| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.03.2016, 20:32
| #1 |
 |  Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Hallo, ich habe dummerweise versucht ein Programm zu installieren, welches sich als Träger für Malware entpuppt hat. Seitdem habe ich Ein paar chinesische Programme auf dem Desktop und prominent den Ordner /tencent unter C:\Program Files (x86)\Tencent. Ich habe zunächst versucht das Problem eigenständig zu lösen und habe mit Malwarebytes Anti-Malware und Spybot das System gescannt aber ohne Erfolg. Dann habe ich in diesem Forum einen sehr ähnlichen Beitrag gefunden(http://www.trojaner-board.de/175434-...evo-gehen.html) und versucht den Anleitungen zu folgen und habe Malwarebytes Anti-Rootkit beta benutzt und nach update das System gescannt und neu gestartet aber die Chinesischen Programme sind immer noch vorhanden  Ich denke ich habe mir zu viel vorgenommen und wollte deswegen Hilfe erbitten.  Hier sind meine Log files(hoffe ich): Code:
ATTFilter Search results from Spybot - Search & Destroy
29.03.2016 14:09:58
Scan took 00:01:12.
1 items found.
Cache: Browser: Cache (3) (Browser: Cache, nothing done)
--- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---
2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2015-03-25 spybotsd2-install-av-update.exe (2.4.40.0)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2016-03-29 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2015-03-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2015-04-22 Includes\Adware-000.sbi
2015-08-05 Includes\Adware-001.sbi
2016-03-23 Includes\Adware-C.sbi
2014-01-13 Includes\Adware.sbi
2014-01-13 Includes\AdwareC.sbi
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi
2014-11-14 Includes\Dialer-001.sbi
2015-07-29 Includes\Dialer-C.sbi
2014-01-13 Includes\Dialer.sbi
2014-01-13 Includes\DialerC.sbi
2014-01-09 Includes\Fraud-000.sbi
2014-01-09 Includes\Fraud-003.sbi
2012-11-14 Includes\HeavyDuty.sbi
2014-11-14 Includes\Hijackers-000.sbi
2014-11-14 Includes\Hijackers-001.sbi
2015-12-23 Includes\Hijackers-C.sbi
2014-01-13 Includes\Hijackers.sbi
2014-01-13 Includes\HijackersC.sbi
2014-01-08 Includes\iPhone-000.sbi
2014-01-08 Includes\iPhone.sbi
2014-11-14 Includes\Keyloggers-000.sbi
2014-09-24 Includes\Keyloggers-C.sbi
2014-01-13 Includes\KeyloggersC.sbi
2015-06-25 Includes\Malware-000.sbi
2014-11-14 Includes\Malware-001.sbi
2014-11-14 Includes\Malware-002.sbi
2014-11-14 Includes\Malware-004.sbi
2014-11-14 Includes\Malware-005.sbi
2014-02-26 Includes\Malware-006.sbi
2014-01-09 Includes\Malware-007.sbi
2016-03-16 Includes\Malware-C.sbi
2014-01-13 Includes\Malware.sbi
2013-12-23 Includes\MalwareC.sbi
2014-11-14 Includes\PUPS-000.sbi
2014-01-15 Includes\PUPS-002.sbi
2016-03-23 Includes\PUPS-C.sbi
2012-11-14 Includes\PUPS.sbi
2014-01-07 Includes\PUPSC.sbi
2014-01-08 Includes\Security-000.sbi
2015-12-02 Includes\Security-C.sbi
2014-01-21 Includes\Security.sbi
2014-01-21 Includes\SecurityC.sbi
2015-11-11 Includes\Spyware-000.sbi
2015-05-06 Includes\Spyware-001.sbi
2016-03-16 Includes\Spyware-C.sbi
2014-01-21 Includes\Spyware.sbi
2014-01-21 Includes\SpywareC.sbi
2011-06-07 Includes\Tracks.sbi
2012-11-19 Includes\Tracks.uti
2014-01-15 Includes\Trojans-001.sbi
2014-11-14 Includes\Trojans-002.sbi
2016-01-20 Includes\Trojans-003.sbi
2014-01-15 Includes\Trojans-004.sbi
2014-03-19 Includes\Trojans-005.sbi
2014-01-15 Includes\Trojans-007.sbi
2014-07-09 Includes\Trojans-009.sbi
2016-03-23 Includes\Trojans-C.sbi
2014-01-15 Includes\Trojans-OG-000.sbi
2014-01-15 Includes\Trojans-TD-000.sbi
2014-01-15 Includes\Trojans-VM-000.sbi
2014-01-15 Includes\Trojans-VM-001.sbi
2014-01-15 Includes\Trojans-VM-002.sbi
2014-01-15 Includes\Trojans-VM-005.sbi
2014-01-15 Includes\Trojans-VM-006.sbi
2014-01-15 Includes\Trojans-VM-007.sbi
2014-01-15 Includes\Trojans-VM-008.sbi
2014-01-15 Includes\Trojans-VM-010.sbi
2014-01-15 Includes\Trojans-VM-012.sbi
2014-01-15 Includes\Trojans-VM-013.sbi
2014-01-15 Includes\Trojans-VM-015.sbi
2014-01-15 Includes\Trojans-VM-016.sbi
2014-01-15 Includes\Trojans-VM-017.sbi
2014-01-15 Includes\Trojans-VM-018.sbi
2014-01-15 Includes\Trojans-VM-020.sbi
2014-01-15 Includes\Trojans-VM-021.sbi
2014-01-15 Includes\Trojans-VM-022.sbi
2014-01-15 Includes\Trojans-VM-023.sbi
2014-01-15 Includes\Trojans-VM-024.sbi
2014-01-15 Includes\Trojans-ZB-000.sbi
2016-02-03 Includes\Trojans-ZL-000.sbi
2014-01-09 Includes\Trojans.sbi
2014-01-16 Includes\TrojansC-01.sbi
2014-01-16 Includes\TrojansC-02.sbi
2014-01-16 Includes\TrojansC-03.sbi
2014-01-16 Includes\TrojansC-04.sbi
2014-01-16 Includes\TrojansC-05.sbi
2014-01-09 Includes\TrojansC.sbi
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 29.03.2016 Scan Time: 13:37:52 Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2016.03.29.02 Rootkit Database: v2016.03.12.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Sinan Scan Type: Threat Scan Result: Completed Objects Scanned: 438199 Time Elapsed: 1 hr, 18 min, 48 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 1 PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Browser-Security\safe_url__2.exe, 1016, Delete-on-Reboot, [44428c019ffa8bab2aa9e735f90a04fc] Modules: 0 (No malicious items detected) Registry Keys: 13 PUP.Optional.BrowserSecurity, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E6E66045-E911-4C01-961D-32387BF12768}, Quarantined, [4442ddb01980d5617d1e5bf540c4b24e], PUP.Optional.BrowserSecurity, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E6E66045-E911-4C01-961D-32387BF12768}, Quarantined, [4442ddb01980d5617d1e5bf540c4b24e], PUP.Optional.BrowserSecurity, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E6E66045-E911-4C01-961D-32387BF12768}, Delete-on-Reboot, [4442ddb01980d5617d1e5bf540c4b24e], PUP.Optional.BrowserSecurity, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E6E66045-E911-4C01-961D-32387BF12768}, Delete-on-Reboot, [4442ddb01980d5617d1e5bf540c4b24e], PUP.Optional.WinTaske, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WinTaske, Delete-on-Reboot, [9ceaa5e89efb2d09e87593fd8d77d42c], PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\yessearchesSoftware, Quarantined, [95f18ffe366379bd0f4bd7b49e666d93], PUP.Optional.Winsere, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSERE, Quarantined, [077f08859efb38fec6af87a23ac96b95], PUP.Optional.MyEmoticons, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, Delete-on-Reboot, [00864548405950e6c586b27807fda25e], PUP.Optional.BrowserExtensions, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS, Delete-on-Reboot, [8df90f7eafead95d2a96dd2dfc08c43c], PUP.Optional.ProductSetup, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PRODUCTSETUP, Delete-on-Reboot, [9ee8b2db82173afc8425ad837c888f71], PUP.Optional.BrowserSecurity, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browser-Security, Quarantined, [44428c019ffa8bab2aa9e735f90a04fc], PUP.Optional.YesSearches, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ggbugreport, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Uninstall wak, Quarantined, [8600d8b57128e4526df76cb681829868], Registry Values: 4 PUP.Optional.Winsere, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSERE|ImagePath, "C:\Program Files (x86)\Winsere\Winsere\Winsere.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, Quarantined, [077f08859efb38fec6af87a23ac96b95] PUP.Optional.BrowserExtensions, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_Ver, 2.5, Delete-on-Reboot, [8df90f7eafead95d2a96dd2dfc08c43c] PUP.Optional.ProductSetup, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PRODUCTSETUP|tb, 0X1F1T1V1G1G, Delete-on-Reboot, [9ee8b2db82173afc8425ad837c888f71] PUP.Optional.BrowserSecurity, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|safe_url__2, "C:\Users\Sinan\AppData\Roaming\Browser-Security\safe_url__2.exe", Delete-on-Reboot, [44428c019ffa8bab2aa9e735f90a04fc] Registry Data: 2 Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.2345.com/?34838, Good: (hxxp://www.google.com), Bad: (hxxp://www.2345.com/?34838),Replaced,[baccf89550492c0a11c5091ab055ee12] Hijack.StartPage, HKU\S-1-5-21-4237310255-3682870643-3950776913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.2345.com/?34838, Good: (hxxp://www.google.com), Bad: (hxxp://www.2345.com/?34838),Delete-on-Reboot,[9aecdab33465b1856275f52e0104d32d] Folders: 13 PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\LocalLow\Browser-Security, Quarantined, [4442ddb01980d5617d1e5bf540c4b24e], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [cabc7914a8f1d4621dede80aa45e11ef], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Browser-Security, Delete-on-Reboot, [44428c019ffa8bab2aa9e735f90a04fc], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\dmp, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\dmp\bugreport.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\dmp\ccuter.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\dmp\shortboost.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\dmp\Winsere.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\dmp\WinTaske.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\YourGSearchFinder_br, Quarantined, [0482ff8e4a4fa294641dbe6423e0d927], PUP.Optional.Winsere, C:\Program Files (x86)\Winsere, Quarantined, [a5e1701d1782a4929f8cf231669da55b], PUP.Optional.Winsere, C:\Program Files (x86)\Winsere\Winsere, Quarantined, [a5e1701d1782a4929f8cf231669da55b], Files: 35 PUP.Optional.CrossAd.Gen, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi, Quarantined, [bcca325bc7d20432db286c9847bd15eb], PUP.Optional.CrossAd.Gen, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi, Quarantined, [91f5eda0a5f43ef8788b0400bf45916f], PUP.Optional.Spigot, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\searchplugins\yahoo_ff.xml, Quarantined, [c0c6f39ae1b8a294737c52e72cd8f50b], PUP.Optional.WinYahoo, C:\Users\Sinan\AppData\LocalLow\Microsoft\Internet Explorer\Services\Wincy.ico, Quarantined, [275fd8b5c7d2a4927e150d4257ad7888], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\firefox@browser-security.de.xpi, Quarantined, [5e28820b5940ea4c9383df7120e47987], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\firefox@browser-security.de.xpi, Quarantined, [b8cee1ac6a2f79bd59bded633bc9926e], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\extensions\firefox@browser-security.de.xpi, Quarantined, [cdb9dfae5c3d87afb5612828bb498d73], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\LocalLow\Browser-Security\safe_url.dat, Quarantined, [4442ddb01980d5617d1e5bf540c4b24e], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\LocalLow\Browser-Security\safe_url.dll, Quarantined, [4442ddb01980d5617d1e5bf540c4b24e], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\LocalLow\Browser-Security\session.dat, Quarantined, [4442ddb01980d5617d1e5bf540c4b24e], PUP.Optional.WinTaske, C:\WINDOWS\System32\Tasks\WinTaske, Quarantined, [770f127b3d5c45f179e2bed222e2e61a], PUP.Optional.Winsere, C:\Program Files (x86)\Winsere\Winsere\Winsere.exe, Quarantined, [077f08859efb38fec6af87a23ac96b95], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Browser-Security\data, Quarantined, [44428c019ffa8bab2aa9e735f90a04fc], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Browser-Security\license.rtf, Quarantined, [44428c019ffa8bab2aa9e735f90a04fc], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Browser-Security\safe_url__2.exe, Delete-on-Reboot, [44428c019ffa8bab2aa9e735f90a04fc], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Browser-Security\uninstall.exe, Quarantined, [44428c019ffa8bab2aa9e735f90a04fc], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Browser-Security\UPDATE_EVENT.txt, Quarantined, [44428c019ffa8bab2aa9e735f90a04fc], PUP.Optional.BrowserSecurity, C:\Users\Sinan\AppData\Roaming\Browser-Security\version.txt, Quarantined, [44428c019ffa8bab2aa9e735f90a04fc], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\ccuter.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\ffuter.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\shortboost.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\unIns.exe, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.YesSearches, C:\Program Files (x86)\SearchesToYesbnd\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, Quarantined, [8600d8b57128e4526df76cb681829868], PUP.Optional.Spigot, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");), Replaced,[295d3f4e8d0c2e0816d1be94ae57639d] PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\searchplugins\DD1B66D4.xml, Quarantined, [5c2a2b627821e056161166f2a164de22], PUM.Optional.FireFoxSecurityOverride, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\user.js, Quarantined, [7511dbb266338caac3ace1777b8a2dd3], PUP.Optional.Spigot, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");), Replaced,[592d701d17822016b433361c7f86c13f] PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml, Quarantined, [ed9954396138ff375ec9b5a30afba858], PUM.Optional.FireFoxSecurityOverride, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js, Quarantined, [7d098c011683181e2a45c3954cb956aa], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\DD1B66D4.xml, Quarantined, [572fade03d5c4beb87a02b2d9a6b9a66], PUM.Optional.FireFoxSecurityOverride, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\user.js, Quarantined, [7214f697e2b7aa8c4e21b7a17e8736ca], PUP.Optional.Spigot, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");), Replaced,[fb8bcdc0336672c4c6219db555b0f60a] PUM.Optional.FireFoxSecurityOverride, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\user.js, Quarantined, [d8aea2ebe3b6ae8889e6bb9d8382e21e], Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.03.29.05
rootkit: v2016.03.12.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18230
Sinan :: SINAN-PC [administrator]
29.03.2016 19:31:25
mbar-log-2016-03-29 (19-31-25).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 449239
Time elapsed: 1 hour(s), 48 minute(s), 26 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Sinan\AppData\Local\Temp\nsrA7F.tmp\inetc.dll (Backdoor.PcClient) -> Delete on reboot. [d1b89eefa2f766d025ba974bc440aa56]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
30.03.2016, 01:12
| #2 |
| /// Malwareteam   | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Warnung: Dein bisheriger Fund von Mbar deutet auf eine ernsthaftere Infektion hin. Bitte arbeite in deinem eingenen Interesse nicht weiter an dem PC, bis ich dir das okay dazu gebe. Schritt: 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt: 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.03.2016, 11:34
| #3 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Hallo Rafael,
__________________vielen Dank für deine Hilfe. Hier sind die Log- files von Farbar Recovery Scan Tool Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Sinan (Administrator) auf SINAN-PC (30-03-2016 13:10:47)
Gestartet von D:\Documents\Desktop
Geladene Profile: Sinan (Verfügbare Profile: Sinan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRealTimeSpeedup.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(DivX, LLC) C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\PrintIsolationHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-18] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [837640 2015-12-08] (DivX, LLC)
HKLM-x32\...\Run: [ic-0.3bd06eee758598.exe -start] => C:\Users\Sinan\AppData\Local\Temp\9762807\ic-0.3bd06eee758598.exe -start <===== ACHTUNG
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe [362304 2016-03-29] (Tencent)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [Dropbox Update] => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-27] (Dropbox, Inc.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: H - H:\AutoPlay.exe
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: {8093af26-b829-11e5-b28e-f04da2bf283c} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-05] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMGCShellExt64.dll [2016-03-29] (Tencent)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{7E4C64A2-3924-4DBB-8316-0C684C56318B}: [DhcpNameServer] 62.217.213.70 62.217.213.71
Tcpip\..\Interfaces\{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}: [DhcpNameServer] 193.231.252.1 213.154.124.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> DefaultScope {ABC0332A-5C13-4375-8A12-2B90D1FCB937} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_39¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyE0D0AtB0B0FtBzztA0C0B0FtCtDtN0D0Tzu0StCtAyCtAtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2Szz0FtB0CyB0EyBzytGtCzytA0FtGyEtA0B0EtG0AyCtDyCtGtByBtByEzz0Czy0F0AyEyE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0A0D0CyCyCtCzztGzyyDtAtDtGyE0BtB0DtG0AtC0EzztGtAtAyC0AtAyB0D0B0D0AyBzz2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEyB%26cr%3D117132820%26a%3Dwncy_ir_15_39%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {1F9A24E2-0FEF-4961-AAAF-545084DE2E3B} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {ABC0332A-5C13-4375-8A12-2B90D1FCB937} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_39¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyE0D0AtB0B0FtBzztA0C0B0FtCtDtN0D0Tzu0StCtAyCtAtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2Szz0FtB0CyB0EyBzytGtCzytA0FtGyEtA0B0EtG0AyCtDyCtGtByBtByEzz0Czy0F0AyEyE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0A0D0CyCyCtCzztGzyyDtAtDtGyE0BtB0DtG0AtC0EzztGtAtAyC0AtAyB0D0B0D0AyBzz2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEyB%26cr%3D117132820%26a%3Dwncy_ir_15_39%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSWebMon64.dat [2016-03-29] (Tencent)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-12-10] (DVDVideoSoft Ltd.)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-12-11] (DVDVideoSoft Ltd.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffseng
FF DefaultSearchEngine: yessearches
FF SelectedSearchEngine: yessearches
FF Homepage: hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffseng
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-12-02] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\npQMExtensionsMozilla.dll [2016-03-29] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\englische-ergebnisse.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\gmx-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\lastminute.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\webde-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\englische-ergebnisse.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\gmx-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\lastminute.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\webde-suche.xml [2012-10-04]
FF Extension: LeechBlock - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-09-25]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-12-10] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-08] [ist nicht signiert]
FF Extension: Multi YouTube mp3 - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\d.lehr@chello.at.xpi [2015-06-08]
FF Extension: German Dictionary - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-02-10]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: LeechBlock - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-09-25]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Multi YouTube mp3 - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\d.lehr@chello.at.xpi [2015-06-08]
FF Extension: German Dictionary - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-03-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=405D5CC55CB57FD4F1E83AA55441E45C&v=20160323&ts=AHEpCH8oBHMlAk..
CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=405D5CC55CB57FD4F1E83AA55441E45C&v=20160323&ts=AHEpCH8oBHMlAk.."
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (AdBlock) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-29]
CHR Extension: (电脑管家上网防护) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-03-29]
CHR Extension: (Gmail) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe [313936 2016-03-29] (Tencent)
U2 QQRepair81b; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair81b [136512 2016-03-30] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [136512 2016-03-30] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-03] (Dell Inc.) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\Windows\System32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\Windows\System32\DRIVERS\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhidmini; C:\Windows\System32\DRIVERS\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMUdisk64.sys [184536 2016-03-02] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQSysMonX64.sys [152184 2016-03-29] (电脑管家)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [585944 2015-01-20] (Realtek Semiconductor Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [14368 1968-04-08] () [Datei ist nicht signiert]
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\softaal64.sys [44664 2016-03-29] (Tencent)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-07] (Duplex Secure Ltd.)
