 2015-09-21 21:46 - 00000000 ____D C:\Windows.old ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-06-17 20:04 - 2013-06-17 20:05 - 349319464 _____ () C:\Users\user\AppData\Roaming\.minecraft.rar 2013-02-01 13:41 - 2013-02-01 13:45 - 0000005 _____ () C:\Users\user\AppData\Roaming\version.ini 2014-03-28 19:33 - 2014-03-31 21:34 - 0000084 _____ () C:\Users\user\AppData\Roaming\WB.CFG 2012-10-22 13:40 - 2015-11-11 15:44 - 0008704 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-08 22:04 - 2013-12-08 22:04 - 0000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND 2012-08-03 12:15 - 2013-10-06 00:16 - 0007605 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2012-07-25 13:50 - 2012-07-25 13:50 - 0017408 _____ () C:\Users\user\AppData\Local\WebpageIcons.db 2015-07-22 15:42 - 2015-07-22 15:42 - 0000000 _____ () C:\Users\user\AppData\Local\{6592B99C-4F52-4663-9DFD-6F004FEF430E} 2014-10-23 23:30 - 2014-08-24 23:30 - 0000032 ____R () C:\ProgramData\hash.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\hash.dat Einige Dateien in TEMP: ==================== C:\Users\user\AppData\Local\Temp\0098316e-ee51-4d67-9089-95ed719cde2e.exe C:\Users\user\AppData\Local\Temp\a4087b60-5c58-41ce-ba10-d0bf34a71bdc.exe C:\Users\user\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-20 13:10 ==================== Ende von FRST.txt ============================ |
|
27.11.2015, 00:04
| #11 |
| /// the machine /// TB-Ausbilder | Plötzlich spielt sich Ton ab.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.11.2015, 16:41
| #12 |
| | ESET LogCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=78bef25ddfac2e4781dc87d8a04c0235
# end=init
# utc_time=2015-11-27 10:42:02
# local_time=2015-11-27 11:42:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26928
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=78bef25ddfac2e4781dc87d8a04c0235
# end=updated
# utc_time=2015-11-27 10:47:55
# local_time=2015-11-27 11:47:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=78bef25ddfac2e4781dc87d8a04c0235
# engine=26928
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-27 01:25:01
# local_time=2015-11-27 02:25:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 165711 12852953 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 5613527 12104713 0 0
# scanned=397653
# found=14
# cleaned=0
# scan_time=9425
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
sh=BE61B4D7AF0C9FF225311FE8AE5A0C5446560DDC ft=1 fh=9c69b4229618ed36 vn="Variante von Win32/Toolbar.Conduit.AL evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins\ConduitChromeApiPlugin.dll"
sh=BE61B4D7AF0C9FF225311FE8AE5A0C5446560DDC ft=1 fh=9c69b4229618ed36 vn="Variante von Win32/Toolbar.Conduit.AL evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_1\plugins\ConduitChromeApiPlugin.dll"
sh=BE61B4D7AF0C9FF225311FE8AE5A0C5446560DDC ft=1 fh=9c69b4229618ed36 vn="Variante von Win32/Toolbar.Conduit.AL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins\ConduitChromeApiPlugin.dll"
sh=BE61B4D7AF0C9FF225311FE8AE5A0C5446560DDC ft=1 fh=9c69b4229618ed36 vn="Variante von Win32/Toolbar.Conduit.AL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_1\plugins\ConduitChromeApiPlugin.dll"
sh=F43DC2757D89158E061EB109C3D4B450C9EDA155 ft=1 fh=f0ef89835c075e10 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\AppData\Local\Temp\DMR\dmr_72.exe"
sh=B089AC2ABEDBAED3A347DD9026E20EFC1078D609 ft=1 fh=37d944ff3362ca65 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\Installer\ashampoo_winoptimizer_8_8.14.00_12336.exe"
sh=FDE3D7E13260CD75D7523F0B02BC06C16419C026 ft=1 fh=3918cb108fedf547 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\Installer\FFSetup3.3.1.0.exe"
sh=991F10565902395715048E37D28B4F18CBE22C86 ft=1 fh=c19752d396f934b3 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\Installer\Free WMA to MP3 Converter - CHIP-Installer.exe"
sh=53C400024C35FB5E056A394ECE9B5E3812C7C675 ft=1 fh=850c791d42ad33a8 vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\Installer\installer_microsoft_powerpoint_Deutsch.exe"
sh=D9CAB8AB719768D9441481EADFFF4B7E47453598 ft=1 fh=355be942d30a68ac vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\Installer\Java Runtime Environment 64 Bit - CHIP-Installer.exe"
sh=8724C59A257E11A4D91C2B891297C16549255221 ft=1 fh=fa92c2bf28b1d1b8 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\Installer\uTorrent.exe"
sh=8A2C9830CA4970CA516AFF970144DFCA07E1F73D ft=1 fh=b0f739db65f7673f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\Installer\Vollversion onlineTV 10 - CHIP-Installer.exe"