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [168568 2016-03-30] ()
R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [101472 2016-03-15] (Tencent)
R1 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel64.sys [147576 2016-03-29] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [97400 2016-03-29] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TS888x64.sys [38520 2016-03-30] (Tencent)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSDefenseBT64.sys [28984 2016-03-29] (Tencent)
R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [57976 2016-03-29] ()
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [54904 2016-03-29] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSSysKit64.sys [96888 2016-03-29] (电脑管家)
U3 ai4t0tvm; C:\Windows\System32\Drivers\ai4t0tvm.sys [0 ] (Advanced Micro Devices) <==== ACHTUNG (Null Byte Datei/Ordner)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-30 07:33 - 2016-03-30 13:10 - 00000000 ____D C:\FRST
2016-03-29 21:31 - 2016-03-30 13:03 - 00038520 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2016-03-29 19:30 - 2016-03-30 12:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-03-29 15:13 - 2016-03-29 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-03-29 13:27 - 2016-03-29 13:27 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-29 13:20 - 2016-03-29 13:20 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-03-29 13:19 - 2016-03-29 21:33 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-03-29 13:19 - 2016-03-29 21:32 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-03-29 13:19 - 2016-03-29 13:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-29 13:19 - 2016-03-29 13:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-29 13:19 - 2016-03-29 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-29 13:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-03-29 13:05 - 2016-03-29 13:05 - 00005120 _____ C:\Users\Sinan\AppData\Roaming\GiftBag.db
2016-03-29 13:05 - 2016-03-29 13:05 - 00000000 ____D C:\Windows\SysWOW64\tab
2016-03-29 13:05 - 2016-03-29 13:05 - 00000000 ____D C:\Windows\SysWOW64\hover
2016-03-29 13:04 - 2016-03-30 13:03 - 00000000 ____D C:\ProgramData\TXQMPC
2016-03-29 13:04 - 2016-03-29 13:04 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-03-29 13:04 - 2016-03-29 13:02 - 00147576 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2016-03-29 13:04 - 2016-03-15 18:28 - 00101472 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2016-03-29 13:03 - 2016-03-29 13:03 - 00002268 _____ C:\Users\Public\Desktop\软件管理.lnk
2016-03-29 13:03 - 2016-03-29 13:03 - 00002243 _____ C:\Users\Public\Desktop\电脑管家.lnk
2016-03-29 13:03 - 2016-03-29 13:03 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-03-29 13:03 - 2016-03-29 13:02 - 00097400 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-03-29 13:03 - 2016-03-29 13:02 - 00054904 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
2016-03-29 13:02 - 2016-03-30 13:01 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Tencent
2016-03-29 13:02 - 2016-03-29 13:14 - 00000000 ____D C:\ProgramData\Tencent
2016-03-29 13:02 - 2016-03-29 13:02 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-03-29 13:01 - 2016-03-29 13:01 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-29 13:01 - 2016-03-29 13:01 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-29 13:00 - 2016-03-29 13:02 - 00000000 ____D C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-29 13:00 - 2016-03-29 13:00 - 00000000 ____D C:\Program Files (x86)\WinTaske
2016-03-21 19:14 - 2016-03-25 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-21 18:34 - 2016-03-21 18:34 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-16 22:57 - 2016-03-16 22:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-09 20:31 - 2016-02-12 21:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 20:31 - 2016-02-12 21:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 20:31 - 2016-02-12 21:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 20:31 - 2016-02-12 21:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 20:31 - 2016-02-12 21:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 20:31 - 2016-02-12 21:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 20:31 - 2016-02-12 21:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 20:31 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 20:31 - 2016-02-12 21:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 20:31 - 2016-02-12 21:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 20:31 - 2016-02-12 21:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 20:31 - 2016-02-12 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 20:31 - 2016-02-12 21:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 20:31 - 2016-02-09 12:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 20:31 - 2016-02-09 09:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 20:31 - 2016-02-09 09:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 20:31 - 2016-02-09 00:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 20:31 - 2016-02-08 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 20:31 - 2016-02-08 23:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 20:31 - 2016-02-08 23:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 20:31 - 2016-02-08 23:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 20:31 - 2016-02-08 23:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 20:31 - 2016-02-08 23:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 20:31 - 2016-02-08 23:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 20:31 - 2016-02-08 23:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 20:31 - 2016-02-08 23:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 20:31 - 2016-02-08 23:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 20:31 - 2016-02-08 23:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 20:31 - 2016-02-08 23:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 20:31 - 2016-02-08 23:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 20:31 - 2016-02-08 23:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 20:31 - 2016-02-08 23:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 20:31 - 2016-02-08 23:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 20:31 - 2016-02-08 23:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 20:31 - 2016-02-08 23:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 20:31 - 2016-02-08 23:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 20:31 - 2016-02-08 23:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 20:31 - 2016-02-08 23:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 20:31 - 2016-02-08 22:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 20:31 - 2016-02-08 22:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 20:31 - 2016-02-08 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 20:31 - 2016-02-08 21:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 20:31 - 2016-02-08 21:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 20:31 - 2016-02-08 21:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 20:31 - 2016-02-08 21:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 20:31 - 2016-02-08 21:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 20:31 - 2016-02-08 21:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 20:31 - 2016-02-08 21:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 20:31 - 2016-02-08 21:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 20:31 - 2016-02-08 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 20:31 - 2016-02-08 21:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 20:31 - 2016-02-08 20:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 20:31 - 2016-02-08 20:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 20:31 - 2016-02-08 20:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 20:31 - 2016-02-08 20:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 20:31 - 2016-02-08 20:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 20:31 - 2016-02-08 20:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 20:31 - 2016-02-08 20:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 20:31 - 2016-02-08 20:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 20:31 - 2016-02-08 19:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 20:31 - 2016-02-04 20:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 20:31 - 2016-02-03 21:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 20:31 - 2016-02-03 21:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 20:31 - 2016-02-03 21:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 20:31 - 2016-02-03 21:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 20:31 - 2016-02-03 21:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 20:31 - 2016-01-11 22:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 20:31 - 2015-11-19 17:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 20:30 - 2016-02-11 21:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 20:30 - 2016-02-11 21:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 20:30 - 2016-02-11 21:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 20:30 - 2016-02-11 21:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 20:30 - 2016-02-11 21:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 20:30 - 2016-02-11 21:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 20:30 - 2016-02-11 21:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 20:30 - 2016-02-11 21:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 20:30 - 2016-02-11 21:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 20:30 - 2016-02-11 21:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 20:30 - 2016-02-11 20:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 20:30 - 2016-02-11 20:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 20:30 - 2016-02-11 20:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 20:30 - 2016-02-11 20:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 20:30 - 2016-02-11 20:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 20:30 - 2016-02-11 20:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 20:30 - 2016-02-11 20:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 20:30 - 2016-02-11 20:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 20:30 - 2016-02-11 20:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:30 - 2016-02-08 23:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 20:30 - 2016-02-08 23:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 20:30 - 2016-02-08 23:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 20:30 - 2016-02-08 21:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 20:30 - 2016-02-08 21:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 20:30 - 2016-02-08 21:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 20:30 - 2016-02-08 21:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 20:30 - 2016-02-08 21:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 20:30 - 2016-02-08 21:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 20:30 - 2016-02-08 21:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 20:30 - 2016-02-08 21:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 20:30 - 2016-02-08 20:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 20:30 - 2016-02-08 20:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 20:30 - 2016-02-08 20:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 20:30 - 2016-02-08 20:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 20:30 - 2016-02-08 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 20:30 - 2016-02-08 20:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 20:29 - 2016-02-19 22:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 20:29 - 2016-02-19 21:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 20:29 - 2016-02-19 17:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 20:29 - 2016-02-11 17:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 20:29 - 2016-02-09 12:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 20:29 - 2016-02-09 12:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 20:29 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 20:29 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 20:29 - 2016-02-09 12:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 20:29 - 2016-02-09 12:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 20:29 - 2016-02-09 12:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 20:29 - 2016-02-09 12:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 20:29 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 20:29 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 20:29 - 2016-02-05 21:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 20:29 - 2016-02-05 21:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 20:29 - 2016-02-05 21:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 20:29 - 2016-02-05 21:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 20:29 - 2016-02-05 21:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 20:29 - 2016-02-05 21:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 20:29 - 2016-02-05 21:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 20:29 - 2016-02-05 20:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 20:29 - 2016-02-05 20:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 20:29 - 2016-02-05 20:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 20:29 - 2016-02-05 04:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 20:29 - 2016-02-04 21:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-30 13:10 - 2009-07-14 07:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-30 13:10 - 2009-07-14 07:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-30 13:08 - 2014-06-12 21:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-30 13:06 - 2010-12-21 17:29 - 00710272 _____ C:\Windows\system32\perfh007.dat
2016-03-30 13:06 - 2010-12-21 17:29 - 00154570 _____ C:\Windows\system32\perfc007.dat
2016-03-30 13:06 - 2009-07-14 08:13 - 01649790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-30 13:06 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-03-30 13:00 - 2014-06-23 11:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-30 12:59 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-30 07:35 - 2014-06-23 11:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-30 07:25 - 2015-06-27 22:13 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA.job
2016-03-29 23:27 - 2014-06-06 16:11 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\vlc
2016-03-29 21:48 - 2014-06-27 00:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-29 21:36 - 2014-06-27 00:05 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-29 21:33 - 2014-06-23 11:45 - 00001919 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-29 21:33 - 2014-06-07 16:04 - 00002104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-03-29 21:33 - 2014-06-06 16:02 - 00001901 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-29 21:33 - 2010-12-21 17:05 - 00002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-03-29 21:33 - 2010-12-21 17:05 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-03-29 21:33 - 2010-12-21 17:05 - 00001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-03-29 21:33 - 2010-12-21 17:05 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-03-29 21:33 - 2010-12-21 15:38 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-03-29 21:33 - 2010-12-21 15:38 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-03-29 21:33 - 2009-07-14 07:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-29 21:33 - 2009-07-14 07:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-03-29 21:33 - 2009-07-14 07:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-03-29 21:33 - 2009-07-14 07:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-03-29 21:33 - 2009-07-14 07:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-03-29 21:32 - 2016-01-25 15:02 - 00001020 _____ C:\Users\Public\Desktop\Dark Crusade.lnk
2016-03-29 21:32 - 2014-06-27 21:54 - 00000583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baldur's Gate II Enhanced Edition.lnk
2016-03-29 21:32 - 2014-06-08 10:42 - 00001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-03-29 21:32 - 2014-06-07 16:12 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-29 21:32 - 2014-06-06 16:07 - 00000855 _____ C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-03-29 21:32 - 2014-06-06 16:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-03-29 21:32 - 2014-06-06 15:16 - 00001427 _____ C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-29 21:32 - 2009-07-14 08:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-03-29 21:32 - 2009-07-14 07:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-03-29 21:31 - 2016-02-26 14:00 - 00000811 _____ C:\Users\Sinan\Desktop\SpellForce - Platinum Edition.lnk
2016-03-29 21:28 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\TAPI
2016-03-29 16:25 - 2015-06-27 22:13 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core.job
2016-03-29 15:01 - 2014-06-18 19:07 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-29 14:59 - 2015-01-24 14:45 - 00000000 ____D C:\ProgramData\APN
2016-03-29 14:30 - 2014-06-06 15:16 - 00000000 ____D C:\Users\Sinan\AppData\Local\VirtualStore
2016-03-29 13:07 - 2009-07-14 07:45 - 00470048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 13:03 - 2014-06-06 15:14 - 00128040 _____ C:\Users\Sinan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-29 12:58 - 2014-06-06 16:07 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\BitTorrent
2016-03-25 23:54 - 2014-06-06 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 01:55 - 2015-04-05 00:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 01:55 - 2015-04-05 00:03 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 01:08 - 2014-06-12 21:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-24 01:08 - 2014-06-06 16:02 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 01:08 - 2014-06-06 16:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-21 18:35 - 2014-06-07 16:35 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Dropbox
2016-03-19 01:33 - 2014-06-07 12:48 - 01624070 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-11 09:39 - 2015-10-15 21:06 - 00000000 ____D C:\Windows\rescache
2016-03-10 01:14 - 2014-06-05 17:39 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 01:07 - 2014-06-05 17:39 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 01:06 - 2014-12-12 02:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-03 11:00 - 2014-06-07 14:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-03 10:59 - 2014-06-07 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-03 01:20 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
2016-03-02 17:21 - 2014-06-06 15:13 - 00000000 ____D C:\Users\Sinan
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-03-29 13:05 - 2016-03-29 13:05 - 0005120 _____ () C:\Users\Sinan\AppData\Roaming\GiftBag.db
2015-09-26 00:08 - 2015-09-26 00:08 - 0000045 _____ () C:\Users\Sinan\AppData\Roaming\WB.CFG
2014-11-01 13:42 - 2014-11-01 13:53 - 0005632 _____ () C:\Users\Sinan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-06 16:57 - 2016-01-06 19:55 - 0007590 _____ () C:\Users\Sinan\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Sinan\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 11:19
==================== Ende von FRST.txt ============================
|
|
30.03.2016, 11:35
| #4 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Und hier das Additional txt. file Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Sinan (2016-03-30 13:12:23)
Gestartet von D:\Documents\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-06-06 12:13:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4237310255-3682870643-3950776913-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4237310255-3682870643-3950776913-1002 - Limited - Enabled)
Gast (S-1-5-21-4237310255-3682870643-3950776913-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4237310255-3682870643-3950776913-1004 - Limited - Enabled)
Sinan (S-1-5-21-4237310255-3682870643-3950776913-1000 - Administrator - Enabled) => C:\Users\Sinan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Baldur's Gate II: Enhanced Edition (HKLM-x32\...\QmFsZHVyc0dhdGVJSUVuaGFuY2VkRWRpdGlvbg==_is1) (Version: 1 - )
BitTorrent (HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\BitTorrent) (Version: 7.9.5.41866 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser Extensions (HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.5 - Spigot, Inc.) <==== ACHTUNG
calibre (HKLM-x32\...\{CF0D492B-12F2-40B0-AF33-0F1BAA0BEF37}) (Version: 2.28.0 - Kovid Goyal)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2400 series Benutzerregistrierung (HKLM-x32\...\Canon MG2400 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
DawnOfWar (HKLM-x32\...\InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ)
DawnOfWar (x32 Version: 1.00.00000 - THQ) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
EAX(tm) Unified (SHELL) (HKLM-x32\...\EAX(tm) Unified (SHELL)) (Version: - )
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.5.15.1211 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Mozilla Thunderbird 38.7.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.7.0 (x86 en-US)) (Version: 38.7.0 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Lite (HKLM-x32\...\Nero7Lite_is1) (Version: 7.11.10.0 - UpdatePack.nl)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PhotoShowExpress (x32 Version: 2.0.028 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.02.00 - Samsung Electronics Co., Ltd.)
Search Protection (HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Search Protection) (Version: 11.1.0.1 - Spigot, Inc.) <==== ACHTUNG
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{6A07C77C-E4C9-422B-9B36-AD9E5156B0BA}) (Version: 2.2.3.0 - Husdawg, LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WildTangent-Spiele (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
电脑管家11.4 (HKLM-x32\...\QQPCMgr) (Version: 11.4.17347.218 - 腾讯科技(深圳)有限公司) <==== ACHTUNG
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {012CCAFA-A7C9-40FE-B88C-97169641CD9D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {03A7A24A-2D7E-453E-B14C-2EDA768A0590} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
Task: {0AA1318D-3AE5-4E2D-94F6-5CCEEE2E39D0} - System32\Tasks\{943DABAE-CF92-459D-8A46-530487D58B3B} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fd:\games\Uninst.isu
Task: {146728C0-2286-4250-9DB0-BE6EA803BC8C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27] (Dropbox, Inc.)
Task: {18714D5E-4028-4701-AF9B-4DB90D9CDE9A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27] (Dropbox, Inc.)
Task: {1BCDC67D-8CFC-4E8E-BB2C-AAE69EAF866F} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2015-11-30] (DivX, LLC)
Task: {2B9FEAC9-885E-428D-BA33-B2DEB232958C} - \WinTaske -> Keine Datei <==== ACHTUNG
Task: {52594208-A481-4FDD-974D-9AAA8C50E549} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {7673AD99-4B11-4A68-9C8A-358B964B608B} - System32\Tasks\{99976E2D-25EB-41E2-A30D-4200FFB6EEC2} => D:\Games\warhammer\Warhammer.exe
Task: {95DDBCDA-B2CA-49EF-9AA7-188C7BFA86F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-25] (Google Inc.)
Task: {9F4ED415-9BA9-4697-8552-9D7021874AC0} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {AACA7A20-9F20-4240-B2B7-6418749EB847} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {CB2084EE-EF50-4C90-88B2-5CD2B0B2A06B} - System32\Tasks\{AA669219-1160-4DF1-A49C-6C151B831A20} => pcalua.exe -a D:\Games\SpellForce\Register\Bonus.exe -d D:\Games\SPELLF~1\Register
Task: {CCF8BD27-FCAE-420E-9429-011562FFF5C3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {CD53EB52-1324-4037-BA21-1AEC65AE8511} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-25] (Google Inc.)
Task: {DB97873C-6D71-49F8-A77C-F50B0AF61824} - System32\Tasks\{C0F2B3C4-D032-4654-AB4C-42EEA2B5DB8F} => pcalua.exe -a H:\AutoPlay.exe -d H:\
Task: {EBA6D2D1-8ABB-48B0-8038-460D36EC8B8D} - System32\Tasks\{3217B88F-8C19-480D-9DE5-68022B47F2F0} => pcalua.exe -a D:\Games\winter\AutoPlay.exe -d D:\Games\winter
Task: {FB9804BA-2006-403A-9A43-41B5755ABEE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core.job => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA.job => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-11 21:18 - 2011-04-11 08:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2012-03-22 23:11 - 2012-03-22 23:11 - 00244944 _____ () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
2015-10-11 21:18 - 2013-03-18 17:16 - 01353728 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\spe__du.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00115904 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMAntiInject.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\zlib.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00488640 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\sqlite.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\tinyxml.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00046784 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00070848 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2016-03-29 13:02 - 2016-02-28 01:55 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\oDayProtect.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00128192 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17347.218\qmrtpcontroller.dll
2015-02-21 16:01 - 2015-12-11 02:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\libexpatw.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\GF.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\xGraphic32.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\arkGraphic.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\jgImage.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\libpng.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\libjpegturbo.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\jgIOStub.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\xImage.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00169152 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17347.218\qmhipslogpolicy.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00083136 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\MemDefrag.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00267456 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\DlForQd.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00251072 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMWlanMacDll.dll
2016-03-29 13:19 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-29 13:19 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-29 13:19 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2010-12-21 17:06 - 2010-08-12 03:19 - 00056544 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-12-21 17:06 - 2010-08-12 03:19 - 00113888 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-12-21 17:06 - 2010-08-12 03:19 - 00126176 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2016-03-29 13:19 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-03-29 13:19 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\zlib.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\libexpatw.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\tinyxml.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\GF.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\xGraphic32.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\arkGraphic.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\jgImage.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\libpng.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\libjpegturbo.dll
2016-03-29 13:02 - 2016-03-29 13:02 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\jgIOStub.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 193.231.252.1 - 213.154.124.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3042B909-E278-49C1-86A2-9C7C720AC9F9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0FF67F89-B0F2-459B-9036-029C958BF89F}] => (Allow) LPort=2869
FirewallRules: [{0B362937-E355-4146-A2D2-C846647A6A10}] => (Allow) LPort=1900
FirewallRules: [{41709D0C-2556-4C18-A02E-45C2E5A3C987}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F0D84185-4A54-42D8-B97F-257C883CF60D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2F78F74C-2940-44A9-BCF6-020963BBFF5D}] => (Allow) C:\Users\Sinan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{63616887-0307-43B1-98F3-A4573DEFC499}] => (Allow) C:\Users\Sinan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E5E8D5B4-AD81-43AB-8250-C0661BD7EFE4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BCB7AAAB-2CE5-400E-819E-2253AAB5785A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E92AA80-AB8F-4AAE-A35F-8C844B5F2F00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6721DE09-F262-4E74-8AD3-AAE0D85475BE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D600CE19-5FA9-4196-A2D3-5F64C5F690B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B2B78BB1-12D7-4053-B22E-2E05CA657C06}] => (Allow) C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1543C296-47CF-4D5C-9FD2-B25FD6B5701A}] => (Allow) C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E5C6F7FF-9891-4F7F-B345-0F2C62EFBFD6}C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E46504CF-A9F9-4E53-9192-1393A79CD4FB}C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{39B63133-888A-4CAD-BFCE-4F45AE9ADF2A}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [UDP Query User{D04F1DD7-C11B-433F-BB89-D65BD4C9AB2E}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [TCP Query User{9F8E7EEC-AE41-4F93-905F-BEFF4EF56F07}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [UDP Query User{2CEBB885-4EDF-4648-AD49-258B4C176AC9}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [TCP Query User{5682D2BB-6AAB-4821-BE6F-CAAD15E71A1B}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{A8CB0490-5DF0-428A-9E8C-09361D31123C}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{562B8869-B9F5-44CA-9238-9B5D7B81C897}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D91E51A-97F7-4A1B-8C9E-5E86401E10DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{991616A3-386A-46B3-AB85-062C38382F49}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{978F8116-ACF9-40BB-83F0-E0BD5BFC9103}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FDF10FF1-45C5-4EAB-BA74-9C668A3059CF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0E2FFE2-C1F5-442B-B9D8-7DA9D66A89A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{666805BC-7A42-4A17-8442-DC9C16DF669D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E3FC3DB8-E1FF-4ABD-8B2F-FF745E04F709}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{839051C4-04E4-461F-BF4C-3FD686C1A093}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{71551989-ADDC-4E91-B45B-7291CF4976E6}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{1217F1AD-FAC1-41EB-9FE0-C30879C141D6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{A0C4C207-9604-48CE-B45B-C43E8D0E1FA1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DDFDF9DA-4E61-4935-89D9-B68A7274C36B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AF587CA7-D39F-4646-B16B-7C5D41D9D54D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66FD9807-7629-47F6-946A-7F577782A394}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8026C3C6-C330-41C2-A492-6D74ED4B7535}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{49E214AF-0D7B-478F-8EC1-26613DD26E10}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E0C9FB51-BABE-405E-B20E-FF19A94D70EB}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B419B476-959A-40D2-92B0-D94D87F6E0FC}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2F83D292-5B02-4F1D-9ECC-7114EBDBA71C}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{656C236F-EF87-46E6-9EFA-C433CFAF4586}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{DDAFF662-EC99-4169-878E-5BB8A44678D1}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{885FC3D9-CF1D-438D-BD81-5B4051833732}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{B4C8D20B-EE9A-452B-9E17-AC79190FB3E6}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [{F7246A03-96AD-436C-BF7C-23B8D796CFC9}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
FirewallRules: [{ADBC6831-908C-4856-9D10-309139EE3AF9}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
FirewallRules: [{1CF1584F-FDAA-41B4-89F6-FFBED1B9F515}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{1C9CC2C6-9FE0-47D9-BA1D-99EC6129F872}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{E20E04FA-9677-4833-851F-5DDC6A8C8F61}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{48DF8721-DAAC-404C-A26D-737AFF187A48}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [TCP Query User{D76E60A8-2424-4C92-9EB5-A2F47010DE91}C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe] => (Block) C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe
FirewallRules: [UDP Query User{75DF8273-68CD-46D8-B9C6-3198B7988869}C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe] => (Block) C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe
FirewallRules: [{71903B61-42AE-4205-B72C-C949BF5A4234}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{1CC3F87D-6C96-484B-AA37-954EF579A1E5}C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe] => (Block) C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe
FirewallRules: [UDP Query User{A1058BEE-749F-422E-9328-9A6B835E1528}C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe] => (Block) C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe
FirewallRules: [{373DCA92-AD36-49E4-965D-BC9857493BDD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCmgrInstallGuide.exe
FirewallRules: [{2F399C73-5BA1-4372-81ED-609A8F3626CE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe
FirewallRules: [{CDAC30AD-EECD-4EE8-B9B7-A13EC1FAE707}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCMgr.exe
FirewallRules: [{0328E2F8-D145-418A-B574-4CCA3955B440}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe
FirewallRules: [{3330F1E5-695E-4995-A8D6-5FA459A4D3C9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMDL.exe
FirewallRules: [{9A53A324-CB51-4EA3-91B9-2F1CEBEEDC86}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\bugreport.exe
FirewallRules: [{F732D00A-2B99-4470-9200-3D57CB6B75FF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCFileOpen.exe
FirewallRules: [{D4DA4AE0-CC09-4D9B-8185-BA34FEB4D765}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCLeakScan.exe
FirewallRules: [{4FF51361-24FB-4A73-8828-E4262DE1DA51}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPConfig.exe
FirewallRules: [{4631885D-0DD0-41C9-AB49-FD2B0A1EAC65}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCSoftMgr.exe
FirewallRules: [{CE77EFEC-8B1E-4BC4-9CA3-9662E6C3AEA5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{BFAD77D7-9C15-43A7-B99E-3314AE3284F1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCBTU.exe
FirewallRules: [{2FA42F07-E306-44FB-AB96-C0FEB943CB98}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCClinic.exe
FirewallRules: [{54287924-3C1F-40AA-A173-05633A5737A6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCLaunch.exe
FirewallRules: [{2939C0A8-67AC-49B2-9E58-78A822F07458}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{9B7BE209-C194-4F27-BB24-C8E0296A3C37}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCSoftGame.exe
FirewallRules: [{46973997-DDC4-4DC9-A0BD-57018E72FC60}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCSysOptimize.exe
FirewallRules: [{D8B0AE7B-3393-4524-B1EB-CDE9DA707206}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCUpdateAVLib.exe
FirewallRules: [{1D0BFA3A-B39C-4ABA-8EF5-E5EF4150BF2E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQRepair.exe
FirewallRules: [{19AF5A5A-8E04-4281-8E75-857A9EA433CA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Uninst.exe
FirewallRules: [{7C84B7AF-4D41-4D06-AAC1-BAC8F06F10B2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCPatch.exe
FirewallRules: [{0165FECF-185A-44C2-B061-A5EB023975EE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TpkUpdate.exe
FirewallRules: [{8312AFF4-42E3-44CF-96B3-74A5A3EF6402}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMRouterMgr.exe
FirewallRules: [{E867F864-B712-4442-A28C-9EFFAF568C64}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMAccountProtection.exe
FirewallRules: [{F034CF1A-CECA-47AC-9384-0B83D245E1DE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMAdBlock.exe
FirewallRules: [{EFF50451-8B57-491B-9D56-68DFE26A7C38}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{4AF99F72-524C-4501-9C20-221F8E651322}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
30-03-2016 07:28:40 Malwarebytes Anti-Rootkit Restore Point
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/30/2016 07:28:45 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/29/2016 09:25:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/29/2016 03:38:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/29/2016 03:38:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/29/2016 01:08:29 PM) (Source: SsfService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen
Error: (03/29/2016 11:30:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/29/2016 11:30:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/28/2016 08:18:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/28/2016 08:18:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/27/2016 02:38:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iTunes.exe, Version: 12.3.2.35, Zeitstempel: 0x5668a23d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19160, Zeitstempel: 0x56bcd73c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000033a82
ID des fehlerhaften Prozesses: 0x10c0
Startzeit der fehlerhaften Anwendung: 0xiTunes.exe0
Pfad der fehlerhaften Anwendung: iTunes.exe1
Pfad des fehlerhaften Moduls: iTunes.exe2
Berichtskennung: iTunes.exe3
Systemfehler:
=============
Error: (03/30/2016 01:01:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (03/30/2016 01:00:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/30/2016 01:00:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (03/30/2016 07:43:15 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {BFF6845D-E49A-4A99-9609-418ED36F1C54}
Error: (03/30/2016 07:43:05 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst CSR Bluetooth Audio-Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (03/30/2016 02:04:37 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (03/29/2016 09:30:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (03/29/2016 09:29:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/29/2016 09:29:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (03/29/2016 09:27:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {BFF6845D-E49A-4A99-9609-418ED36F1C54}
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Prozentuale Nutzung des RAM: 78%
Installierter physikalischer RAM: 2934.7 MB
Verfügbarer physikalischer RAM: 636 MB
Summe virtueller Speicher: 5867.61 MB
Verfügbarer virtueller Speicher: 3227.28 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:83.05 GB) (Free:5.76 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:200.29 GB) (Free:11.91 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 62B71F54)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=83 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=200.3 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
30.03.2016, 11:52
| #5 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Und hier ist die Log datei von TDSS Killer Code:
ATTFilter 13:48:17.0360 0x1d08 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:48:24.0687 0x1d08 ============================================================
13:48:24.0687 0x1d08 Current date / time: 2016/03/30 13:48:24.0687
13:48:24.0687 0x1d08 SystemInfo:
13:48:24.0688 0x1d08
13:48:24.0688 0x1d08 OS Version: 6.1.7601 ServicePack: 1.0
13:48:24.0688 0x1d08 Product type: Workstation
13:48:24.0688 0x1d08 ComputerName: SINAN-PC
13:48:24.0688 0x1d08 UserName: Sinan
13:48:24.0688 0x1d08 Windows directory: C:\Windows
13:48:24.0688 0x1d08 System windows directory: C:\Windows
13:48:24.0688 0x1d08 Running under WOW64
13:48:24.0689 0x1d08 Processor architecture: Intel x64
13:48:24.0689 0x1d08 Number of processors: 2
13:48:24.0689 0x1d08 Page size: 0x1000
13:48:24.0689 0x1d08 Boot type: Normal boot
13:48:24.0689 0x1d08 ============================================================
13:48:27.0530 0x1d08 KLMD registered as C:\Windows\system32\drivers\13126294.sys
13:48:28.0169 0x1d08 System UUID: {881F0792-1185-EF99-8C27-43B6F3EFBF69}
13:48:28.0855 0x1d08 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:48:28.0865 0x1d08 ============================================================
13:48:28.0865 0x1d08 \Device\Harddisk0\DR0:
13:48:28.0865 0x1d08 MBR partitions:
13:48:28.0865 0x1d08 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
13:48:28.0865 0x1d08 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0xA6192B0
13:48:28.0884 0x1d08 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC398800, BlocksNum 0x19095800
13:48:28.0884 0x1d08 ============================================================
13:48:28.0913 0x1d08 C: <-> \Device\Harddisk0\DR0\Partition2
13:48:28.0942 0x1d08 D: <-> \Device\Harddisk0\DR0\Partition3
13:48:28.0942 0x1d08 ============================================================
13:48:28.0942 0x1d08 Initialize success
13:48:28.0942 0x1d08 ============================================================
13:49:14.0481 0x1c04 ============================================================
13:49:14.0481 0x1c04 Scan started
13:49:14.0481 0x1c04 Mode: Manual; SigCheck; TDLFS;
13:49:14.0481 0x1c04 ============================================================
13:49:14.0481 0x1c04 KSN ping started
13:49:28.0257 0x1c04 KSN ping finished: true
13:49:30.0753 0x1c04 ================ Scan system memory ========================
13:49:30.0753 0x1c04 System memory - ok
13:49:30.0753 0x1c04 ================ Scan services =============================
13:49:30.0941 0x1c04 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:49:31.0050 0x1c04 1394ohci - ok
13:49:31.0112 0x1c04 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:49:31.0128 0x1c04 ACPI - ok
13:49:31.0159 0x1c04 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:49:31.0253 0x1c04 AcpiPmi - ok
13:49:31.0362 0x1c04 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:49:31.0409 0x1c04 AdobeARMservice - ok
13:49:31.0549 0x1c04 [ A9D55370A0CBADD1E1E2B4796ACD26DF, 9FD0C2B1206321B34D97FF3D01C5C811022DA76DA667DB6ECCF2746437A706A2 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:49:31.0596 0x1c04 AdobeFlashPlayerUpdateSvc - ok
13:49:31.0658 0x1c04 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:49:31.0721 0x1c04 adp94xx - ok
13:49:31.0752 0x1c04 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:49:31.0767 0x1c04 adpahci - ok
13:49:31.0799 0x1c04 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:49:31.0814 0x1c04 adpu320 - ok
13:49:31.0861 0x1c04 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:49:31.0908 0x1c04 AeLookupSvc - ok
13:49:31.0986 0x1c04 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
13:49:32.0048 0x1c04 AESTFilters - ok
13:49:32.0142 0x1c04 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
13:49:32.0220 0x1c04 AFD - ok
13:49:32.0251 0x1c04 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:49:32.0267 0x1c04 agp440 - ok
13:49:32.0298 0x1c04 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:49:32.0329 0x1c04 ALG - ok
13:49:32.0376 0x1c04 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:49:32.0407 0x1c04 aliide - ok
13:49:32.0423 0x1c04 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:49:32.0454 0x1c04 amdide - ok
13:49:32.0469 0x1c04 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:49:32.0501 0x1c04 AmdK8 - ok
13:49:32.0501 0x1c04 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:49:32.0532 0x1c04 AmdPPM - ok
13:49:32.0563 0x1c04 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:49:32.0594 0x1c04 amdsata - ok
13:49:32.0625 0x1c04 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:49:32.0641 0x1c04 amdsbs - ok
13:49:32.0657 0x1c04 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:49:32.0703 0x1c04 amdxata - ok
13:49:32.0844 0x1c04 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:49:32.0937 0x1c04 AntiVirSchedulerService - ok
13:49:32.0984 0x1c04 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:49:33.0015 0x1c04 AntiVirService - ok
13:49:33.0093 0x1c04 [ B6818E2593CFF7AE07C280FA1FD80972, 7135D58ED58DDE74F1CBEAEA5A2DCB4CC921A6F907EFB3CB4348E12B9AF02895 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
13:49:33.0140 0x1c04 AntiVirWebService - ok
13:49:33.0203 0x1c04 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
13:49:33.0249 0x1c04 AppID - ok
13:49:33.0281 0x1c04 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:49:33.0312 0x1c04 AppIDSvc - ok
13:49:33.0359 0x1c04 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
13:49:33.0405 0x1c04 Appinfo - ok
13:49:33.0499 0x1c04 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:49:33.0530 0x1c04 Apple Mobile Device Service - ok
13:49:33.0561 0x1c04 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:49:33.0608 0x1c04 arc - ok
13:49:33.0624 0x1c04 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:49:33.0639 0x1c04 arcsas - ok
13:49:33.0764 0x1c04 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:49:33.0827 0x1c04 aspnet_state - ok
13:49:33.0842 0x1c04 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:49:34.0014 0x1c04 AsyncMac - ok
13:49:34.0029 0x1c04 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:49:34.0045 0x1c04 atapi - ok
13:49:34.0139 0x1c04 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:49:34.0248 0x1c04 AudioEndpointBuilder - ok
13:49:34.0295 0x1c04 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:49:34.0326 0x1c04 AudioSrv - ok
13:49:34.0373 0x1c04 [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:49:34.0404 0x1c04 avgntflt - ok
13:49:34.0451 0x1c04 [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:49:34.0482 0x1c04 avipbb - ok
13:49:34.0591 0x1c04 [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:49:34.0622 0x1c04 Avira.ServiceHost - ok
13:49:34.0653 0x1c04 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:49:34.0669 0x1c04 avkmgr - ok
13:49:34.0716 0x1c04 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:49:34.0809 0x1c04 AxInstSV - ok