sh=736664BD8CC2799BEADF1FBB354473C2313DDA2C ft=1 fh=31dd412da9b2e821 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\Installer\Vollversion Zoner Photo Studio 16 - CHIP-Installer.exe"
SecurityCheck-txt Log Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender Kaspersky Internet Security Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java version 32-bit out of Date! Adobe Flash Player 19.0.0.245 Adobe Reader XI Mozilla Firefox 30.0 Firefox out of Date! Google Chrome (46.0.2490.80) Google Chrome (46.0.2490.86) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe Intel Intel(R) Small Business Advantage Service Intel.SmallBusinessAdvantage.WindowsService.exe Intel Intel(R) Small Business Advantage UI IntelSmallBusinessAdvantage.exe Kaspersky Lab Kaspersky Internet Security 16.0.0 avp.exe Kaspersky Lab Kaspersky Internet Security 16.0.0 avpui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-11-2015 durchgeführt von user (Administrator) auf SVEN-PC (27-11-2015 16:39:37) Gestartet von C:\Users\user\Downloads Geladene Profile: user (Verfügbare Profile: user & DefaultAppPool) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\System32\PnkBstrA.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Trust) C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1511.24020.0_x64__8wekyb3d8bbwe\Calculator.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6469736 2012-03-06] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation) HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4244744 2012-07-17] (Intel Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Trust Gaming Mouse] => C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe [960512 2012-02-07] (Trust) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.) HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-07-10] (Microsoft Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\user\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.) Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-11-25] ShortcutTarget: MEGAsync.lnk -> C:\Users\user\AppData\Local\MEGAsync\MEGAsync.exe (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{afc01c71-c839-4d1e-8368-de79f0c5960c}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp URLSearchHook: HKU\S-1-5-21-3869212048-3077100759-3598159068-1000 - (Kein Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - Keine Datei SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-07-23] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-07-23] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab) Toolbar: HKU\.DEFAULT -> Kein Name - {5786D022-540E-4699-B350-B4BE0AE94B79} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/?sid=476&aid=164&itype=a&ver=12692&tm=341&src=hmp FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-07-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-07-23] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-3869212048-3077100759-3598159068-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-15] () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [nicht gefunden] FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-20] [ist nicht signiert] FF Extension: Better Battlelog (BBLog) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\q1swg1wa.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack [2015-07-23] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.de/" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Users\user\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0\plugin/online_banking_npapi.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0\plugin/content_blocker_npapi.dll => Keine Datei CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\npBP4FUpdater.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0\plugin/npABPlugin.dll => Keine Datei CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll => Keine Datei CHR Plugin: (Battlelog Game Launcher) - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll => Keine Datei CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll => Keine Datei CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Keine Datei CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () CHR Plugin: (Unity Player) - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Keine Datei CHR Plugin: (Facebook Desktop) - C:\Users\user\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll => Keine Datei CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei CHR Plugin: (Google Update) - C:\Users\user\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Google Talk Plugin) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Keine Datei CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npo1d.