13:49:34.0872 0x1c04 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:49:34.0950 0x1c04 b06bdrv - ok
13:49:34.0981 0x1c04 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:49:35.0012 0x1c04 b57nd60a - ok
13:49:35.0043 0x1c04 [ AC4E2D84DE54CD3A013AEFF0CC56095C, E0BAB08DCD60D06426209BA7465097E9F5AA243A93B29FD0A45607574086A123 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
13:49:35.0059 0x1c04 BCM42RLY - ok
13:49:35.0215 0x1c04 [ 8B5D16D20774FC3727F44E161BE2C0AC, 0EF2489E1ACC86403B1D6931140C5DF082127B327143ECB6EF28A4FF57D3C371 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
13:49:35.0371 0x1c04 BCM43XX - ok
13:49:35.0433 0x1c04 [ D224B2E6BB543F1D8F1177D57FEC2950, F5D4096A275E0AF24E38778EFAFFAFFAE3185BF8AD7A0547D50D8E7354EF7FCD ] BcmVWL C:\Windows\system32\DRIVERS\bcmvwl64.sys
13:49:35.0465 0x1c04 BcmVWL - ok
13:49:35.0496 0x1c04 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:49:35.0558 0x1c04 BDESVC - ok
13:49:35.0589 0x1c04 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:49:35.0667 0x1c04 Beep - ok
13:49:35.0745 0x1c04 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:49:35.0823 0x1c04 BFE - ok
13:49:35.0901 0x1c04 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:49:36.0401 0x1c04 BITS - ok
13:49:36.0447 0x1c04 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:49:36.0463 0x1c04 blbdrive - ok
13:49:36.0541 0x1c04 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:49:36.0603 0x1c04 Bonjour Service - ok
13:49:36.0635 0x1c04 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:49:36.0697 0x1c04 bowser - ok
13:49:36.0759 0x1c04 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:49:36.0791 0x1c04 BrFiltLo - ok
13:49:36.0806 0x1c04 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:49:36.0822 0x1c04 BrFiltUp - ok
13:49:36.0853 0x1c04 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:49:36.0884 0x1c04 Browser - ok
13:49:36.0915 0x1c04 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:49:36.0947 0x1c04 Brserid - ok
13:49:36.0978 0x1c04 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:49:37.0009 0x1c04 BrSerWdm - ok
13:49:37.0025 0x1c04 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:49:37.0056 0x1c04 BrUsbMdm - ok
13:49:37.0071 0x1c04 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:49:37.0087 0x1c04 BrUsbSer - ok
13:49:37.0103 0x1c04 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:49:37.0134 0x1c04 BTHMODEM - ok
13:49:37.0181 0x1c04 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
13:49:37.0243 0x1c04 BTHPORT - ok
13:49:37.0290 0x1c04 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:49:37.0337 0x1c04 bthserv - ok
13:49:37.0383 0x1c04 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
13:49:37.0430 0x1c04 BTHUSB - ok
13:49:37.0508 0x1c04 [ 6FF259D19E446CE736D2D9C1DA74C14E, 0E161A40B4D1CDBA9BD2B43FAB7E62822AE8F585FB1475478D18F83FC6CCC62C ] BtSwitcherService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
13:49:37.0539 0x1c04 BtSwitcherService - ok
13:49:37.0571 0x1c04 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:49:37.0633 0x1c04 cdfs - ok
13:49:37.0680 0x1c04 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:49:37.0711 0x1c04 cdrom - ok
13:49:37.0758 0x1c04 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:49:37.0820 0x1c04 CertPropSvc - ok
13:49:37.0836 0x1c04 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:49:37.0851 0x1c04 circlass - ok
13:49:37.0898 0x1c04 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
13:49:37.0945 0x1c04 CLFS - ok
13:49:38.0007 0x1c04 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:49:38.0054 0x1c04 clr_optimization_v2.0.50727_32 - ok
13:49:38.0101 0x1c04 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:49:38.0132 0x1c04 clr_optimization_v2.0.50727_64 - ok
13:49:38.0210 0x1c04 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:49:38.0273 0x1c04 clr_optimization_v4.0.30319_32 - ok
13:49:38.0304 0x1c04 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:49:38.0351 0x1c04 clr_optimization_v4.0.30319_64 - ok
13:49:38.0382 0x1c04 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:49:38.0397 0x1c04 CmBatt - ok
13:49:38.0413 0x1c04 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:49:38.0429 0x1c04 cmdide - ok
13:49:38.0491 0x1c04 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
13:49:38.0538 0x1c04 CNG - ok
13:49:38.0585 0x1c04 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:49:38.0616 0x1c04 Compbatt - ok
13:49:38.0647 0x1c04 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:49:38.0678 0x1c04 CompositeBus - ok
13:49:38.0694 0x1c04 COMSysApp - ok
13:49:38.0725 0x1c04 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:49:38.0741 0x1c04 crcdisk - ok
13:49:38.0772 0x1c04 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:49:38.0834 0x1c04 CryptSvc - ok
13:49:38.0865 0x1c04 [ DA2926CFC160698D3C4335A58385EE03, 03A9ADDC43D8B6ACB31B44D9FF9C2F7883C577D0E0D683D08C4FCB1C57F75E3C ] csravrcp C:\Windows\system32\DRIVERS\csravrcp.sys
13:49:38.0897 0x1c04 csravrcp - ok
13:49:38.0943 0x1c04 [ F36B14E5DD31BC45028556768615BDCA, 73894103BD1D4C50581F15BBF3CF8B4699185FFF88325B3A0B74EE3D37E427C1 ] CSRBtAudioService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
13:49:39.0006 0x1c04 CSRBtAudioService - ok
13:49:39.0037 0x1c04 [ 0D22E6DDFDFCE01CAB40A708989F4513, 92709F2A258D3FF2699C493BB330828A435198DF1A41E04E05D6847DC9D3DE4D ] CsrBthAudioHF C:\Windows\system32\DRIVERS\CsrBthAudioHF.sys
13:49:39.0053 0x1c04 CsrBthAudioHF - ok
13:49:39.0115 0x1c04 [ 21249D1C893CDA49C296727242109AD2, 31CBF9FCD3ED3A3FA1A17F5C2C9E39DE76A3856755B0C217BEF8629E43B04D6A ] CsrBtOBEX-Dienst C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
13:49:39.0209 0x1c04 CsrBtOBEX-Dienst - ok
13:49:39.0349 0x1c04 [ 6AA077D6CC426476E349DF8BFAB2DD0A, 5D24CE14881DD6D1C5003FDE45036DB8894546D26BAEA29D50A6F73B3BE78050 ] CsrBtPort C:\Windows\system32\DRIVERS\CsrBtPort.sys
13:49:39.0505 0x1c04 CsrBtPort - ok
13:49:39.0599 0x1c04 [ 56CD42AC0A286A29804D5E938B76BC75, 4B144E9C649786594169FB6B800B05E96810A9F31156A7046F53F4FEEF8E1125 ] CsrBtService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
13:49:39.0645 0x1c04 CsrBtService - ok
13:49:39.0708 0x1c04 [ 965FB144CA3970F7C2F0DF346155C25D, AC30DEF9673E9DFD07B0665C5302961F6F591F5A038249E84CF08F39642FE6F1 ] csrhfgcc C:\Windows\system32\DRIVERS\csrhfgcc.sys
13:49:39.0723 0x1c04 csrhfgcc - ok
13:49:39.0770 0x1c04 [ 0DF9608D4F893F0AFF96CCB5248F7F82, 79D320DAC0FA99F3545E2FF946CD00F31C4B81E719EFF176F439E1CF4DE1FFDF ] csrhidmini C:\Windows\system32\DRIVERS\csrhidmini.sys
13:49:39.0801 0x1c04 csrhidmini - ok
13:49:39.0817 0x1c04 [ B869927FB411004CCD98B7DF30A8AEDC, 4E72AE1EDFA55A8577B56ADAEF196910A915F619E121BCC98155439984FA2AE3 ] csrpan C:\Windows\system32\DRIVERS\csrpan.sys
13:49:39.0833 0x1c04 csrpan - ok
13:49:39.0864 0x1c04 [ 7DB081CD5AFF021666444D7CEFFBDB1B, F32E7D217B0BB6091D808BE413D548A2C66584BA3625F189C81090DC0CC1F0F9 ] csrserial C:\Windows\system32\DRIVERS\csrserial.sys
13:49:39.0879 0x1c04 csrserial - ok
13:49:39.0911 0x1c04 [ 19A0B8F1CE67E5E0E0CDF315F9DA29D6, 3A2E289F8E227D60F6211C5B62170F2F446DBD86ED7BE014B543F24D394600AF ] csrusb C:\Windows\system32\Drivers\csrusb.sys
13:49:39.0926 0x1c04 csrusb - ok
13:49:39.0957 0x1c04 [ D2EF74C29A95E8814BC0BCFF3F21D4D1, 1D70B391B0C3FE50C96932580302353BB290D589F7834407C4DA7FCFAF3B4B06 ] csrusbfilter C:\Windows\system32\Drivers\csrusbfilter.sys
13:49:39.0989 0x1c04 csrusbfilter - ok
13:49:40.0020 0x1c04 [ 244B34E4A0646BEBE254F67BD830B184, C71D2DA4FF16127E47749834D4F7DE91E12637BAB9458E1AEBC7CC0AD76628F1 ] csr_bthav C:\Windows\system32\drivers\csrbthav.sys
13:49:40.0051 0x1c04 csr_bthav - ok
13:49:40.0098 0x1c04 [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
13:49:40.0129 0x1c04 CtClsFlt - ok
13:49:40.0191 0x1c04 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:49:40.0269 0x1c04 DcomLaunch - ok
13:49:40.0301 0x1c04 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:49:40.0363 0x1c04 defragsvc - ok
13:49:40.0394 0x1c04 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:49:40.0457 0x1c04 DfsC - ok
13:49:40.0519 0x1c04 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:49:40.0597 0x1c04 Dhcp - ok
13:49:40.0737 0x1c04 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
13:49:40.0862 0x1c04 DiagTrack - ok
13:49:40.0987 0x1c04 [ 045135BAA14040385E1EEA31669E47F4, 7B3B6A420D2CD96B557824C743CE574C5691726D40B5B50588CCEDF9C26025BF ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
13:49:41.0034 0x1c04 DigitalWave.Update.Service - ok
13:49:41.0081 0x1c04 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:49:41.0143 0x1c04 discache - ok
13:49:41.0174 0x1c04 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:49:41.0221 0x1c04 Disk - ok
13:49:41.0252 0x1c04 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:49:41.0361 0x1c04 Dnscache - ok
13:49:41.0455 0x1c04 [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
13:49:41.0549 0x1c04 DockLoginService - detected UnsignedFile.Multi.Generic ( 1 )
13:49:44.0325 0x1c04 Detect skipped due to KSN trusted
13:49:44.0325 0x1c04 DockLoginService - ok
13:49:44.0388 0x1c04 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:49:44.0481 0x1c04 dot3svc - ok
13:49:44.0528 0x1c04 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:49:44.0591 0x1c04 DPS - ok
13:49:44.0622 0x1c04 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:49:44.0653 0x1c04 drmkaud - ok
13:49:44.0715 0x1c04 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:49:44.0747 0x1c04 dtsoftbus01 - ok
13:49:44.0840 0x1c04 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:49:44.0903 0x1c04 DXGKrnl - ok
13:49:44.0949 0x1c04 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:49:45.0012 0x1c04 EapHost - ok
13:49:45.0183 0x1c04 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:49:45.0386 0x1c04 ebdrv - ok
13:49:45.0542 0x1c04 [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS C:\Windows\System32\lsass.exe
13:49:45.0589 0x1c04 EFS - ok
13:49:45.0667 0x1c04 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:49:45.0729 0x1c04 ehRecvr - ok
13:49:45.0761 0x1c04 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:49:45.0792 0x1c04 ehSched - ok
13:49:45.0870 0x1c04 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:49:45.0932 0x1c04 elxstor - ok
13:49:45.0963 0x1c04 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:49:45.0995 0x1c04 ErrDev - ok
13:49:46.0073 0x1c04 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:49:46.0166 0x1c04 EventSystem - ok
13:49:46.0213 0x1c04 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:49:46.0275 0x1c04 exfat - ok
13:49:46.0291 0x1c04 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:49:46.0353 0x1c04 fastfat - ok
13:49:46.0463 0x1c04 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:49:46.0525 0x1c04 Fax - ok
13:49:46.0556 0x1c04 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:49:46.0587 0x1c04 fdc - ok
13:49:46.0634 0x1c04 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:49:46.0697 0x1c04 fdPHost - ok
13:49:46.0697 0x1c04 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:49:46.0743 0x1c04 FDResPub - ok
13:49:46.0775 0x1c04 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:49:46.0806 0x1c04 FileInfo - ok
13:49:46.0821 0x1c04 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:49:46.0868 0x1c04 Filetrace - ok
13:49:46.0884 0x1c04 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:49:46.0899 0x1c04 flpydisk - ok
13:49:46.0962 0x1c04 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:49:46.0993 0x1c04 FltMgr - ok
13:49:47.0102 0x1c04 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
13:49:47.0243 0x1c04 FontCache - ok
13:49:47.0305 0x1c04 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:49:47.0321 0x1c04 FontCache3.0.0.0 - ok
13:49:47.0352 0x1c04 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:49:47.0367 0x1c04 FsDepends - ok
13:49:47.0399 0x1c04 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:49:47.0414 0x1c04 Fs_Rec - ok
13:49:47.0445 0x1c04 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:49:47.0477 0x1c04 fvevol - ok
13:49:47.0492 0x1c04 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:49:47.0523 0x1c04 gagp30kx - ok
13:49:47.0586 0x1c04 [ C1BBCE4B30B45410178EE674C818D10C, 3FD449C20493057592A21CA812CA39803BC32136B84A060B2BF9621776D94E54 ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
13:49:47.0633 0x1c04 GameConsoleService - ok
13:49:47.0664 0x1c04 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:49:47.0695 0x1c04 GEARAspiWDM - ok
13:49:47.0773 0x1c04 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:49:47.0851 0x1c04 gpsvc - ok
13:49:47.0929 0x1c04 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:49:47.0960 0x1c04 gupdate - ok
13:49:47.0976 0x1c04 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:49:47.0991 0x1c04 gupdatem - ok
13:49:48.0007 0x1c04 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:49:48.0038 0x1c04 hcw85cir - ok
13:49:48.0101 0x1c04 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:49:48.0163 0x1c04 HdAudAddService - ok
13:49:48.0194 0x1c04 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:49:48.0225 0x1c04 HDAudBus - ok
13:49:48.0272 0x1c04 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:49:48.0303 0x1c04 HECIx64 - ok
13:49:48.0319 0x1c04 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:49:48.0350 0x1c04 HidBatt - ok
13:49:48.0366 0x1c04 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:49:48.0397 0x1c04 HidBth - ok
13:49:48.0428 0x1c04 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:49:48.0459 0x1c04 HidIr - ok
13:49:48.0475 0x1c04 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:49:48.0553 0x1c04 hidserv - ok
13:49:48.0600 0x1c04 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:49:48.0647 0x1c04 HidUsb - ok
13:49:48.0709 0x1c04 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:49:48.0771 0x1c04 hkmsvc - ok
13:49:48.0818 0x1c04 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:49:48.0896 0x1c04 HomeGroupListener - ok
13:49:48.0943 0x1c04 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:49:48.0974 0x1c04 HomeGroupProvider - ok
13:49:49.0021 0x1c04 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:49:49.0037 0x1c04 HpSAMD - ok
13:49:49.0099 0x1c04 [ 4DB356DF142BAD89A5F9E798B2A01E01, F6D43410524ACB391FAA37D7B913775CA33E08F7B75C4621607BB62B812D99C5 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
13:49:49.0130 0x1c04 HPSupportSolutionsFrameworkService - ok
13:49:49.0208 0x1c04 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:49:49.0271 0x1c04 HTTP - ok
13:49:49.0302 0x1c04 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:49:49.0333 0x1c04 hwpolicy - ok
13:49:49.0380 0x1c04 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:49:49.0427 0x1c04 i8042prt - ok
13:49:49.0489 0x1c04 [ 2064090C9FAAD92C090D77E50E735B2E, 802BF10AF2F4B5DC93926C34DB2782DA6FD7243766D583E85603879483A592D2 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:49:49.0567 0x1c04 iaStor - ok
13:49:49.0614 0x1c04 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:49:49.0692 0x1c04 iaStorV - ok
13:49:49.0785 0x1c04 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:49:49.0848 0x1c04 idsvc - ok
13:49:49.0863 0x1c04 IEEtwCollectorService - ok
13:49:50.0363 0x1c04 [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:49:51.0049 0x1c04 igfx - ok
13:49:51.0096 0x1c04 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:49:51.0111 0x1c04 iirsp - ok
13:49:51.0189 0x1c04 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:49:51.0267 0x1c04 IKEEXT - ok
13:49:51.0330 0x1c04 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
13:49:51.0361 0x1c04 Impcd - ok
13:49:51.0408 0x1c04 [ C6C1F19205DA83C801BE7C25F4E2EE07, AE28686272D0F3789751C8F73BE998026BA80D93539C81DDE148E34A34A9AD0C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:49:51.0470 0x1c04 IntcDAud - ok
13:49:51.0517 0x1c04 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:49:51.0548 0x1c04 intelide - ok
13:49:51.0579 0x1c04 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:49:51.0611 0x1c04 intelppm - ok
13:49:51.0658 0x1c04 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:49:51.0736 0x1c04 IPBusEnum - ok
13:49:51.0782 0x1c04 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:49:51.0860 0x1c04 IpFilterDriver - ok
13:49:51.0938 0x1c04 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:49:52.0032 0x1c04 iphlpsvc - ok
13:49:52.0079 0x1c04 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:49:52.0110 0x1c04 IPMIDRV - ok
13:49:52.0157 0x1c04 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:49:52.0235 0x1c04 IPNAT - ok
13:49:52.0328 0x1c04 [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:49:52.0360 0x1c04 iPod Service - ok
13:49:52.0406 0x1c04 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:49:52.0453 0x1c04 IRENUM - ok
13:49:52.0484 0x1c04 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:49:52.0516 0x1c04 isapnp - ok
13:49:52.0547 0x1c04 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:49:52.0578 0x1c04 iScsiPrt - ok
13:49:52.0609 0x1c04 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:49:52.0640 0x1c04 kbdclass - ok
13:49:52.0718 0x1c04 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:49:52.0750 0x1c04 kbdhid - ok
13:49:52.0812 0x1c04 [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso C:\Windows\system32\lsass.exe
13:49:52.0843 0x1c04 KeyIso - ok
13:49:52.0890 0x1c04 [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:49:52.0921 0x1c04 KSecDD - ok
13:49:52.0984 0x1c04 [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:49:53.0015 0x1c04 KSecPkg - ok
13:49:53.0046 0x1c04 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:49:53.0124 0x1c04 ksthunk - ok
13:49:53.0171 0x1c04 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:49:53.0264 0x1c04 KtmRm - ok
13:49:53.0327 0x1c04 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:49:53.0405 0x1c04 LanmanServer - ok
13:49:53.0467 0x1c04 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:49:53.0545 0x1c04 LanmanWorkstation - ok
13:49:53.0576 0x1c04 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:49:53.0670 0x1c04 lltdio - ok
13:49:53.0717 0x1c04 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:49:53.0795 0x1c04 lltdsvc - ok
13:49:53.0826 0x1c04 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:49:53.0873 0x1c04 lmhosts - ok
13:49:53.0951 0x1c04 [ 23DE5B62B0445A6F874BE633C95B483E, 39A8E5BD057F5EE049FA48848C5881DCD2CFB16CD9E2A03CC9DDF35F116FEE0B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:49:53.0982 0x1c04 LMS - ok
13:49:54.0029 0x1c04 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:49:54.0060 0x1c04 LSI_FC - ok
13:49:54.0091 0x1c04 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:49:54.0107 0x1c04 LSI_SAS - ok
13:49:54.0122 0x1c04 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:49:54.0154 0x1c04 LSI_SAS2 - ok
13:49:54.0169 0x1c04 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:49:54.0185 0x1c04 LSI_SCSI - ok
13:49:54.0200 0x1c04 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:49:54.0263 0x1c04 luafv - ok
13:49:54.0294 0x1c04 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:49:54.0341 0x1c04 Mcx2Svc - ok
13:49:54.0341 0x1c04 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:49:54.0372 0x1c04 megasas - ok
13:49:54.0388 0x1c04 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:49:54.0419 0x1c04 MegaSR - ok
13:49:54.0512 0x1c04 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:49:54.0544 0x1c04 Microsoft Office Groove Audit Service - ok
13:49:54.0575 0x1c04 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:49:54.0653 0x1c04 MMCSS - ok
13:49:54.0684 0x1c04 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:49:54.0731 0x1c04 Modem - ok
13:49:54.0762 0x1c04 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:49:54.0793 0x1c04 monitor - ok
13:49:54.0824 0x1c04 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
13:49:54.0856 0x1c04 mouclass - ok
13:49:54.0902 0x1c04 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:49:54.0934 0x1c04 mouhid - ok
13:49:54.0996 0x1c04 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:49:55.0027 0x1c04 mountmgr - ok
13:49:55.0074 0x1c04 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:49:55.0121 0x1c04 MozillaMaintenance - ok
13:49:55.0136 0x1c04 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:49:55.0168 0x1c04 mpio - ok
13:49:55.0199 0x1c04 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:49:55.0277 0x1c04 mpsdrv - ok
13:49:55.0339 0x1c04 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:49:55.0464 0x1c04 MpsSvc - ok
13:49:55.0542 0x1c04 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:49:55.0589 0x1c04 MRxDAV - ok
13:49:55.0636 0x1c04 [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:49:55.0714 0x1c04 mrxsmb - ok
13:49:55.0760 0x1c04 [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:49:55.0807 0x1c04 mrxsmb10 - ok
13:49:55.0854 0x1c04 [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:49:55.0870 0x1c04 mrxsmb20 - ok
13:49:55.0901 0x1c04 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:49:55.0948 0x1c04 msahci - ok
13:49:55.0963 0x1c04 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:49:55.0994 0x1c04 msdsm - ok
13:49:56.0010 0x1c04 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:49:56.0041 0x1c04 MSDTC - ok
13:49:56.0072 0x1c04 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:49:56.0150 0x1c04 Msfs - ok
13:49:56.0182 0x1c04 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:49:56.0244 0x1c04 mshidkmdf - ok
13:49:56.0275 0x1c04 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:49:56.0306 0x1c04 msisadrv - ok
13:49:56.0338 0x1c04 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:49:56.0416 0x1c04 MSiSCSI - ok
13:49:56.0416 0x1c04 msiserver - ok
13:49:56.0447 0x1c04 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:49:56.0509 0x1c04 MSKSSRV - ok
13:49:56.0540 0x1c04 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:49:56.0603 0x1c04 MSPCLOCK - ok
13:49:56.0618 0x1c04 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:49:56.0665 0x1c04 MSPQM - ok
13:49:56.0728 0x1c04 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:49:56.0774 0x1c04 MsRPC - ok
13:49:56.0837 0x1c04 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:49:56.0868 0x1c04 mssmbios - ok
13:49:56.0946 0x1c04 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:49:57.0024 0x1c04 MSTEE - ok
13:49:57.0040 0x1c04 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:49:57.0055 0x1c04 MTConfig - ok
13:49:57.0086 0x1c04 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:49:57.0102 0x1c04 Mup - ok
13:49:57.0149 0x1c04 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:49:57.0227 0x1c04 napagent - ok
13:49:57.0289 0x1c04 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:49:57.0367 0x1c04 NativeWifiP - ok
13:49:57.0461 0x1c04 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:49:57.0570 0x1c04 NDIS - ok
13:49:57.0617 0x1c04 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:49:57.0695 0x1c04 NdisCap - ok
13:49:57.0726 0x1c04 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:49:57.0788 0x1c04 NdisTapi - ok
13:49:57.0820 0x1c04 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:49:57.0866 0x1c04 Ndisuio - ok
13:49:57.0913 0x1c04 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:49:57.0976 0x1c04 NdisWan - ok
13:49:58.0022 0x1c04 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:49:58.0100 0x1c04 NDProxy - ok
13:49:58.0147 0x1c04 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
13:49:58.0194 0x1c04 Netaapl - ok
13:49:58.0241 0x1c04 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:49:58.0303 0x1c04 NetBIOS - ok
13:49:58.0350 0x1c04 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:49:58.0428 0x1c04 NetBT - ok
13:49:58.0459 0x1c04 [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon C:\Windows\system32\lsass.exe
13:49:58.0490 0x1c04 Netlogon - ok
13:49:58.0553 0x1c04 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:49:58.0662 0x1c04 Netman - ok
13:49:58.0709 0x1c04 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:58.0756 0x1c04 NetMsmqActivator - ok
13:49:58.0787 0x1c04 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:58.0818 0x1c04 NetPipeActivator - ok
13:49:58.0849 0x1c04 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:49:58.0974 0x1c04 netprofm - ok
13:49:58.0974 0x1c04 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:59.0005 0x1c04 NetTcpActivator - ok
13:49:59.0005 0x1c04 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:59.0021 0x1c04 NetTcpPortSharing - ok
13:49:59.0068 0x1c04 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:49:59.0083 0x1c04 nfrd960 - ok
13:49:59.0114 0x1c04 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
13:49:59.0161 0x1c04 NlaSvc - ok
13:49:59.0317 0x1c04 [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
13:49:59.0473 0x1c04 NOBU - ok
13:49:59.0520 0x1c04 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:49:59.0582 0x1c04 Npfs - ok
13:49:59.0629 0x1c04 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:49:59.0676 0x1c04 nsi - ok
13:49:59.0692 0x1c04 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:49:59.0738 0x1c04 nsiproxy - ok
13:49:59.0848 0x1c04 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:49:59.0957 0x1c04 Ntfs - ok
13:49:59.0988 0x1c04 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:50:00.0082 0x1c04 Null - ok
13:50:00.0128 0x1c04 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:50:00.0160 0x1c04 nvraid - ok
13:50:00.0175 0x1c04 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:50:00.0191 0x1c04 nvstor - ok
13:50:00.0222 0x1c04 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:50:00.0253 0x1c04 nv_agp - ok
13:50:00.0331 0x1c04 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:50:00.0409 0x1c04 odserv - ok
13:50:00.0425 0x1c04 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:50:00.0440 0x1c04 ohci1394 - ok
13:50:00.0487 0x1c04 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:50:00.0518 0x1c04 ose - ok
13:50:00.0565 0x1c04 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:50:00.0612 0x1c04 p2pimsvc - ok
13:50:00.0643 0x1c04 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:50:00.0690 0x1c04 p2psvc - ok
13:50:00.0721 0x1c04 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:50:00.0737 0x1c04 Parport - ok
13:50:00.0768 0x1c04 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:50:00.0784 0x1c04 partmgr - ok
13:50:00.0815 0x1c04 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:50:00.0862 0x1c04 PcaSvc - ok
13:50:00.0893 0x1c04 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:50:00.0940 0x1c04 pci - ok
13:50:00.0971 0x1c04 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:50:01.0002 0x1c04 pciide - ok
13:50:01.0033 0x1c04 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:50:01.0049 0x1c04 pcmcia - ok
13:50:01.0064 0x1c04 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:50:01.0080 0x1c04 pcw - ok
13:50:01.0142 0x1c04 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:50:01.0236 0x1c04 PEAUTH - ok
13:50:01.0345 0x1c04 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:50:01.0376 0x1c04 PerfHost - ok
13:50:01.0486 0x1c04 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:50:01.0657 0x1c04 pla - ok
13:50:01.0735 0x1c04 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:50:01.0876 0x1c04 PlugPlay - ok
13:50:01.0938 0x1c04 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:50:01.0969 0x1c04 PNRPAutoReg - ok
13:50:02.0016 0x1c04 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:50:02.0047 0x1c04 PNRPsvc - ok
13:50:02.0094 0x1c04 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:50:02.0156 0x1c04 PolicyAgent - ok
13:50:02.0203 0x1c04 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:50:02.0266 0x1c04 Power - ok
13:50:02.0297 0x1c04 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:50:02.0375 0x1c04 PptpMiniport - ok
13:50:02.0390 0x1c04 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:50:02.0422 0x1c04 Processor - ok
13:50:02.0484 0x1c04 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
13:50:02.0562 0x1c04 ProfSvc - ok
13:50:02.0578 0x1c04 [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:50:02.0609 0x1c04 ProtectedStorage - ok
13:50:02.0656 0x1c04 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:50:02.0718 0x1c04 Psched - ok
13:50:02.0780 0x1c04 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:50:02.0812 0x1c04 PxHlpa64 - ok
13:50:02.0905 0x1c04 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:50:02.0983 0x1c04 ql2300 - ok
13:50:02.0999 0x1c04 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:50:03.0030 0x1c04 ql40xx - ok
13:50:03.0233 0x1c04 [ 4730BC23CB7A412BDDEB4A54B8D8AE36, E52F3A81368139C8B469F8813D7668D81C7C0D4DA23C43B562CCAA6CDC742D24 ] QMUdisk C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMUdisk64.sys
13:50:03.0280 0x1c04 QMUdisk - ok
13:50:03.0358 0x1c04 [ 04A813EEBE61A33B2D1B49460A576F78, 5AB8BE425B93950BB464796DEAA35B2B251F7A7E289916642629BB695218968E ] QQPCRTP C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe
13:50:03.0389 0x1c04 QQPCRTP - ok
13:50:03.0482 0x1c04 [ A862FD0AA44571BE28EBAC80476109AD, 7152FD7257FC37754A538BD27B525FEC41D2B2A2BCB5DCF58441D0508F59EEC3 ] QQRepair81b C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair81b
13:50:03.0514 0x1c04 QQRepair81b - ok
13:50:03.0576 0x1c04 [ A862FD0AA44571BE28EBAC80476109AD, 7152FD7257FC37754A538BD27B525FEC41D2B2A2BCB5DCF58441D0508F59EEC3 ] QQRepairFixSVC C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC
13:50:03.0607 0x1c04 QQRepairFixSVC - ok
13:50:03.0638 0x1c04 [ 41DCFDA02BD886B5F4225AEA7142A1D4, 589377340737B193FC45AABBF8F83893F201BF441854DDDB99D541F75C247595 ] QQSysMonX64 C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQSysMonX64.sys
13:50:03.0670 0x1c04 QQSysMonX64 - ok
13:50:03.0716 0x1c04 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:50:03.0763 0x1c04 QWAVE - ok
13:50:03.0794 0x1c04 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:50:03.0857 0x1c04 QWAVEdrv - ok
13:50:03.0872 0x1c04 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:50:03.0919 0x1c04 RasAcd - ok
13:50:03.0950 0x1c04 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:50:04.0013 0x1c04 RasAgileVpn - ok
13:50:04.0044 0x1c04 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:50:04.0138 0x1c04 RasAuto - ok
13:50:04.0169 0x1c04 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:50:04.0216 0x1c04 Rasl2tp - ok
13:50:04.0278 0x1c04 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:50:04.0356 0x1c04 RasMan - ok
13:50:04.0387 0x1c04 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:50:04.0434 0x1c04 RasPppoe - ok
13:50:04.0465 0x1c04 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:50:04.0512 0x1c04 RasSstp - ok
13:50:04.0574 0x1c04 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:50:04.0637 0x1c04 rdbss - ok
13:50:04.0668 0x1c04 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:50:04.0715 0x1c04 rdpbus - ok
13:50:04.0746 0x1c04 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:50:04.0793 0x1c04 RDPCDD - ok
13:50:04.0808 0x1c04 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:50:04.0855 0x1c04 RDPENCDD - ok
13:50:04.0886 0x1c04 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:50:04.0964 0x1c04 RDPREFMP - ok
13:50:05.0042 0x1c04 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:50:05.0120 0x1c04 RdpVideoMiniport - ok
13:50:05.0167 0x1c04 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:50:05.0230 0x1c04 RDPWD - ok
13:50:05.0292 0x1c04 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:50:05.0323 0x1c04 rdyboost - ok
13:50:05.0370 0x1c04 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:50:05.0464 0x1c04 RemoteAccess - ok
13:50:05.0510 0x1c04 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:50:05.0588 0x1c04 RemoteRegistry - ok
13:50:05.0776 0x1c04 [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
13:50:05.0854 0x1c04 RoxMediaDB12OEM - ok
13:50:05.0900 0x1c04 [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
13:50:05.0916 0x1c04 RoxWatch12 - ok
13:50:05.0947 0x1c04 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:50:06.0025 0x1c04 RpcEptMapper - ok
13:50:06.0072 0x1c04 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:50:06.0181 0x1c04 RpcLocator - ok
13:50:06.0275 0x1c04 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:50:06.0353 0x1c04 RpcSs - ok
13:50:06.0415 0x1c04 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:50:06.0478 0x1c04 rspndr - ok
13:50:06.0524 0x1c04 [ 30F463768D5143BFD7B2DF822B53CF4D, 3DD94DDF95086C7C2A83617B499627C04D020BF9F230C0F080B169CB846F796F ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
13:50:06.0556 0x1c04 RSUSBSTOR - ok
13:50:06.0602 0x1c04 [ 6DF02B4EEF2869B77637EB65DDCED864, 74C2EFCCC7CA09B729BB99EE7F6D4F2A82B1E1923D7FE5D5A6C7DD1334D09E4D ] RtkBtFilter C:\Windows\system32\DRIVERS\RtkBtfilter.sys
13:50:06.0665 0x1c04 RtkBtFilter - ok
13:50:06.0727 0x1c04 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:50:06.0774 0x1c04 RTL8167 - ok
13:50:06.0774 0x1c04 [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs C:\Windows\system32\lsass.exe
13:50:06.0805 0x1c04 SamSs - ok
13:50:06.0852 0x1c04 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:50:06.0883 0x1c04 sbp2port - ok
13:50:06.0899 0x1c04 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:50:06.0961 0x1c04 SCardSvr - ok
13:50:07.0008 0x1c04 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:50:07.0070 0x1c04 scfilter - ok
13:50:07.0351 0x1c04 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
13:50:07.0414 0x1c04 Schedule - ok
13:50:07.0460 0x1c04 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:50:07.0523 0x1c04 SCPolicySvc - ok
13:50:07.0601 0x1c04 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:50:07.0663 0x1c04 SDRSVC - ok
13:50:07.0944 0x1c04 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
13:50:08.0006 0x1c04 SDScannerService - ok
13:50:08.0116 0x1c04 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
13:50:08.0194 0x1c04 SDUpdateService - ok
13:50:08.0225 0x1c04 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
13:50:08.0256 0x1c04 SDWSCService - ok
13:50:08.0303 0x1c04 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:50:08.0350 0x1c04 secdrv - ok
13:50:08.0381 0x1c04 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
13:50:08.0443 0x1c04 seclogon - ok
13:50:08.0474 0x1c04 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:50:08.0552 0x1c04 SENS - ok
13:50:08.0584 0x1c04 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:50:08.0630 0x1c04 SensrSvc - ok
13:50:08.0662 0x1c04 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:50:08.0677 0x1c04 Serenum - ok
13:50:08.0755 0x1c04 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:50:08.0802 0x1c04 Serial - ok
13:50:08.0833 0x1c04 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:50:08.0864 0x1c04 sermouse - ok
13:50:08.0927 0x1c04 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:50:09.0005 0x1c04 SessionEnv - ok
13:50:09.0020 0x1c04 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:50:09.0036 0x1c04 sffdisk - ok
13:50:09.0052 0x1c04 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:50:09.0083 0x1c04 sffp_mmc - ok
13:50:09.0098 0x1c04 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:50:09.0114 0x1c04 sffp_sd - ok
13:50:09.0145 0x1c04 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:50:09.0192 0x1c04 sfloppy - ok
13:50:09.0317 0x1c04 [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
13:50:09.0364 0x1c04 SftService - ok
13:50:09.0410 0x1c04 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:50:09.0488 0x1c04 SharedAccess - ok
13:50:09.0551 0x1c04 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:50:09.0644 0x1c04 ShellHWDetection - ok
13:50:09.0676 0x1c04 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:50:09.0707 0x1c04 SiSRaid2 - ok
13:50:09.0722 0x1c04 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:50:09.0738 0x1c04 SiSRaid4 - ok
13:50:09.0832 0x1c04 [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:50:09.0878 0x1c04 SkypeUpdate - ok
13:50:09.0925 0x1c04 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:50:10.0003 0x1c04 Smb - ok
13:50:10.0034 0x1c04 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:50:10.0050 0x1c04 SNMPTRAP - ok
13:50:10.0081 0x1c04 [ AF1E457B01C2CAAFDCAC118738ACC066, 97A8941072325DBFC7E6E0641BB81060380D59B6514B37AA5431F1C574E44FAB ] softaal C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\softaal64.sys
13:50:10.0112 0x1c04 softaal - ok
13:50:10.0128 0x1c04 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:50:10.0144 0x1c04 spldr - ok
13:50:10.0190 0x1c04 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:50:10.0253 0x1c04 Spooler - ok
13:50:10.0409 0x1c04 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:50:10.0627 0x1c04 sppsvc - ok
13:50:10.0736 0x1c04 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:50:10.0814 0x1c04 sppuinotify - ok
13:50:10.0877 0x1c04 [ 74D30C2EF66C2EB19F17ED5423AA8038, F79AB2B2B60620565FB2169255F95F4B37F6113F0AF776D1BAD02681EBE0DB54 ] sptd C:\Windows\System32\Drivers\sptd.sys
13:50:10.0892 0x1c04 sptd - ok
13:50:10.0970 0x1c04 [ 32503C6C5902F7A5E3F824FE04083B1C, C7CBAD4CF0F563B2D2815CA91268351D72B3282F22DA4A226D92747C5A91D69F ] SRepairDrv C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv
13:50:11.0002 0x1c04 SRepairDrv - ok
13:50:11.0048 0x1c04 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:50:11.0111 0x1c04 srv - ok
13:50:11.0158 0x1c04 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:50:11.0236 0x1c04 srv2 - ok
13:50:11.0251 0x1c04 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:50:11.0314 0x1c04 srvnet - ok
13:50:11.0470 0x1c04 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:50:11.0610 0x1c04 SSDPSRV - ok
13:50:11.0688 0x1c04 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:50:11.0766 0x1c04 SstpSvc - ok
13:50:11.0844 0x1c04 [ 463E33B1EA7AF1E6EB87B66B831DB41A, E76654F8E301829C0F27775A5673A3BA929FE4FA6C1C214A98C2915C5EC189A4 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
13:50:11.0906 0x1c04 STacSV - ok
13:50:12.0016 0x1c04 [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:50:12.0109 0x1c04 Steam Client Service - ok
13:50:12.0140 0x1c04 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:50:12.0172 0x1c04 stexstor - ok
13:50:12.0250 0x1c04 [ 4304B75094E106FB5423A290C95841E5, 55670F1DBC9B25A5E31FBEB3CB3C97E2B11CCD6359DA89FF1310C1BBCEC66A80 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
13:50:12.0312 0x1c04 STHDA - ok
13:50:12.0374 0x1c04 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:50:12.0437 0x1c04 stisvc - ok
13:50:12.0515 0x1c04 [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:50:12.0530 0x1c04 stllssvr - ok
13:50:12.0577 0x1c04 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
13:50:12.0608 0x1c04 swenum - ok
13:50:12.0640 0x1c04 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:50:12.0640 0x019c Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
13:50:12.0718 0x1c04 swprv - ok
13:50:12.0764 0x1c04 [ 8A3FBCB3D6D4710730D27DA4392A4863, 392CCBB54FF2017EDA147283F479E8DED525F41A316EAE114596BBA02D04AF82 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:50:12.0796 0x1c04 SynTP - ok
13:50:12.0905 0x1c04 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
13:50:13.0045 0x1c04 SysMain - ok
13:50:13.0092 0x1c04 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:50:13.0139 0x1c04 TabletInputService - ok
13:50:13.0186 0x1c04 [ 165894C340DC4C812CD130DD8D2BCFC0, 6A17ED5EA64DA4693F5368E9602D6FF4C71CBFD7013F3E916569EE00427D18C8 ] TAOAccelerator C:\Windows\system32\Drivers\TAOAccelerator64.sys
13:50:13.0232 0x1c04 TAOAccelerator - ok
13:50:13.0264 0x1c04 [ 091137D88BA17A1E6CF8A9D48AFEA484, 0BB822C20CE060AC1DCCBD1A9B59F7694B9505B29108E08ED082A6953D659363 ] TAOKernelDriver C:\Windows\system32\Drivers\TAOKernel64.sys
13:50:13.0295 0x1c04 TAOKernelDriver - ok
13:50:13.0326 0x1c04 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:50:13.0420 0x1c04 TapiSrv - ok
13:50:13.0451 0x1c04 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:50:13.0498 0x1c04 TBS - ok
13:50:13.0622 0x1c04 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:50:13.0732 0x1c04 Tcpip - ok
13:50:13.0872 0x1c04 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:50:13.0950 0x1c04 TCPIP6 - ok
13:50:13.0981 0x1c04 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:50:14.0012 0x1c04 tcpipreg - ok
13:50:14.0059 0x1c04 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:50:14.0106 0x1c04 TDPIPE - ok
13:50:14.0137 0x1c04 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:50:14.0153 0x1c04 TDTCP - ok
13:50:14.0215 0x1c04 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:50:14.0246 0x1c04 tdx - ok
13:50:14.0278 0x1c04 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
13:50:14.0309 0x1c04 TermDD - ok
13:50:14.0387 0x1c04 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
13:50:14.0465 0x1c04 TermService - ok
13:50:14.0527 0x1c04 [ 948E667025736C9B4C39F3C8C48057F2, 62A583E1A2C863C3A22E56CBDDDE303D30FBC5521E1BEB07E826EC2AEBFC433F ] TFsFlt C:\Windows\system32\Drivers\TFsFltX64.sys
13:50:14.0574 0x1c04 TFsFlt - ok
13:50:14.0605 0x1c04 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:50:14.0621 0x1c04 Themes - ok
13:50:14.0652 0x1c04 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:50:14.0714 0x1c04 THREADORDER - ok
13:50:14.0730 0x1c04 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:50:14.0808 0x1c04 TrkWks - ok
13:50:14.0870 0x1c04 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:50:14.0964 0x1c04 TrustedInstaller - ok
13:50:15.0026 0x1c04 [ FACDA017ECEC8F53FE6DDBEE81E04F5B, 9CBB4A1E4727B3E3B7217DC74C0E2A50985C4529B12DEBBADCB247E4D8E8374D ] TS888x64 C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TS888x64.sys
13:50:15.0058 0x1c04 TS888x64 - ok
13:50:15.0089 0x1c04 [ 9D7C94C16A83F8F4574EECD590969266, 30CD649636B82B2B2F58F0198C9F345AADD48517798A6709F94E451CDA962019 ] TSDefenseBt C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSDefenseBT64.sys
13:50:15.0104 0x1c04 TSDefenseBt - ok
13:50:15.0151 0x1c04 [ 394508690E345D69E80EEB2E9CCCBC9B, 738784C11B984884CBCE45617268B150F8DA854627F5ACD44A8F7B4C1E839A00 ] tsnethlpx64 C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys
13:50:15.0167 0x1c04 tsnethlpx64 - ok
13:50:15.0198 0x1c04 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:50:15.0245 0x1c04 tssecsrv - ok
13:50:15.0292 0x1c04 [ A7782DC371EB4B65E136F68F4726A236, 2509C2E5008B8AC18B82BD4F6647D26F2E67283720AF1CB3A183ACA7A28A6302 ] TSSKX64 C:\Windows\system32\drivers\tsskx64.sys
13:50:15.0307 0x1c04 TSSKX64 - ok
13:50:15.0370 0x1c04 [ 7FB54EBFD8C226BB1984E682918158E5, 3A2E0B686ECA70AB9C5A300FA455DC84ED0F66358F995BEFA6341271C005D5AE ] TSSysKit C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSSysKit64.sys
13:50:15.0416 0x1c04 TSSysKit - ok
13:50:15.0463 0x019c Object send P2P result: true
13:50:15.0494 0x1c04 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:50:15.0494 0x019c Object required for P2P: [ 4730BC23CB7A412BDDEB4A54B8D8AE36 ] QMUdisk
13:50:15.0557 0x1c04 TsUsbFlt - ok
13:50:15.0619 0x1c04 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:50:15.0697 0x1c04 tunnel - ok
13:50:15.0713 0x1c04 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:50:15.0760 0x1c04 uagp35 - ok
13:50:15.0806 0x1c04 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:50:15.0884 0x1c04 udfs - ok
13:50:15.0931 0x1c04 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:50:15.0947 0x1c04 UI0Detect - ok
13:50:15.0994 0x1c04 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:50:16.0025 0x1c04 uliagpkx - ok
13:50:16.0040 0x1c04 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:50:16.0056 0x1c04 umbus - ok
13:50:16.0072 0x1c04 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:50:16.0103 0x1c04 UmPass - ok
13:50:16.0274 0x1c04 [ CC3775100ABA633984F73DFAE1F55CAE, 845F129289BB73FD78A6C3B497F17BA973FD691BC9242200F81993417C803FE9 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:50:16.0368 0x1c04 UNS - ok
13:50:16.0493 0x1c04 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:50:16.0602 0x1c04 upnphost - ok
13:50:16.0649 0x1c04 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:50:16.0696 0x1c04 USBAAPL64 - ok
13:50:16.0789 0x1c04 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:50:16.0836 0x1c04 usbaudio - ok
13:50:16.0883 0x1c04 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:50:16.0961 0x1c04 usbccgp - ok
13:50:17.0008 0x1c04 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:50:17.0054 0x1c04 usbcir - ok
13:50:17.0101 0x1c04 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:50:17.0132 0x1c04 usbehci - ok
13:50:17.0179 0x1c04 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:50:17.0210 0x1c04 usbhub - ok
13:50:17.0273 0x1c04 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:50:17.0304 0x1c04 usbohci - ok
13:50:17.0351 0x1c04 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:50:17.0382 0x1c04 usbprint - ok
13:50:17.0429 0x1c04 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:50:17.0476 0x1c04 usbscan - ok
13:50:17.0491 0x1c04 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
13:50:17.0522 0x1c04 USBSTOR - ok
13:50:17.0538 0x1c04 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:50:17.0569 0x1c04 usbuhci - ok