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll => Keine Datei CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-08-01] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google-Suche) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Kaspersky Protection) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-24] CHR Extension: (Facebook Ads Blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhojjeeaapcofdjleiamnokcfdnna [2012-10-19] CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-26] CHR Extension: (Plug+) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jflocljnfndnnnlmfaamgbkbibnfmlkf [2014-09-26] CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2013-04-23] CHR Extension: (Download Master) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2013-11-11] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01] CHR Extension: (ProxPrice) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2015-04-09] CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKU\S-1-5-21-3869212048-3077100759-3598159068-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\user\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka StartMenuInternet: Google Chrome - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-23] (Kaspersky Lab ZAO) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-04] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [45832 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-21] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-22] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-13] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-13] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-21] (Microsoft Corporation) S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-09-21] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-21] (Microsoft Corporation) R2 W3SVC; C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll [504832 2015-09-21] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-20] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-20] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [925064 2015-10-20] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-20] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-27] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-21] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) U3 idsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-27 16:34 - 2015-11-27 16:34 - 00016148 _____ C:\WINDOWS\system32\SVEN-PC_user_HistoryPrediction.bin 2015-11-27 14:27 - 2015-11-27 14:27 - 00852720 _____ C:\Users\user\Desktop\SecurityCheck.exe 2015-11-27 11:41 - 2015-11-27 11:41 - 02870984 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu.exe 2015-11-27 11:41 - 2015-11-27 11:41 - 00000000 ____D C:\Program Files (x86)\ESET 2015-11-26 15:30 - 2015-11-26 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\ProductData 2015-11-25 18:17 - 2015-11-25 18:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\329D17DC.sys 2015-11-25 16:32 - 2015-11-25 16:32 - 00000000 ____D C:\Users\user\Downloads\FRST-OlderVersion 2015-11-25 16:26 - 2015-11-25 16:27 - 01599336 _____ (Malwarebytes) C:\Users\user\Downloads\JRT.exe 2015-11-25 16:18 - 2015-11-25 16:21 - 00000000 ____D C:\AdwCleaner 2015-11-25 16:16 - 2015-11-25 16:16 - 01733632 _____ C:\Users\user\Downloads\AdwCleaner_5.022.exe 2015-11-25 15:41 - 2015-11-25 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-25 15:41 - 2015-11-25 15:41 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-25 15:41 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-11-25 15:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-11-25 15:40 - 2015-11-25 15:41 - 22908888 _____ (Malwarebytes ) C:\Users\user\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-23 21:00 - 2015-11-23 21:02 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\user\Downloads\tdsskiller.exe 2015-11-23 20:30 - 2015-11-27 15:29 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-23 20:30 - 2015-11-25 15:41 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-23 20:30 - 2015-11-23 20:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-11-23 20:29 - 2015-11-25 16:55 - 00000000 ____D C:\Users\user\Desktop\Neuer Ordner 2015-11-23 20:29 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-11-22 13:11 - 2015-11-22 13:11 - 00065242 _____ C:\Users\user\Downloads\Addition.txt 2015-11-22 13:09 - 2015-11-27 16:39 - 00031751 _____ C:\Users\user\Downloads\FRST.txt 2015-11-22 13:09 - 2015-11-27 16:39 - 00000000 ____D C:\FRST 2015-11-22 13:09 - 2015-11-25 16:32 - 02348544 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2015-11-11 15:08 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-11 15:08 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-11-11 15:08 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-11-11 15:08 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-11 15:08 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-11-11 15:08 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-11 15:08 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-11-11 15:08 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-11-11 15:08 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-11-11 15:08 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-11 15:08 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-11-11 15:08 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-11-11 15:08 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-11 15:08 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-11-11 15:08 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-11-11 15:08 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-11-11 15:08 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-11 15:08 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-11-11 15:08 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-11-11 15:08 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-11-11 15:08 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2015-11-11 15:08 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-11-11 15:08 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-11 15:08 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-11-11 15:08 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-11-11 15:08 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-11-11 15:08 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-11-11 15:08 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-11 15:08 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-11-11 15:08 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-11-11 15:08 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-11 15:08 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-11-11 15:08 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-11-11 15:08 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-11-11 15:08 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-11-11 15:08 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-11-11 15:08 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-11-11 15:08 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-11-11 15:08 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-11-11 15:08 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-11-11 15:08 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-11 15:08 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-11-11 15:08 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-11-11 15:08 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-11-11 15:08 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-11-11 15:08 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-11-11 15:08 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-11 15:08 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-11 15:08 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-11 15:08 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-11 15:08 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-11-11 15:08 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-11-11 15:08 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-11-04 21:55 - 2015-11-25 16:06 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk 2015-11-04 21:55 - 2015-11-04 21:55 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-11-04 21:55 - 2015-11-04 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-11-04 21:53 - 2015-11-04 21:53 - 01503872 _____ (Skype Technologies S.A.) C:\Users\user\Downloads\SkypeSetup.exe 2015-11-04 21:47 - 2015-11-25 16:05 - 00001341 _____ C:\Users\user\Desktop\Revo Uninstaller.lnk 2015-11-04 21:47 - 2015-11-04 21:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\user\Downloads\revosetup.exe 2015-11-04 21:47 - 2015-11-04 21:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-27 16:34 - 