13:50:17.0600 0x1c04 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:50:17.0647 0x1c04 usbvideo - ok
13:50:17.0678 0x1c04 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:50:17.0741 0x1c04 UxSms - ok
13:50:17.0772 0x1c04 [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc C:\Windows\system32\lsass.exe
13:50:17.0803 0x1c04 VaultSvc - ok
13:50:17.0834 0x1c04 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:50:17.0866 0x1c04 vdrvroot - ok
13:50:17.0928 0x1c04 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:50:18.0006 0x1c04 vds - ok
13:50:18.0037 0x1c04 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:50:18.0068 0x1c04 vga - ok
13:50:18.0084 0x1c04 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:50:18.0131 0x1c04 VgaSave - ok
13:50:18.0178 0x1c04 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:50:18.0224 0x1c04 vhdmp - ok
13:50:18.0240 0x1c04 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:50:18.0271 0x1c04 viaide - ok
13:50:18.0287 0x019c Object send P2P result: true
13:50:18.0302 0x1c04 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:50:18.0334 0x1c04 volmgr - ok
13:50:18.0380 0x1c04 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:50:18.0427 0x1c04 volmgrx - ok
13:50:18.0458 0x1c04 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:50:18.0474 0x1c04 volsnap - ok
13:50:18.0521 0x1c04 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:50:18.0536 0x1c04 vsmraid - ok
13:50:18.0630 0x1c04 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:50:18.0739 0x1c04 VSS - ok
13:50:18.0770 0x1c04 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:50:18.0786 0x1c04 vwifibus - ok
13:50:18.0802 0x1c04 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:50:18.0833 0x1c04 vwififlt - ok
13:50:18.0895 0x1c04 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:50:18.0973 0x1c04 W32Time - ok
13:50:19.0004 0x1c04 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:50:19.0020 0x1c04 WacomPen - ok
13:50:19.0082 0x1c04 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:50:19.0160 0x1c04 WANARP - ok
13:50:19.0176 0x1c04 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:50:19.0223 0x1c04 Wanarpv6 - ok
13:50:19.0332 0x1c04 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:50:19.0410 0x1c04 WatAdminSvc - ok
13:50:19.0519 0x1c04 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:50:19.0613 0x1c04 wbengine - ok
13:50:19.0691 0x1c04 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:50:19.0738 0x1c04 WbioSrvc - ok
13:50:19.0784 0x1c04 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:50:19.0847 0x1c04 wcncsvc - ok
13:50:19.0862 0x1c04 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:50:19.0894 0x1c04 WcsPlugInService - ok
13:50:19.0925 0x1c04 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:50:19.0940 0x1c04 Wd - ok
13:50:20.0003 0x1c04 [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
13:50:20.0050 0x1c04 WDC_SAM - ok
13:50:20.0112 0x1c04 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:50:20.0174 0x1c04 Wdf01000 - ok
13:50:20.0206 0x1c04 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:50:20.0268 0x1c04 WdiServiceHost - ok
13:50:20.0268 0x1c04 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:50:20.0299 0x1c04 WdiSystemHost - ok
13:50:20.0346 0x1c04 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
13:50:20.0440 0x1c04 WebClient - ok
13:50:20.0486 0x1c04 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:50:20.0564 0x1c04 Wecsvc - ok
13:50:20.0580 0x1c04 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:50:20.0643 0x1c04 wercplsupport - ok
13:50:20.0690 0x1c04 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:50:20.0768 0x1c04 WerSvc - ok
13:50:20.0799 0x1c04 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:50:20.0877 0x1c04 WfpLwf - ok
13:50:20.0924 0x1c04 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
13:50:20.0955 0x1c04 WimFltr - ok
13:50:20.0971 0x1c04 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:50:20.0987 0x1c04 WIMMount - ok
13:50:21.0018 0x1c04 WinDefend - ok
13:50:21.0018 0x1c04 WinHttpAutoProxySvc - ok
13:50:21.0111 0x1c04 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:50:21.0174 0x1c04 Winmgmt - ok
13:50:21.0267 0x1c04 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
13:50:21.0408 0x1c04 WinRM - ok
13:50:21.0470 0x1c04 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:50:21.0517 0x1c04 WinUsb - ok
13:50:21.0564 0x1c04 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:50:21.0642 0x1c04 Wlansvc - ok
13:50:21.0689 0x1c04 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:50:21.0720 0x1c04 wlcrasvc - ok
13:50:21.0907 0x1c04 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:50:21.0985 0x1c04 wlidsvc - ok
13:50:22.0032 0x1c04 [ DE816A0624D54D68E1FB8A9028DCF81A, 30C718E72E98F20BE55A7B74E0C6FAB6A9F236E0D41D1E224C8A32771A440641 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
13:50:22.0063 0x1c04 wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
13:50:24.0887 0x1c04 Detect skipped due to KSN trusted
13:50:24.0887 0x1c04 wltrysvc - ok
13:50:25.0011 0x1c04 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:50:25.0058 0x1c04 WmiAcpi - ok
13:50:25.0089 0x1c04 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:50:25.0121 0x1c04 wmiApSrv - ok
13:50:25.0152 0x1c04 WMPNetworkSvc - ok
13:50:25.0167 0x1c04 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:50:25.0230 0x1c04 WPCSvc - ok
13:50:25.0261 0x1c04 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:50:25.0323 0x1c04 WPDBusEnum - ok
13:50:25.0339 0x1c04 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:50:25.0417 0x1c04 ws2ifsl - ok
13:50:25.0448 0x1c04 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:50:25.0495 0x1c04 wscsvc - ok
13:50:25.0542 0x1c04 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
13:50:25.0589 0x1c04 WSDPrintDevice - ok
13:50:25.0635 0x1c04 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
13:50:25.0667 0x1c04 WSDScan - ok
13:50:25.0667 0x1c04 WSearch - ok
13:50:25.0838 0x1c04 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
13:50:25.0994 0x1c04 wuauserv - ok
13:50:26.0025 0x1c04 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:50:26.0072 0x1c04 WudfPf - ok
13:50:26.0119 0x1c04 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:50:26.0166 0x1c04 WUDFRd - ok
13:50:26.0213 0x1c04 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:50:26.0244 0x1c04 wudfsvc - ok
13:50:26.0275 0x1c04 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:50:26.0306 0x1c04 WwanSvc - ok
13:50:26.0369 0x1c04 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
13:50:26.0447 0x1c04 yukonw7 - ok
13:50:26.0525 0x1c04 ================ Scan global ===============================
13:50:26.0556 0x1c04 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
13:50:26.0603 0x1c04 [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
13:50:26.0649 0x1c04 [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
13:50:26.0681 0x1c04 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:50:26.0743 0x1c04 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:50:26.0774 0x1c04 [ Global ] - ok
13:50:26.0774 0x1c04 ================ Scan MBR ==================================
13:50:26.0790 0x1c04 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:50:27.0211 0x1c04 \Device\Harddisk0\DR0 - ok
13:50:27.0227 0x1c04 ================ Scan VBR ==================================
13:50:27.0227 0x1c04 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
13:50:27.0227 0x1c04 \Device\Harddisk0\DR0\Partition1 - ok
13:50:27.0227 0x1c04 [ EA57AEE806A8222C94F1CE61EC863392 ] \Device\Harddisk0\DR0\Partition2
13:50:27.0227 0x1c04 \Device\Harddisk0\DR0\Partition2 - ok
13:50:27.0273 0x1c04 [ 4E62A07F637CC9EE633A097D7DAD8469 ] \Device\Harddisk0\DR0\Partition3
13:50:27.0273 0x1c04 \Device\Harddisk0\DR0\Partition3 - ok
13:50:27.0273 0x1c04 ================ Scan generic autorun ======================
13:50:27.0461 0x1c04 [ 4A8C07E86AF82ED7F8677BDDDAD9A1A3, F81E8DCB6CDE0CF56487E308811943A9081EDCB8C5F13CCE26AE614C65BD1F2D ] C:\Program Files\Dell\QuickSet\QuickSet.exe
13:50:27.0648 0x1c04 QuickSet - ok
13:50:27.0726 0x1c04 [ 82A420C1388C76FD18018B0676933D33, B9A97A07F77B641B9FC3AEC04DD48C52DA850DB794AE757F9863B9FA166607A6 ] C:\Program Files\IDT\WDM\sttray64.exe
13:50:27.0773 0x1c04 SysTrayApp - ok
13:50:27.0773 0x1c04 SynTPEnh - ok
13:50:28.0007 0x1c04 [ D98EF2E62B94F243E1BAF4350BF48C61, 3B75F64F0A2C8BAFDBBB3DE13060455D0B47D09658F8A67703F149B48111DCB3 ] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
13:50:28.0272 0x1c04 Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )
13:50:38.0396 0x1c04 Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - warning
13:50:42.0093 0x0ef8 Object required for P2P: [ 394508690E345D69E80EEB2E9CCCBC9B ] tsnethlpx64
13:50:42.0125 0x1c04 [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
13:50:42.0156 0x1c04 Persistence - ok
13:50:42.0234 0x1c04 [ 20839D696727CA2F1DA6F255D0A15BAC, C10FCF3527ED6E3273C3655A06E72F2919622107737345D466D5B08CCEC60E9A ] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
13:50:42.0296 0x1c04 CsrHCRPServer - ok
13:50:42.0327 0x1c04 [ 0AED0AB3A735655DCF804E9D2166E341, B8C05E4E31A03B4AEDBB370E9C40C7965730D372FE616CBDDF753BEA7CB1032E ] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
13:50:42.0359 0x1c04 CsrAudioguiCtrl - ok
13:50:42.0374 0x1c04 [ 1676BD24F1C43E77487845D7EDE8E174, 2C07B45AB22EFCEF131C95AA71A8A635E9571978E524FC31B9FB9175B31266B7 ] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
13:50:42.0390 0x1c04 CsrSyncMLServer - ok
13:50:42.0405 0x1c04 [ B65CD168E1FD0A5D287F9297204CA209, 5EAC976F146202E1495A3C9802F013ACFB7D6F15895EE575E0C0F4ED7058B534 ] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
13:50:42.0421 0x1c04 vksts - ok
13:50:42.0437 0x1c04 [ B701D1004DB34D8FB1DD1490E281CFBF, 8A5F8932952BFD545254EDDED2D08119A953E755F6DC66A99514CE14866E9274 ] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
13:50:42.0437 0x1c04 HarmonyUserStartup - ok
13:50:42.0468 0x1c04 [ 84774BBF192445511719EE5DE70BD34E, EB26771F51A67CEBDDEF44F6B5E735DDF14726A63DA1B9BA80DB089AD134514B ] C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
13:50:42.0499 0x1c04 CSRHarmonySkypePlugin - ok
13:50:42.0530 0x1c04 [ 969BB83D34E0F15201576212C6938F6F, 44F0067A38E373CE952BE1D6A2D28FE081831C65EBFA926AF503A892688D5B9C ] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
13:50:42.0561 0x1c04 TrayApplication - ok
13:50:42.0624 0x1c04 [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] C:\Program Files\iTunes\iTunesHelper.exe
13:50:42.0639 0x1c04 iTunesHelper - ok
13:50:42.0764 0x1c04 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:50:42.0873 0x1c04 Sidebar - ok
13:50:42.0905 0x1c04 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:50:42.0951 0x1c04 mctadmin - ok
13:50:42.0998 0x1c04 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:50:43.0045 0x1c04 Sidebar - ok
13:50:43.0061 0x1c04 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:50:43.0076 0x1c04 mctadmin - ok
13:50:43.0248 0x1c04 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
13:50:43.0388 0x1c04 DAEMON Tools Lite - ok
13:50:43.0685 0x1c04 [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
13:50:44.0028 0x1c04 CCleaner Monitoring - ok
13:50:44.0153 0x1c04 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
13:50:44.0168 0x1c04 Dropbox Update - ok
13:50:44.0246 0x1c04 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
13:50:44.0309 0x1c04 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
13:50:44.0917 0x0ef8 Object send P2P result: true
13:50:44.0933 0x0ef8 Object required for P2P: [ 4A8C07E86AF82ED7F8677BDDDAD9A1A3 ] C:\Program Files\Dell\QuickSet\QuickSet.exe
13:50:47.0117 0x1c04 Detect skipped due to KSN trusted
13:50:47.0117 0x1c04 SpybotPostWindows10UpgradeReInstall - ok
13:50:47.0117 0x1c04 Waiting for KSN requests completion. In queue: 18
13:50:47.0772 0x0ef8 Object send P2P result: true
13:50:48.0131 0x1c04 Waiting for KSN requests completion. In queue: 16
13:50:49.0145 0x1c04 Waiting for KSN requests completion. In queue: 16
13:50:50.0174 0x1c04 AV detected via SS2: 电脑管家系统防护, C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCMgr.exe ( 11.4.17347.218 ), 0x51000 ( enabled : updated )
13:50:50.0252 0x1c04 Win FW state via NFP2: enabled ( trusted )
13:50:52.0998 0x1c04 ============================================================
13:50:52.0998 0x1c04 Scan finished
13:50:52.0998 0x1c04 ============================================================
13:50:53.0013 0x1cd0 Detected object count: 1
13:50:53.0013 0x1cd0 Actual detected object count: 1
13:51:18.0254 0x1cd0 Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - skipped by user
13:51:18.0254 0x1cd0 Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.03.2016, 14:53
| #6 |
| /// Malwareteam | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Schritt 0 Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Hinweis: Falls bei der Deinstallation zu Beginn ein Fehler auftritt oder du den aufgerufenen Uninstaller nicht bedienen kannst, breche dieses Setup einfach ab und fahre mit der Entfernung durch Revo wie oben beschrieben fort. Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ --> Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen |
|
31.03.2016, 23:40
| #7 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Vielen dank für die Hilfe,  Ich habe Schritt 0 und 1 schon durchgeführtIch bin gerade bei Schritt 2, aber das wird eine Weile dauern bis ich damit fertig bin, Entschuldigung dafür. Hier ist schonmal das Logfile von AdwCleaner Code:
ATTFilter # AdwCleaner v5.108 - Bericht erstellt am 31/03/2016 um 14:24:41
# Aktualisiert am 30/03/2016 von Xplode
# Datenbank : 2016-03-30.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Sinan - SINAN-PC
# Gestartet von : D:\Documents\Desktop\AdwCleaner_5.108.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst gelöscht : QQPCRTP
[-] Dienst gelöscht : TAOAccelerator
[-] Dienst gelöscht : TSDefenseBt
[-] Dienst gelöscht : TSSysKit
[-] Dienst gelöscht : QMUdisk
[-] Dienst gelöscht : TS888x64
[-] Dienst gelöscht : QQSysMonX64
[-] Dienst gelöscht : TFsFlt
[-] Dienst gelöscht : TAOKernelDriver
[-] Dienst gelöscht : TSSKX64
[-] Dienst gelöscht : softaal
[!] Dienst Nicht gelöscht : SRepairDrv
[-] Dienst gelöscht : QQRepairFixSVC
***** [ Ordner ] *****
[#] Ordner gelöscht : C:\Program Files (x86)\tencent
[-] Ordner gelöscht : C:\Program Files (x86)\WinTaske
[-] Ordner gelöscht : C:\Program Files (x86)\Common Files\tencent
[#] Ordner gelöscht : C:\Program Files\Common Files\tencent
[-] Ordner gelöscht : C:\ProgramData\apn
[#] Ordner gelöscht : C:\ProgramData\tencent
[-] Ordner gelöscht : C:\ProgramData\TXQMPC
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Ordner gelöscht : C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
[-] Ordner gelöscht : C:\Users\Sinan\AppData\Local\Temp\tencent
[-] Ordner gelöscht : C:\Users\Sinan\AppData\Roaming\tencent
[-] Ordner gelöscht : C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Ordner gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
***** [ Dateien ] *****
[-] Datei gelöscht : C:\Users\Public\Desktop\电脑管家.lnk
[-] Datei gelöscht : C:\Users\Public\Desktop\软件管理.lnk
[-] Datei gelöscht : C:\Users\Sinan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\电脑管家.lnk
[-] Datei gelöscht : C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
[-] Datei gelöscht : C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\extensions\staged\firefox@browser-security.de.xpi
[-] Datei gelöscht : C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\extensions\staged\firefox@browser-security.de.json
[-] Datei gelöscht : C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\foxydeal.sqlite
[-] Datei gelöscht : C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\foxydeal.sqlite
[-] Datei gelöscht : C:\Windows\SysNative\drivers\TAOAccelerator64.sys
[-] Datei gelöscht : C:\Windows\SysNative\drivers\TSSKX64.sys
[-] Datei gelöscht : C:\Windows\SysNative\drivers\TAOKernel64.sys
[#] Datei gelöscht : C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] Datei gelöscht : C:\Windows\SysWOW64\drivers\TS888x64.sys
[-] Datei gelöscht : D:\Documents\Desktop\Continue installation .lnk
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Schlüssel gelöscht : HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\QMContextUninstall
[-] Schlüssel gelöscht : HKEY_CLASSES_ROOT\Folder\ShellEx\ContextMenuHandlers\QMContextUninstall
[-] Schlüssel gelöscht : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\metnsd
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EE6530-8649-4F42-A9E4-F6A3295AF975}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKLM\SOFTWARE\simplitec
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F7246A03-96AD-436C-BF7C-23B8D796CFC9}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{ADBC6831-908C-4856-9D10-309139EE3AF9}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1CF1584F-FDAA-41B4-89F6-FFBED1B9F515}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1C9CC2C6-9FE0-47D9-BA1D-99EC6129F872}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E20E04FA-9677-4833-851F-5DDC6A8C8F61}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{48DF8721-DAAC-404C-A26D-737AFF187A48}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{D76E60A8-2424-4C92-9EB5-A2F47010DE91}C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{75DF8273-68CD-46D8-B9C6-3198B7988869}C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{EFF50451-8B57-491B-9D56-68DFE26A7C38}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4AF99F72-524C-4501-9C20-221F8E651322}]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ABC0332A-5C13-4375-8A12-2B90D1FCB937}
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
***** [ Internetbrowser ] *****
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("browser.newtab.url", "hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffseng");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("browser.search.defaultenginename", "yessearches");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffsengext");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=wak&q={searchTerms}&ts=AHEpCH8oBHMlAk..&uid=405D5CC55CB57FD4F1E83AA55441E45C&v=20160323");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=wak&q={searchTerms}&ts=AHEpCH8oBHMlAk..&uid=405D5CC55CB57FD4F1E83AA55441E45C&v=20160323");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("browser.search.selectedEngine", "yessearches");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("browser.startup.homepage", "hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffseng");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_102.name", "dealply_m");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_103.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_116.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_117.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_124.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_125.code", "// for stats use - banners\n\nif (typeof appAPI.internal.monetization =[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_126.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_128.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_135.code", "// for stats use - banners\n\nif (typeof appAPI.internal.monetization =[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_142.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_93.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_102.name", "dealply_m");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_103.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_116.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_117.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_124.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_125.code", "// for stats use - banners\n\nif (typeof appAPI.internal.monetization =[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_126.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_128.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_135.code", "// for stats use - banners\n\nif (typeof appAPI.internal.monetization =[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_142.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_93.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("browser.newtab.url", "hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffseng");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("browser.search.defaultenginename", "yessearches");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffsengext");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=wak&q={searchTerms}&ts=AHEpCH8oBHMlAk..&uid=405D5CC55CB57FD4F1E83AA55441E45C&v=20160323");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=wak&q={searchTerms}&ts=AHEpCH8oBHMlAk..&uid=405D5CC55CB57FD4F1E83AA55441E45C&v=20160323");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("browser.search.selectedEngine", "yessearches");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("browser.startup.homepage", "hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffseng");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_102.name", "dealply_m");
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_103.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_116.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_117.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_124.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_125.code", "// for stats use - banners\n\nif (typeof appAPI.internal.monetization =[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_126.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_128.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_135.code", "// for stats use - banners\n\nif (typeof appAPI.internal.monetization =[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_142.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal[...]
[-] [C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] [Preference] gelöscht : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.plugins.plugin_93.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
[-] [C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : search provided by yahoo.com
[-] [C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] gelöscht : hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=405D5CC55CB57FD4F1E83AA55441E45C&v=20160323&ts=AHEpCH8oBHMlAk..
[-] [C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] gelöscht : hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=405D5CC55CB57FD4F1E83AA55441E45C&v=20160323&ts=AHEpCH8oBHMlAk..