2012-07-20 17:27 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2015-11-27 16:29 - 2012-07-20 23:18 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000UA.job 2015-11-27 16:29 - 2012-07-20 23:18 - 00001064 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3869212048-3077100759-3598159068-1000Core.job 2015-11-27 16:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-27 16:19 - 2013-04-15 17:40 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-27 15:46 - 2015-02-22 10:28 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-11-27 15:45 - 2013-05-24 21:41 - 00000000 ____D C:\Users\user\AppData\Roaming\NetSpeedMonitor 2015-11-27 15:42 - 2012-08-28 16:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-11-27 14:21 - 2012-07-20 18:42 - 00000000 ____D C:\Users\user\AppData\Roaming\TS3Client 2015-11-27 12:54 - 2012-07-20 17:40 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-27 11:22 - 2013-04-15 17:40 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-26 15:34 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-25 16:37 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-25 16:29 - 2015-09-21 20:59 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-25 16:29 - 2015-07-10 17:34 - 00883662 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-25 16:29 - 2015-07-10 17:34 - 00195796 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-25 16:22 - 2015-09-21 20:57 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-25 16:22 - 2015-09-21 20:52 - 00220628 _____ C:\WINDOWS\PFRO.log 2015-11-25 16:22 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-25 16:22 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-11-25 16:07 - 2015-09-21 21:29 - 00002392 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-11-25 16:07 - 2015-09-21 21:25 - 00001051 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk 2015-11-25 16:07 - 2015-09-21 21:07 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-11-25 16:07 - 2015-03-24 07:09 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-11-25 16:07 - 2014-12-23 21:35 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-11-25 16:07 - 2012-10-12 17:43 - 00001416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\DayZ Commander.lnk 2015-11-25 16:07 - 2012-10-02 19:46 - 00001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-11-25 16:06 - 2015-10-20 20:43 - 00001052 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-11-25 16:06 - 2015-10-17 10:54 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk 2015-11-25 16:06 - 2015-03-24 07:09 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-11-25 16:06 - 2015-03-21 20:31 - 00000961 _____ C:\Users\Public\Desktop\Minecraft.lnk 2015-11-25 16:06 - 2015-02-19 21:53 - 00001256 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2015-11-25 16:06 - 2014-12-02 14:17 - 00001922 _____ C:\Users\Public\Desktop\Zoner Photo Studio 16.lnk 2015-11-25 16:06 - 2014-12-02 14:17 - 00001922 _____ C:\Users\Public\Desktop\Zoner Photo Studio 16 x64.lnk 2015-11-25 16:06 - 2012-10-07 16:23 - 00001682 _____ C:\Users\Public\Desktop\League of Legends spielen .lnk 2015-11-25 16:06 - 2012-10-02 19:46 - 00001134 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-11-25 16:06 - 2012-07-28 18:48 - 00000915 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-11-25 16:06 - 2012-07-20 17:42 - 00000983 _____ C:\Users\Public\Desktop\Origin.lnk 2015-11-25 16:05 - 2015-09-23 15:24 - 00002497 _____ C:\Users\user\Desktop\Sicherer Zahlungsverkehr.lnk 2015-11-25 16:05 - 2015-09-23 14:48 - 00002357 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2015-11-25 16:05 - 2015-05-13 21:55 - 00001174 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk 2015-11-25 16:05 - 2015-03-23 17:40 - 00001251 _____ C:\Users\user\Desktop\The Elder Scrolls Online.lnk 2015-11-25 16:05 - 2015-02-19 21:53 - 00001232 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2015-11-25 16:05 - 2014-12-23 21:35 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2015-11-25 16:05 - 2014-12-01 20:11 - 00001059 _____ C:\Users\Public\Desktop\DayZLauncher.lnk 2015-11-25 16:05 - 2014-07-28 10:24 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-11-25 16:05 - 2014-07-23 17:16 - 00001348 _____ C:\Users\user\Desktop\Technic Launcher.lnk 2015-11-25 16:05 - 2014-07-10 14:54 - 00001313 _____ C:\Users\Public\Desktop\Battlefield 4.lnk 2015-11-25 16:05 - 2013-09-01 21:04 - 00000974 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk 2015-11-25 16:05 - 2013-08-29 12:01 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-11-25 16:05 - 2012-12-27 14:03 - 00001756 _____ C:\Users\user\Desktop\Trust Gaming Mouse.lnk 2015-11-25 16:05 - 2012-12-26 00:37 - 00001001 _____ C:\Users\user\Desktop\Dropbox.lnk 2015-11-25 16:05 - 2012-12-17 14:16 - 00001205 _____ C:\Users\user\Desktop\Uplay.lnk 2015-11-25 16:05 - 2012-11-17 01:26 - 00002137 _____ C:\Users\user\Desktop\Enable 3D Vision.lnk 2015-11-25 16:05 - 2012-10-22 13:30 - 00001168 _____ C:\Users\Public\Desktop\Camtasia Studio 7.lnk 2015-11-25 16:05 - 2012-10-21 00:19 - 00001202 _____ C:\Users\user\Desktop\Format Factory.lnk 2015-11-25 16:05 - 2012-10-12 17:43 - 00001410 _____ C:\Users\Public\Desktop\DayZ Commander.lnk 2015-11-25 16:05 - 2012-09-12 13:54 - 00001096 _____ C:\Users\user\Desktop\MSI Kombustor 2.3.lnk 2015-11-25 16:05 - 2012-09-11 14:38 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk 2015-11-25 16:05 - 2012-08-10 15:53 - 00001470 _____ C:\Users\Public\Desktop\Intel(R) Small Business Advantage.lnk 2015-11-25 16:05 - 2012-07-20 19:53 - 00001175 _____ C:\Users\user\Desktop\Pinball.lnk 2015-11-25 16:02 - 2012-07-20 19:53 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-11-25 16:02 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-11-22 21:08 - 2012-07-20 17:45 - 00000000 ____D C:\ProgramData\Origin 2015-11-22 16:07 - 2012-07-20 17:45 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-11-22 16:05 - 2012-07-20 17:42 - 00000000 ____D C:\Program Files (x86)\Origin 2015-11-13 21:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning 2015-11-11 22:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas 2015-11-11 15:46 - 2015-10-19 22:47 - 00000000 ____D C:\Users\user\Desktop\Ventilator - Die Orsons 2015-11-11 15:44 - 2012-10-22 13:40 - 00008704 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-11 15:37 - 2012-08-01 12:48 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-11 15:36 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-11-11 15:33 - 2014-03-01 15:57 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-11 15:23 - 2012-07-25 03:40 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-04 21:55 - 2014-03-03 19:20 - 00000000 ____D C:\Users\user\AppData\Local\Skype 2015-11-04 21:55 - 2012-07-20 17:27 - 00000000 ____D C:\ProgramData\Skype 2015-11-03 19:20 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-11-03 19:20 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-03 19:12 - 2012-07-20 18:10 - 00000000 ____D C:\Users\user\Downloads\Spiele 2015-11-02 19:44 - 2012-12-25 17:11 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-01 16:54 - 2014-12-24 13:31 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-06-17 20:04 - 2013-06-17 20:05 - 349319464 _____ () C:\Users\user\AppData\Roaming\.minecraft.rar 2013-02-01 13:41 - 2013-02-01 13:45 - 0000005 _____ () C:\Users\user\AppData\Roaming\version.ini 2014-03-28 19:33 - 2014-03-31 21:34 - 0000084 _____ () C:\Users\user\AppData\Roaming\WB.CFG 2012-10-22 13:40 - 2015-11-11 15:44 - 0008704 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-08 22:04 - 2013-12-08 22:04 - 0000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND 2012-08-03 12:15 - 2013-10-06 00:16 - 0007605 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2012-07-25 13:50 - 2012-07-25 13:50 - 0017408 _____ () C:\Users\user\AppData\Local\WebpageIcons.db 2015-07-22 15:42 - 2015-07-22 15:42 - 0000000 _____ () C:\Users\user\AppData\Local\{6592B99C-4F52-4663-9DFD-6F004FEF430E} 2014-10-23 23:30 - 2014-08-24 23:30 - 0000032 ____R () C:\ProgramData\hash.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\hash.dat Einige Dateien in TEMP: ==================== C:\Users\user\AppData\Local\Temp\0098316e-ee51-4d67-9089-95ed719cde2e.exe C:\Users\user\AppData\Local\Temp\a4087b60-5c58-41ce-ba10-d0bf34a71bdc.exe C:\Users\user\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-20 13:10 ==================== Ende von FRST.txt ============================ |
|
29.11.2015, 06:57
| #13 |
| /// the machine /// TB-Ausbilder | Plötzlich spielt sich Ton ab. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins\ConduitChromeApiPlugin.dll
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_1\plugins\ConduitChromeApiPlugin.dll
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins\ConduitChromeApiPlugin.dll
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_1\plugins\ConduitChromeApiPlugin.dll
C:\Users\user\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\user\Downloads\Installer\ashampoo_winoptimizer_8_8.14.00_12336.exe