*************************
:: "Tracing" schlüssel löschen
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [24429 Bytes] - [31/03/2016 14:24:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [24226 Bytes] - [31/03/2016 14:22:17]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [24577 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 31.03.2016 Suchlaufzeit: 14:54 Protokolldatei: mbm.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.03.31.02 Rootkit-Datenbank: v2016.03.30.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Sinan Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 440871 Abgelaufene Zeit: 57 Min., 57 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.WinTaske, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2B9FEAC9-885E-428D-BA33-B2DEB232958C}, Löschen bei Neustart, [68e6236b316874c279cec1d1679d8d73], PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [78d6236bf1a88bab257430f78380669a], Registrierungswerte: 5 PUP.Optional.WinTaske, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2B9FEAC9-885E-428D-BA33-B2DEB232958C}|Path, \WinTaske, Löschen bei Neustart, [68e6236b316874c279cec1d1679d8d73] PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffsengext, In Quarantäne, [78d6236bf1a88bab257430f78380669a] PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffsengext, In Quarantäne, [eb63444ab6e348ee504949de649f0cf4] PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.yessearches.com/chrome.php?uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&q={searchTerms}&ts=AHEpCH8oBHMlAk..&v=20160323&mode=ffsengext, In Quarantäne, [8cc20589564369cd28719b8c6d96748c] PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.yessearches.com/chrome.php?uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&ts=AHEpCH8oBHMlAk..&v=20160323&mode=ffexttoolbar&q=, In Quarantäne, [cb8376183e5b42f4e3b672b55fa406fa] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 443 PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Application Cache, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\databases, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\data_reduction_proxy_leveldb, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension Rules, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ar, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\bg, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ca, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\cs, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\da, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\de, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\el, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_GB, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_US, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es_419, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\et, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fil, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\he, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\gl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\nl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\af, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\am, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ar, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\az, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\bg, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\bn, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ca, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\cs, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\da, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\de, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\el, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\en_GB, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\en_US, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\es, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\es_419, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\et, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\eu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fa, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fil, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fr_CA, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\gu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hy, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\id, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\is, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\it, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\iw, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ja, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ka, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\km, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\kn, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ko, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lo, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lt, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ml, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\mn, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\mr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ms, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ne, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\no, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pt_BR, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pt_PT, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ro, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ru, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\si, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sw, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ta, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\te, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\th, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\tr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\uk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ur, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\vi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_CN, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_HK, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_TW, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\button, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ar, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\bg, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ca, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\cs, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\da, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\de, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\el, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\en, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\es, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\fi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\fr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\gu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\he, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\hr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\hu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\id, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\it, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ja, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ko, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\nb, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\nl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pt_BR, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pt_PT, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ro, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ru, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\tr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\uk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\vi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\zh_CN, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\zh_TW, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_GB, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_BR, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_PT, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl, In Quarantäne, [e6683a545841f1450999223215f09f61], PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr, In Quarantäne, [e6683a545841f1450999223215f09f61], |
|
31.03.2016, 23:43
| #8 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösenCode:
ATTFilter PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_CN, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_TW, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000\t, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000\t\Paths, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_web.whatsapp.com_0.indexeddb.leveldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\JumpListIcons, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\JumpListIconsOld, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Extension Settings, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Storage, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\RYEV4E56, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\WritableRoot, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\478RSAJ7, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\478RSAJ7\macromedia.com, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\478RSAJ7\macromedia.com\support, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\478RSAJ7\macromedia.com\support\flashplayer, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\478RSAJ7\macromedia.com\support\flashplayer\sys, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Storage, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Storage\ext, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Storage\ext\chrome-signin, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Storage\ext\chrome-signin\def, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Storage\ext\chrome-signin\def\databases, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Applications, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Applications\_crx_aohghmighlieiainnegkcijnfilokake, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Avatars, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Caps, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist\7, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist\7\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist\7\_platform_specific, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist\7\_platform_specific\all, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PepperFlash, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PepperFlash\20.0.0.267, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PnaclTranslationCache, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\ShaderCache, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\SwiftShader, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\SwReporter, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\SwReporter\6.44.3, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\SwReporter\6.44.3\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\imgs, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\_metadata, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\_platform_specific, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\_platform_specific\win_x86, In Quarantäne, [e6683a545841f1450999223215f09f61],
Dateien: 685
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Secure Preferences, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\History Provider Cache, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Network Persistent State, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Shortcuts, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Bookmarks, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Bookmarks.bak, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\ChromeDWriteFontCache, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Cookies, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Cookies-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Current Session, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Current Tabs, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension Cookies, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Favicons, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Favicons-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Google Profile.ico, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\History, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\History-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Login Data, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Network Action Predictor, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Network Action Predictor-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Origin Bound Certs, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Preferences, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\QuotaManager, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\QuotaManager-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\README, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Secure Preferencesgbak, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Shortcuts-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Top Sites, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Top Sites-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\TransportSecurity, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Visited Links, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Data, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Data-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Datagbak, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\WebRTCIdentityStore, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Application Cache\Index, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Application Cache\Index-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\databases\Databases.db, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\data_reduction_proxy_leveldb\000003.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\data_reduction_proxy_leveldb\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\data_reduction_proxy_leveldb\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\data_reduction_proxy_leveldb\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\data_reduction_proxy_leveldb\LOG.old, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\data_reduction_proxy_leveldb\MANIFEST-000001, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension Rules\000003.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension Rules\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension Rules\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension Rules\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension Rules\MANIFEST-000001, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\000193.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\000195.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\000199.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\000201.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\000202.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\LOG.old, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extension State\MANIFEST-000171, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\icon_128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\icon_16.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\main.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\main.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata\computed_hashes.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\16.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\32.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\48.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ar\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\bg\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ca\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\cs\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\da\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\de\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\el\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_GB\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_US\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es_419\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\et\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fil\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\he\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\eventpage_bin_prod.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\page_embed_script.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\gl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\nl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\af\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\am\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ar\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\az\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\bg\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\bn\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ca\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\cs\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\da\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\de\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\el\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\en_GB\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\en_US\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\es\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\es_419\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\et\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\eu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fa\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fil\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fr_CA\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\gu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hy\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\id\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\is\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\it\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\iw\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ja\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ka\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\km\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\kn\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ko\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lo\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lt\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ml\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\mn\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\mr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ms\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ne\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\no\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pt_BR\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pt_PT\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ro\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ru\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\si\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sw\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ta\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\te\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\th\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\tr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\uk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ur\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\vi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_CN\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_HK\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_TW\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_metadata\computed_hashes.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\chrome_oauth_receiver.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\adblock_safari_beforeload.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\adblock_safari_contentblocking.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\adblock_start_chrome.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\adblock_start_common.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\background.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\bandaids.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\CHANGELOG.txt, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\checkupdates.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\chrome_oauth_receiver.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\datacollection.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\dropbox-datastores.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\functions.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\gab_question.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\idlehandler.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\LICENSE, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\notificationoverlay.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\port.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\punycode.min.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\README.markdown, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\stats.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\survey.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\translators.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\ytchannel.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\button\popup.css, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\button\popup.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\button\popup.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\declarativewebrequest.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\domainset.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\filternormalizer.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\filteroptions.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\filterset.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\filtertypes.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\myfilters.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\delete.gif, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\dropbox1.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\dropbox2.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\dropbox3.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\facebook-sprite.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\gplus-sprite.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon16.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon16_grayscale.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon16_grayscale@2x.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon19-grayscale.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon19-whitelisted.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon19.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon24.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon32.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon38-grayscale.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon38-whitelisted.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon38.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon48.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\loader.gif, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\logo.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\twitter-sprite.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\check.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\magnifying_glass.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\search-engine-card_no-shadow.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\search-engine-icons.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\search-omnibox-card_no-shadow.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\search_engine_select_arrow.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\jquery-ui.custom.min.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\jquery.cookie.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\jquery.min.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\jquery-ui.custom.css, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\override-page.css, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_flat_55_999999_40x100.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_flat_75_aaaaaa_40x100.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_glass_45_0078ae_1x400.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_glass_55_f8da4e_1x400.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_glass_75_79c9ec_1x400.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_gloss-wave_50_38cfff_500x100.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_gloss-wave_75_2191c0_500x100.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_inset-hard_100_fcfdfd_1x100.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-icons_056b93_256x240.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-icons_d8e7f3_256x240.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\bug-report.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\bug-report.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\customize.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\customize.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\filters.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\filters.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\general.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\general.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\index.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\index.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\options.css, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\support.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\support.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\adreport.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\adreport.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\resourceblock.css, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\resourceblock.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\resourceblock.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\subscribe.css, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\subscribe.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\subscribe.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\load_jquery_ui.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\send_content_to_back.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\top_open_blacklist_ui.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\top_open_whitelist_ui.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\blacklistui.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\clickwatcher.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\elementchain.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\overlay.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\rightclick_hook.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ar\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\bg\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ca\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\cs\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\da\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\de\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\el\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\en\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\es\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\fi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\fr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\gu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\he\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\hr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\hu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\id\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\it\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ja\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ko\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\nb\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\nl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
|
|
31.03.2016, 23:45
| #9 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösenCode:
ATTFilter PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pt_BR\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pt_PT\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ro\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ru\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\tr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\uk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\vi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\zh_CN\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\zh_TW\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_metadata\computed_hashes.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\craw_background.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\craw_window.js, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css\craw_window.css, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html\craw_window.html, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\flapper.gif, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\icon_128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\icon_16.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\topbar_floating_button.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\topbar_floating_button_close.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\topbar_floating_button_hover.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\topbar_floating_button_maximize.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\topbar_floating_button_pressed.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_GB\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_BR\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_PT\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_CN\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_TW\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW\messages.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000\t\.usage, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000\t\Paths\000003.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000\t\Paths\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000\t\Paths\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000\t\Paths\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\000\t\Paths\MANIFEST-000002, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000005.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000008.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000010.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000011.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000012.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000013.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000014.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000015.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\000016.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\LOG.old, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\File System\Origins\MANIFEST-000007, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store\000003.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store\000006.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store\000007.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store\LOG.old, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\GCM Store\MANIFEST-000001, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_web.whatsapp.com_0.indexeddb.leveldb\000003.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_web.whatsapp.com_0.indexeddb.leveldb\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_web.whatsapp.com_0.indexeddb.leveldb\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_web.whatsapp.com_0.indexeddb.leveldb\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_web.whatsapp.com_0.indexeddb.leveldb\MANIFEST-000002, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\000003.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\LOG.old, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\MANIFEST-000001, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\000054.bak, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\000054.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\000074.bak, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\000074.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\000081.bak, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\000081.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\000090.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\LOG.old, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\IndexedDB\https_www.google.ro_0.indexeddb.leveldb\MANIFEST-000089, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\JumpListIcons\82D8.tmp, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\JumpListIcons\82D9.tmp, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\JumpListIconsOld\DA6.tmp, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\JumpListIconsOld\DA7.tmp, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\000003.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\MANIFEST-000001, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Storage\https_www.google.ro_0.localstorage, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Storage\https_www.google.ro_0.localstorage-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Storage\https_www.youtube.com_0.localstorage, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Local Storage\https_www.youtube.com_0.localstorage-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\478RSAJ7\macromedia.com\support\flashplayer\sys\settings.sol, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\000201.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\000204.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\000207.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\000209.log, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\000210.ldb, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\CURRENT, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\LOCK, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\LOG, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\LOG.old, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Session Storage\MANIFEST-000169, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Storage\ext\chrome-signin\def\Cookies, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Storage\ext\chrome-signin\def\QuotaManager, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Storage\ext\chrome-signin\def\databases\Databases.db, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Applications\_crx_aohghmighlieiainnegkcijnfilokake\Google Docs.ico, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Applications\_crx_aohghmighlieiainnegkcijnfilokake\Google Docs.ico.md5, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Download Whitelist, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Certificate Revocation Lists, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\en-US-3-0.bdic, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\en-US-4-0.bdic, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\en-US-6-1.bdic, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\First Run, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Local State, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Bloom, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Bloom Prefix Set, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Cookies, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Cookies-journal, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Csd Whitelist, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Download, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Extension Blacklist, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Inclusion Whitelist, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing IP Blacklist, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing UwS List, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing UwS List Prefix Set, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Avatars\avatar_generic.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist\7\manifest.fingerprint, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist\7\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist\7\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\EVWhitelist\7\_platform_specific\all\ev_hashes_whitelist.bin, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PepperFlash\20.0.0.267\manifest.fingerprint, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PepperFlash\20.0.0.267\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PepperFlash\20.0.0.267\pepflashplayer.dll, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\manifest.fingerprint, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_pnacl_json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\pnacl\0.46.0.4\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PnaclTranslationCache\data_0, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PnaclTranslationCache\data_1, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PnaclTranslationCache\data_2, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PnaclTranslationCache\data_3, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\PnaclTranslationCache\index, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\SwReporter\6.44.3\manifest.fingerprint, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\SwReporter\6.44.3\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\SwReporter\6.44.3\software_reporter_tool.exe, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\SwReporter\6.44.3\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\manifest.fingerprint, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\manifest.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\imgs\icon-128x128.png, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\_metadata\verified_contents.json, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\_platform_specific\win_x86\CdmAdapterVersion, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdm.dll, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll, In Quarantäne, [e6683a545841f1450999223215f09f61],
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.yessearches.com/?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffseng");), Ersetzt,[74daeda1d9c074c2bf926fe636cf30d0]
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (C7l2Gv+V63+V34uxg==\":1,\"99d5R9q4/KyZBz9pzc6dsw==\":1,\"+FGfbQqQI6PtMPCLu5tZ7Q==\":1,\"o3+1Q/ZpAcgXWuiQYIFX1Q==\":1,\"Fg2xs2Gxd9xcmSWjVlcEmA==\":1,\"WqU2KriWhpI3VCdlC), Ersetzt,[cc82bcd2f0a9b086f55c3b1a3fc606fa]
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (hile the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_), Ersetzt,[aba35a34aeebd95da9a864f1897cb050]
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (nning,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeahe), Ersetzt,[91bd602e8e0bc472bd94c49161a4619f]
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (ime.addon-background-update-timer", 1443148123);
user_pref("app.update.lastUpdateTime.background-update-timer", 1443147637);
user_pref("app.update.lastUpdat), Ersetzt,[69e58608a9f0979f2c25f65f32d34db3]
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (config", "{\"Status\":1,\"Endpoint\":\"https://s752.searchelper.com\"}");
user_pref("extensions.ich@maltegoetz.de.tr_web_id", "Gy8DRd6WvrEeKxYa4w9sYVXXkT8pdd6s");
user_pref("extensions.ich@maltegoetz.de), Ersetzt,[b59996f8c2d7be78b79ac88db74e50b0]
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: ("sr\":1456}");
user_pref("datareporting.sessions.previous.13", "{\"s\":1402170373531,\"a\":168,\"t\":3486,\"c\":true,\"m\":62,\"fp\":1358,\"sr\":1463}");
user_pre), Ersetzt,[25295f2ff2a71125c58c6fe60df8d030]
PUP.Optional.YesSearches, C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.yessearches.com), Ersetzt,[db73d9b51d7c5adc46207fd66a9bc937]
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
31.03.2016, 23:46
| #10 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Sinan (Administrator) auf SINAN-PC (01-04-2016 01:09:40)
Gestartet von D:\Documents\Desktop
Geladene Profile: Sinan (Verfügbare Profile: Sinan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\PrintIsolationHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-18] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [837640 2015-12-08] (DivX, LLC)
HKLM-x32\...\Run: [ic-0.3bd06eee758598.exe -start] => C:\Users\Sinan\AppData\Local\Temp\9762807\ic-0.3bd06eee758598.exe -start <===== ACHTUNG
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE" /regrun /qqrepair
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [Dropbox Update] => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-27] (Dropbox, Inc.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: H - H:\AutoPlay.exe
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: {8093af26-b829-11e5-b28e-f04da2bf283c} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-05] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{7E4C64A2-3924-4DBB-8316-0C684C56318B}: [DhcpNameServer] 62.217.213.70 62.217.213.71
Tcpip\..\Interfaces\{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}: [DhcpNameServer] 193.231.252.1 213.154.124.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {1F9A24E2-0FEF-4961-AAAF-545084DE2E3B} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-19] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF DefaultSearchEngine: Amazon.com
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-12-02] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\englische-ergebnisse.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\gmx-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\lastminute.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\webde-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\englische-ergebnisse.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\gmx-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\lastminute.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\webde-suche.xml [2012-10-04]
FF Extension: LeechBlock - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-09-25]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-08] [ist nicht signiert]
FF Extension: Multi YouTube mp3 - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\d.lehr@chello.at.xpi [2015-06-08]
FF Extension: German Dictionary - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-02-10]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: LeechBlock - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-09-25]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Multi YouTube mp3 - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\d.lehr@chello.at.xpi [2015-06-08]
FF Extension: German Dictionary - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-03-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (AdBlock) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-29]
CHR Extension: (Gmail) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-03] (Dell Inc.) [Datei ist nicht signiert]
S2 QQRepair139c; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair139c" [X]
S2 SDScannerService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [X]
S2 SDUpdateService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [X]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\Windows\System32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\Windows\System32\DRIVERS\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhidmini; C:\Windows\System32\DRIVERS\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [585944 2015-01-20] (Realtek Semiconductor Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [14368 1968-04-08] () [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-07] (Duplex Secure Ltd.)
U3 ajb6w7fp; C:\Windows\System32\Drivers\ajb6w7fp.sys [0 ] (Intel Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-31 14:40 - 2016-04-01 01:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-31 14:38 - 2016-04-01 00:59 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-31 14:38 - 2016-03-31 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-31 14:38 - 2016-03-31 14:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-31 14:38 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-31 14:38 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-31 14:38 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-31 14:27 - 2016-03-31 14:27 - 00000000 ____D C:\ProgramData\TXQMPC
2016-03-31 14:20 - 2016-03-31 14:24 - 00000000 ____D C:\AdwCleaner
2016-03-31 13:39 - 2016-03-31 13:39 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-03-31 13:39 - 2016-03-31 13:39 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-03-30 13:48 - 2016-03-30 13:57 - 00229914 _____ C:\TDSSKiller.3.1.0.9_30.03.2016_13.48.17_log.txt
2016-03-30 07:33 - 2016-04-01 01:09 - 00000000 ____D C:\FRST
2016-03-29 19:30 - 2016-04-01 00:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-03-29 13:27 - 2016-03-29 13:27 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-29 13:20 - 2016-03-29 13:20 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-03-29 13:19 - 2016-04-01 00:59 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-03-29 13:19 - 2016-03-31 14:02 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-29 13:19 - 2016-03-31 14:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-29 13:19 - 2016-03-31 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-29 13:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-03-29 13:05 - 2016-03-29 13:05 - 00005120 _____ C:\Users\Sinan\AppData\Roaming\GiftBag.db
2016-03-29 13:05 - 2016-03-29 13:05 - 00000000 ____D C:\Windows\SysWOW64\tab
2016-03-29 13:05 - 2016-03-29 13:05 - 00000000 ____D C:\Windows\SysWOW64\hover
2016-03-29 13:03 - 2016-03-29 13:02 - 00097400 ____N (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-03-29 13:02 - 2016-03-31 14:27 - 00000000 ____D C:\ProgramData\Tencent
2016-03-29 13:02 - 2016-03-29 13:02 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-03-29 13:01 - 2016-03-29 13:01 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-29 13:01 - 2016-03-29 13:01 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-21 19:14 - 2016-03-25 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-21 18:34 - 2016-03-21 18:34 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-16 22:57 - 2016-03-16 22:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-09 20:31 - 2016-02-12 21:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 20:31 - 2016-02-12 21:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 20:31 - 2016-02-12 21:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 20:31 - 2016-02-12 21:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 20:31 - 2016-02-12 21:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 20:31 - 2016-02-12 21:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 20:31 - 2016-02-12 21:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 20:31 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 20:31 - 2016-02-12 21:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 20:31 - 2016-02-12 21:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 20:31 - 2016-02-12 21:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 20:31 - 2016-02-12 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 20:31 - 2016-02-12 21:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 20:31 - 2016-02-09 12:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 20:31 - 2016-02-09 09:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 20:31 - 2016-02-09 09:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 20:31 - 2016-02-09 00:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 20:31 - 2016-02-08 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 20:31 - 2016-02-08 23:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 20:31 - 2016-02-08 23:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 20:31 - 2016-02-08 23:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 20:31 - 2016-02-08 23:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 20:31 - 2016-02-08 23:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 20:31 - 2016-02-08 23:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 20:31 - 2016-02-08 23:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 20:31 - 2016-02-08 23:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 20:31 - 2016-02-08 23:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 20:31 - 2016-02-08 23:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 20:31 - 2016-02-08 23:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 20:31 - 2016-02-08 23:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 20:31 - 2016-02-08 23:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 20:31 - 2016-02-08 23:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 20:31 - 2016-02-08 23:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 20:31 - 2016-02-08 23:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 20:31 - 2016-02-08 23:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 20:31 - 2016-02-08 23:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 20:31 - 2016-02-08 23:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 20:31 - 2016-02-08 23:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 20:31 - 2016-02-08 22:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 20:31 - 2016-02-08 22:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 20:31 - 2016-02-08 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 20:31 - 2016-02-08 21:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 20:31 - 2016-02-08 21:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 20:31 - 2016-02-08 21:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 20:31 - 2016-02-08 21:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 20:31 - 2016-02-08 21:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 20:31 - 2016-02-08 21:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 20:31 - 2016-02-08 21:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 20:31 - 2016-02-08 21:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 20:31 - 2016-02-08 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 20:31 - 2016-02-08 21:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 20:31 - 2016-02-08 20:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 20:31 - 2016-02-08 20:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 20:31 - 2016-02-08 20:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 20:31 - 2016-02-08 20:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 20:31 - 2016-02-08 20:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 20:31 - 2016-02-08 20:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 20:31 - 2016-02-08 20:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 20:31 - 2016-02-08 20:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 20:31 - 2016-02-08 19:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 20:31 - 2016-02-04 20:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 20:31 - 2016-02-03 21:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 20:31 - 2016-02-03 21:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 20:31 - 2016-02-03 21:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 20:31 - 2016-02-03 21:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 20:31 - 2016-02-03 21:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 20:31 - 2016-01-11 22:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 20:31 - 2015-11-19 17:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 20:30 - 2016-02-11 21:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 20:30 - 2016-02-11 21:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 20:30 - 2016-02-11 21:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 20:30 - 2016-02-11 21:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 20:30 - 2016-02-11 21:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 20:30 - 2016-02-11 21:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 20:30 - 2016-02-11 21:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 20:30 - 2016-02-11 21:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 20:30 - 2016-02-11 21:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 20:30 - 2016-02-11 21:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 20:30 - 2016-02-11 20:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 20:30 - 2016-02-11 20:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 20:30 - 2016-02-11 20:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 20:30 - 2016-02-11 20:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 20:30 - 2016-02-11 20:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 20:30 - 2016-02-11 20:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 20:30 - 2016-02-11 20:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 20:30 - 2016-02-11 20:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 20:30 - 2016-02-11 20:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:30 - 2016-02-08 23:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 20:30 - 2016-02-08 23:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 20:30 - 2016-02-08 23:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 20:30 - 2016-02-08 21:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 20:30 - 2016-02-08 21:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 20:30 - 2016-02-08 21:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 20:30 - 2016-02-08 21:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 20:30 - 2016-02-08 21:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 20:30 - 2016-02-08 21:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 20:30 - 2016-02-08 21:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 20:30 - 2016-02-08 21:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 20:30 - 2016-02-08 20:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 20:30 - 2016-02-08 20:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 20:30 - 2016-02-08 20:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 20:30 - 2016-02-08 20:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 20:30 - 2016-02-08 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 20:30 - 2016-02-08 20:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 20:29 - 2016-02-19 22:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 20:29 - 2016-02-19 21:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 20:29 - 2016-02-19 17:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 20:29 - 2016-02-11 17:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 20:29 - 2016-02-09 12:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 20:29 - 2016-02-09 12:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 20:29 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 20:29 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 20:29 - 2016-02-09 12:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 20:29 - 2016-02-09 12:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 20:29 - 2016-02-09 12:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 20:29 - 2016-02-09 12:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 20:29 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 20:29 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 20:29 - 2016-02-05 21:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 20:29 - 2016-02-05 21:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 20:29 - 2016-02-05 21:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 20:29 - 2016-02-05 21:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 20:29 - 2016-02-05 21:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 20:29 - 2016-02-05 21:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 20:29 - 2016-02-05 21:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 20:29 - 2016-02-05 20:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 20:29 - 2016-02-05 20:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 20:29 - 2016-02-05 20:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 20:29 - 2016-02-05 04:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 20:29 - 2016-02-04 21:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-01 01:05 - 2009-07-14 07:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-01 01:05 - 2009-07-14 07:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-01 00:59 - 2016-01-25 15:02 - 00001014 _____ C:\Users\Public\Desktop\Dark Crusade.lnk
2016-04-01 00:59 - 2014-06-27 21:54 - 00000583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baldur's Gate II Enhanced Edition.lnk
2016-04-01 00:59 - 2014-06-23 11:45 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-01 00:59 - 2014-06-08 10:42 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-01 00:59 - 2014-06-07 16:12 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-01 00:59 - 2014-06-07 16:04 - 00002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-01 00:59 - 2014-06-06 16:05 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-04-01 00:59 - 2014-06-06 16:02 - 00001889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-04-01 00:59 - 2010-12-21 15:38 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-01 00:59 - 2010-12-21 15:38 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-01 00:59 - 2009-07-14 07:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-01 00:58 - 2016-02-26 14:00 - 00000811 _____ C:\Users\Sinan\Desktop\SpellForce - Platinum Edition.lnk
2016-04-01 00:58 - 2014-06-06 16:07 - 00000855 _____ C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-04-01 00:58 - 2014-06-06 15:16 - 00001427 _____ C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-01 00:58 - 2009-07-14 08:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-01 00:58 - 2009-07-14 07:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-01 00:56 - 2014-06-23 11:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-01 00:56 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-01 00:53 - 2015-10-15 21:06 - 00000000 ____D C:\Windows\rescache
2016-04-01 00:35 - 2014-06-23 11:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-01 00:26 - 2015-06-27 22:13 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA.job
2016-04-01 00:08 - 2014-06-12 21:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-31 16:25 - 2015-06-27 22:13 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core.job
2016-03-31 00:15 - 2014-06-06 16:11 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\vlc
2016-03-30 13:06 - 2010-12-21 17:29 - 00710272 _____ C:\Windows\system32\perfh007.dat
2016-03-30 13:06 - 2010-12-21 17:29 - 00154570 _____ C:\Windows\system32\perfc007.dat
2016-03-30 13:06 - 2009-07-14 08:13 - 01649790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-30 13:06 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-03-29 21:28 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\TAPI
2016-03-29 15:01 - 2014-06-18 19:07 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-29 14:30 - 2014-06-06 15:16 - 00000000 ____D C:\Users\Sinan\AppData\Local\VirtualStore
2016-03-29 13:07 - 2009-07-14 07:45 - 00470048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 13:03 - 2014-06-06 15:14 - 00128040 _____ C:\Users\Sinan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-29 12:58 - 2014-06-06 16:07 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\BitTorrent
2016-03-25 23:54 - 2014-06-06 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 01:55 - 2015-04-05 00:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 01:55 - 2015-04-05 00:03 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 01:08 - 2014-06-12 21:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-24 01:08 - 2014-06-06 16:02 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 01:08 - 2014-06-06 16:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-21 18:35 - 2014-06-07 16:35 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Dropbox
2016-03-19 01:33 - 2014-06-07 12:48 - 01624070 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-10 01:14 - 2014-06-05 17:39 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 01:07 - 2014-06-05 17:39 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 01:06 - 2014-12-12 02:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-03 11:00 - 2014-06-07 14:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-03 10:59 - 2014-06-07 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-03 01:20 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
2016-03-02 17:21 - 2014-06-06 15:13 - 00000000 ____D C:\Users\Sinan
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-03-29 13:05 - 2016-03-29 13:05 - 0005120 _____ () C:\Users\Sinan\AppData\Roaming\GiftBag.db
2015-09-26 00:08 - 2015-09-26 00:08 - 0000045 _____ () C:\Users\Sinan\AppData\Roaming\WB.CFG
2014-11-01 13:42 - 2014-11-01 13:53 - 0005632 _____ () C:\Users\Sinan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-06 16:57 - 2016-01-06 19:55 - 0007590 _____ () C:\Users\Sinan\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Sinan\AppData\Local\Temp\avgnt.exe
C:\Users\Sinan\AppData\Local\Temp\libeay32.dll
C:\Users\Sinan\AppData\Local\Temp\msvcr120.dll
C:\Users\Sinan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 11:19
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Sinan (2016-04-01 01:11:33)
Gestartet von D:\Documents\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-06-06 12:13:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4237310255-3682870643-3950776913-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4237310255-3682870643-3950776913-1002 - Limited - Enabled)
Gast (S-1-5-21-4237310255-3682870643-3950776913-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4237310255-3682870643-3950776913-1004 - Limited - Enabled)
Sinan (S-1-5-21-4237310255-3682870643-3950776913-1000 - Administrator - Enabled) => C:\Users\Sinan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Baldur's Gate II: Enhanced Edition (HKLM-x32\...\QmFsZHVyc0dhdGVJSUVuaGFuY2VkRWRpdGlvbg==_is1) (Version: 1 - )
BitTorrent (HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\BitTorrent) (Version: 7.9.5.41866 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{CF0D492B-12F2-40B0-AF33-0F1BAA0BEF37}) (Version: 2.28.0 - Kovid Goyal)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2400 series Benutzerregistrierung (HKLM-x32\...\Canon MG2400 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
DawnOfWar (HKLM-x32\...\InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ)
DawnOfWar (x32 Version: 1.00.00000 - THQ) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
EAX(tm) Unified (SHELL) (HKLM-x32\...\EAX(tm) Unified (SHELL)) (Version: - )
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.5.15.1211 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Mozilla Thunderbird 38.7.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.7.0 (x86 en-US)) (Version: 38.7.0 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Lite (HKLM-x32\...\Nero7Lite_is1) (Version: 7.11.10.0 - UpdatePack.nl)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PhotoShowExpress (x32 Version: 2.0.028 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.02.00 - Samsung Electronics Co., Ltd.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{6A07C77C-E4C9-422B-9B36-AD9E5156B0BA}) (Version: 2.2.3.0 - Husdawg, LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WildTangent-Spiele (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
电脑管家11.4 (HKLM-x32\...\QQPCMgr) (Version: 11.4.17347.218 - 腾讯科技(深圳)有限公司) <==== ACHTUNG
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {012CCAFA-A7C9-40FE-B88C-97169641CD9D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {03A7A24A-2D7E-453E-B14C-2EDA768A0590} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
Task: {0AA1318D-3AE5-4E2D-94F6-5CCEEE2E39D0} - System32\Tasks\{943DABAE-CF92-459D-8A46-530487D58B3B} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fd:\games\Uninst.isu
Task: {146728C0-2286-4250-9DB0-BE6EA803BC8C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27] (Dropbox, Inc.)