C:\Users\user\Downloads\Installer\FFSetup3.3.1.0.exe
C:\Users\user\Downloads\Installer\Free WMA to MP3 Converter - CHIP-Installer.exe
C:\Users\user\Downloads\Installer\installer_microsoft_powerpoint_Deutsch.exe
C:\Users\user\Downloads\Installer\Java Runtime Environment 64 Bit - CHIP-Installer.exe
C:\Users\user\Downloads\Installer\uTorrent.exe
C:\Users\user\Downloads\Installer\Vollversion onlineTV 10 - CHIP-Installer.exe
C:\Users\user\Downloads\Installer\Vollversion Zoner Photo Studio 16 - CHIP-Installer.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.11.2015, 16:10
| #14 |
| | Fixlog.txtCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-11-2015
durchgeführt von user (2015-11-29 15:56:53) Run:1
Gestartet von C:\Users\user\Desktop\Neuer Ordner
Geladene Profile: user (Verfügbare Profile: user & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins\ConduitChromeApiPlugin.dll
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_1\plugins\ConduitChromeApiPlugin.dll
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins\ConduitChromeApiPlugin.dll
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_1\plugins\ConduitChromeApiPlugin.dll
C:\Users\user\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\user\Downloads\Installer\ashampoo_winoptimizer_8_8.14.00_12336.exe
C:\Users\user\Downloads\Installer\FFSetup3.3.1.0.exe
C:\Users\user\Downloads\Installer\Free WMA to MP3 Converter - CHIP-Installer.exe
C:\Users\user\Downloads\Installer\installer_microsoft_powerpoint_Deutsch.exe
C:\Users\user\Downloads\Installer\Java Runtime Environment 64 Bit - CHIP-Installer.exe
C:\Users\user\Downloads\Installer\uTorrent.exe
C:\Users\user\Downloads\Installer\Vollversion onlineTV 10 - CHIP-Installer.exe
C:\Users\user\Downloads\Installer\Vollversion Zoner Photo Studio 16 - CHIP-Installer.exe
Emptytemp:
*****************
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe => erfolgreich verschoben
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins\ConduitChromeApiPlugin.dll => erfolgreich verschoben
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_1\plugins\ConduitChromeApiPlugin.dll => erfolgreich verschoben
"C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins\ConduitChromeApiPlugin.dll" => nicht gefunden.
"C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-3869212048-3077100759-3598159068-1000\Chrome\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_1\plugins\ConduitChromeApiPlugin.dll" => nicht gefunden.
C:\Users\user\AppData\Local\Temp\DMR\dmr_72.exe => erfolgreich verschoben
C:\Users\user\Downloads\Installer\ashampoo_winoptimizer_8_8.14.00_12336.exe => erfolgreich verschoben
C:\Users\user\Downloads\Installer\FFSetup3.3.1.0.exe => erfolgreich verschoben
C:\Users\user\Downloads\Installer\Free WMA to MP3 Converter - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\user\Downloads\Installer\installer_microsoft_powerpoint_Deutsch.exe => erfolgreich verschoben
C:\Users\user\Downloads\Installer\Java Runtime Environment 64 Bit - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\user\Downloads\Installer\uTorrent.exe => erfolgreich verschoben
C:\Users\user\Downloads\Installer\Vollversion onlineTV 10 - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\user\Downloads\Installer\Vollversion Zoner Photo Studio 16 - CHIP-Installer.exe => erfolgreich verschoben
EmptyTemp: => 1.7 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 15:59:05 ====
Code:
ATTFilter # DelFix v1.011 - Datei am 29/11/2015 um 16:08:13 erstellt
# Aktualisiert am 18/08/2015 von Xplode
# Benutzer : user - SVEN-PC
# Betriebssystem : Windows 10 Home (64 bits)
~ Aktiviere die Benutzerkontensteuerung ... OK
~ Entferne die Bereinigungsprogramme ...
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\user\Downloads\FRST-OlderVersion
Gelöscht : C:\TDSSKiller.3.1.0.6_23.11.2015_21.02.02_log.txt
Gelöscht : HKLM\SOFTWARE\AdwCleaner
~ Erstelle ein Backup der Registrierungsdatenbank ... OK
~ Lösche die Wiederherstellungspunkte ...
Gelöscht : RP #16 [Geplanter Prüfpunkt | 11/13/2015 20:06:56]
Gelöscht : RP #17 [Geplanter Prüfpunkt | 11/22/2015 12:26:54]
Gelöscht : RP #18 [JRT Pre-Junkware Removal | 11/25/2015 15:27:11]
Ein neuer Wiederherstellungspunkt wurde erstellt !
~ Stelle die Systemeinstellungen wieder her ... OK
########## - EOF - ##########
|
|
30.11.2015, 07:57
| #15 |
| /// the machine /// TB-Ausbilder | Plötzlich spielt sich Ton ab. fertig
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