Task: {18714D5E-4028-4701-AF9B-4DB90D9CDE9A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27] (Dropbox, Inc.)
Task: {1BCDC67D-8CFC-4E8E-BB2C-AAE69EAF866F} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2015-11-30] (DivX, LLC)
Task: {52594208-A481-4FDD-974D-9AAA8C50E549} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {7673AD99-4B11-4A68-9C8A-358B964B608B} - System32\Tasks\{99976E2D-25EB-41E2-A30D-4200FFB6EEC2} => D:\Games\warhammer\Warhammer.exe
Task: {95DDBCDA-B2CA-49EF-9AA7-188C7BFA86F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-25] (Google Inc.)
Task: {9F4ED415-9BA9-4697-8552-9D7021874AC0} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {AACA7A20-9F20-4240-B2B7-6418749EB847} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {CB2084EE-EF50-4C90-88B2-5CD2B0B2A06B} - System32\Tasks\{AA669219-1160-4DF1-A49C-6C151B831A20} => pcalua.exe -a D:\Games\SpellForce\Register\Bonus.exe -d D:\Games\SPELLF~1\Register
Task: {CCF8BD27-FCAE-420E-9429-011562FFF5C3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {CD53EB52-1324-4037-BA21-1AEC65AE8511} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-25] (Google Inc.)
Task: {DB97873C-6D71-49F8-A77C-F50B0AF61824} - System32\Tasks\{C0F2B3C4-D032-4654-AB4C-42EEA2B5DB8F} => pcalua.exe -a H:\AutoPlay.exe -d H:\
Task: {EBA6D2D1-8ABB-48B0-8038-460D36EC8B8D} - System32\Tasks\{3217B88F-8C19-480D-9DE5-68022B47F2F0} => pcalua.exe -a D:\Games\winter\AutoPlay.exe -d D:\Games\winter
Task: {FB9804BA-2006-403A-9A43-41B5755ABEE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core.job => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA.job => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-11 21:18 - 2011-04-11 08:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2012-03-22 23:11 - 2012-03-22 23:11 - 00244944 _____ () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
2015-10-11 21:18 - 2013-03-18 17:16 - 01353728 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\spe__du.dll
2015-02-21 16:01 - 2015-12-11 02:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2010-12-21 17:06 - 2010-08-12 03:19 - 00056544 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-12-21 17:06 - 2010-08-12 03:19 - 00113888 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-12-21 17:06 - 2010-08-12 03:19 - 00126176 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 193.231.252.1 - 213.154.124.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3042B909-E278-49C1-86A2-9C7C720AC9F9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0FF67F89-B0F2-459B-9036-029C958BF89F}] => (Allow) LPort=2869
FirewallRules: [{0B362937-E355-4146-A2D2-C846647A6A10}] => (Allow) LPort=1900
FirewallRules: [{41709D0C-2556-4C18-A02E-45C2E5A3C987}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F0D84185-4A54-42D8-B97F-257C883CF60D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2F78F74C-2940-44A9-BCF6-020963BBFF5D}] => (Allow) C:\Users\Sinan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{63616887-0307-43B1-98F3-A4573DEFC499}] => (Allow) C:\Users\Sinan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E5E8D5B4-AD81-43AB-8250-C0661BD7EFE4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BCB7AAAB-2CE5-400E-819E-2253AAB5785A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E92AA80-AB8F-4AAE-A35F-8C844B5F2F00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6721DE09-F262-4E74-8AD3-AAE0D85475BE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D600CE19-5FA9-4196-A2D3-5F64C5F690B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B2B78BB1-12D7-4053-B22E-2E05CA657C06}] => (Allow) C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1543C296-47CF-4D5C-9FD2-B25FD6B5701A}] => (Allow) C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E5C6F7FF-9891-4F7F-B345-0F2C62EFBFD6}C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E46504CF-A9F9-4E53-9192-1393A79CD4FB}C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{39B63133-888A-4CAD-BFCE-4F45AE9ADF2A}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [UDP Query User{D04F1DD7-C11B-433F-BB89-D65BD4C9AB2E}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [TCP Query User{9F8E7EEC-AE41-4F93-905F-BEFF4EF56F07}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [UDP Query User{2CEBB885-4EDF-4648-AD49-258B4C176AC9}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [TCP Query User{5682D2BB-6AAB-4821-BE6F-CAAD15E71A1B}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{A8CB0490-5DF0-428A-9E8C-09361D31123C}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{562B8869-B9F5-44CA-9238-9B5D7B81C897}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D91E51A-97F7-4A1B-8C9E-5E86401E10DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{991616A3-386A-46B3-AB85-062C38382F49}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{978F8116-ACF9-40BB-83F0-E0BD5BFC9103}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FDF10FF1-45C5-4EAB-BA74-9C668A3059CF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0E2FFE2-C1F5-442B-B9D8-7DA9D66A89A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{666805BC-7A42-4A17-8442-DC9C16DF669D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E3FC3DB8-E1FF-4ABD-8B2F-FF745E04F709}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{839051C4-04E4-461F-BF4C-3FD686C1A093}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{71551989-ADDC-4E91-B45B-7291CF4976E6}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{1217F1AD-FAC1-41EB-9FE0-C30879C141D6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{A0C4C207-9604-48CE-B45B-C43E8D0E1FA1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DDFDF9DA-4E61-4935-89D9-B68A7274C36B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AF587CA7-D39F-4646-B16B-7C5D41D9D54D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66FD9807-7629-47F6-946A-7F577782A394}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8026C3C6-C330-41C2-A492-6D74ED4B7535}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{49E214AF-0D7B-478F-8EC1-26613DD26E10}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E0C9FB51-BABE-405E-B20E-FF19A94D70EB}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B419B476-959A-40D2-92B0-D94D87F6E0FC}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2F83D292-5B02-4F1D-9ECC-7114EBDBA71C}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{656C236F-EF87-46E6-9EFA-C433CFAF4586}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{DDAFF662-EC99-4169-878E-5BB8A44678D1}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{885FC3D9-CF1D-438D-BD81-5B4051833732}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{B4C8D20B-EE9A-452B-9E17-AC79190FB3E6}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{1CC3F87D-6C96-484B-AA37-954EF579A1E5}C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe] => (Block) C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe
FirewallRules: [UDP Query User{A1058BEE-749F-422E-9328-9A6B835E1528}C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe] => (Block) C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe
FirewallRules: [{B373EF8F-54F2-4941-BCB3-267DE8D01171}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
31-03-2016 14:33:14 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.0.2.1012
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: SRepairDrv
Description: SRepairDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SRepairDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: TsDefenseBt
Description: TsDefenseBt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TSDefenseBt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: TsNetHlpX64.sys
Description: TsNetHlpX64.sys
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tsnethlpx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/31/2016 02:33:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 02:08:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 01:56:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 01:49:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 01:47:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 01:41:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/30/2016 07:28:45 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/29/2016 09:25:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/29/2016 03:38:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/29/2016 03:38:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Systemfehler:
=============
Error: (04/01/2016 12:57:35 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/01/2016 12:57:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
TSDefenseBt
Error: (04/01/2016 12:56:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/01/2016 12:56:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/01/2016 12:56:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/01/2016 12:56:23 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942402.
Error: (04/01/2016 12:55:23 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst CSR Bluetooth Audio-Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (03/31/2016 02:29:37 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (03/31/2016 02:28:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/31/2016 02:28:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 2934.7 MB
Verfügbarer physikalischer RAM: 1341.98 MB
Summe virtueller Speicher: 5867.61 MB
Verfügbarer virtueller Speicher: 3661.69 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:83.05 GB) (Free:5.85 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:200.29 GB) (Free:11.89 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 62B71F54)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=83 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=200.3 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
01.04.2016, 13:15
| #11 |
| /// Malwareteam | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Noch immer einiges zu tun: Schritt: 1 Download von  ZOEK (by Smeenk)
Schritt: 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Schritt: 3 Öffne wieder FRST und kopiere das folgende in das weiße Feld: Code:
ATTFilter 电脑管家;Tencent
Es wird eine Search.txt erstellt werden, bitte poste diese wieder hier.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
02.04.2016, 07:56
| #12 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Hier ist die zeok log.datei Code:
ATTFilter Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Sinan on 02.04.2016 at 0:47:08,71.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documents\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
02.04.2016 00:51:10 Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\Winamp deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\Program Files\dBpoweramp deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\Sinan\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Sinan\AppData\Local\calibre-cache deleted successfully
C:\Users\Sinan\AppData\Local\EmieSiteList deleted successfully
C:\Users\Sinan\AppData\Local\EmieUserList deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0} deleted successfully
HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TSDefenseBt deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TSDefenseBt deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Sinan\AppData\Local\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.facebook.com/|hxxp://www.youtube.com/?gl=DE&hl=de");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Sinan\AppData\Local\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js:
Deleted from C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js:
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\prefs.js:
Deleted from C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js:
user_pref("browser.search.defaultenginename", "Amazon.com");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js:
Deleted from C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js:
user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser//?ts=AHEpCH8oBHMlAk..&v=20160323&uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&mode=ffseng");
user_pref("browser.search.defaultenginename", "yessearches");
user_pref("browser.search.defaultenginename.US", "data:text/plain,browser.search.defaultenginename.US=yessearches");
user_pref("browser.search.selectedEngine", "yessearches");
user_pref("keyword.URL", "hxxp://www.yessearches.com/chrome.php?uid=405D5CC55CB57FD4F1E83AA55441E45C&ptid=wak&ts=AHEpCH8oBHMlAk..&v=20160323&mode=ffexttoolbar&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js:
Deleted from C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js:
user_pref("browser.startup.homepage", "about:newtab");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\prefs.js:
Deleted from C:\Users\Sinan\AppData\Roaming\Thunderbird\Profiles\2e2fadrb.default\prefs.js:
Added to C:\Users\Sinan\AppData\Roaming\Thunderbird\Profiles\2e2fadrb.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Sinan\AppData\Local\Mozilla\Firefox\Profiles\yoz294ne.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__0114_.backup
ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__0114_.backup
ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__0114_.backup
ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__0114_.backup
ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__0114_.backup
ProfilePath: C:\Users\Sinan\AppData\Roaming\Thunderbird\Profiles\2e2fadrb.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__0114_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Winamp not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\Users\Sinan\AppData\Roaming\calibre deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Tencent deleted
C:\Users\Sinan\AppData\Roaming\GiftBag.db deleted
C:\Users\Sinan\AppData\Roaming\WB.CFG deleted
C:\PROGRA~3\TXQMPC deleted
C:\PROGRA~3\Tencent deleted
C:\PROGRA~3\{04A07C23-5821-4F25-BF46-1188636AE238} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Public\Documents\dmp deleted
C:\windows\SysNative\drivers\TFsFltX64.sys deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Sinan\AppData\Local\Mozilla\Firefox\Profiles\yoz294ne.default\foxydeal.sqlite deleted
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\extensions\staged deleted
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\foxydeal.json deleted
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\foxydeal.json deleted
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\foxydeal.sqlite deleted
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\foxydeal.json deleted
C:\Users\Sinan\AppData\Roaming\Thunderbird\Profiles\2e2fadrb.default\extensions\staged deleted
C:\Users\Sinan\AppData\Local\Mozilla\Firefox\Profiles\yoz294ne.default\Yahoo! Inc deleted
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Yahoo! Inc deleted
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\Yahoo! Inc deleted
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Yahoo! Inc deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Sinan\AppData\Roaming\Thunderbird\Profiles\2e2fadrb.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Sinan\AppData\Local\Mozilla\Firefox\Profiles\yoz294ne.default
- Undetermined - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\extensions\ich@maltegoetz.de
- Undetermined - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
- ProxTube - Gesperrte YouTube Videos entsperren - %ProfilePath%\extensions\ich@maltegoetz.de
- LeechBlock - %ProfilePath%\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
- Deutsches Wrterbuch - %ProfilePath%\extensions\de-DE@dictionaries.addons.mozilla.org
- Multi YouTube mp3 - %ProfilePath%\extensions\d.lehr@chello.at.xpi
- Undetermined - %ProfilePath%\extensions\ich@maltegoetz.de.xpi
- LeechBlock - %ProfilePath%\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
- Deutsches Wrterbuch - %ProfilePath%\extensions\de-DE@dictionaries.addons.mozilla.org
- Multi YouTube mp3 - %ProfilePath%\extensions\d.lehr@chello.at.xpi
- Undetermined - %ProfilePath%\extensions\ich@maltegoetz.de.xpi
- LeechBlock - %ProfilePath%\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default
- Deutsches Wrterbuch - %ProfilePath%\extensions\de-DE@dictionaries.addons.mozilla.org
- Multi YouTube mp3 - %ProfilePath%\extensions\d.lehr@chello.at.xpi
- Undetermined - %ProfilePath%\extensions\ich@maltegoetz.de.xpi
- LeechBlock - %ProfilePath%\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Sinan\AppData\Roaming\Thunderbird\Profiles\2e2fadrb.default
- Deutsches Wrterbuch - %ProfilePath%\extensions\de-DE@dictionaries.addons.mozilla.org
- Deutsch DE Language Pack - %ProfilePath%\extensions\langpack-de@thunderbird.mozilla.org.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
7C67580DFE143EF19E7418B0F054B5F6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll - Shockwave Flash
Profilepath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
7C67580DFE143EF19E7418B0F054B5F6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll - Shockwave Flash
Profilepath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default
7C67580DFE143EF19E7418B0F054B5F6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll - Shockwave Flash
==== Chromium Look ======================
AdBlock - Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} - hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
HKLM\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} - No_Url_Value
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - hxxp://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{1F9A24E2-0FEF-4961-AAAF-545084DE2E3B} - https://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} - No_Url_Value
==== Reset Google Chrome ======================
C:\Users\Sinan\AppData\Local\Clover\User Data\Default\Preferences was reset successfully
C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesgbak was reset successfully
C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Web Datagbak was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sinan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sinan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Sinan\AppData\Local\Mozilla\Firefox\Profiles\41A66E7E5EE1\cache2 emptied successfully
C:\Users\Sinan\AppData\Local\Mozilla\Firefox\Profiles\yoz294ne.default\cache2 emptied successfully
C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=200 folders=52 50475314 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sinan\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Sinan\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 02.04.2016 at 8:55:08,47 ======================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Sinan (Administrator) auf SINAN-PC (02-04-2016 09:51:36)
Gestartet von D:\Documents\Desktop
Geladene Profile: Sinan (Verfügbare Profile: Sinan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-18] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [837640 2015-12-08] (DivX, LLC)
HKLM-x32\...\Run: [ic-0.3bd06eee758598.exe -start] => C:\Users\Sinan\AppData\Local\Temp\9762807\ic-0.3bd06eee758598.exe -start <===== ACHTUNG
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE" /regrun /qqrepair
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [Dropbox Update] => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-27] (Dropbox, Inc.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: H - H:\AutoPlay.exe
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: {8093af26-b829-11e5-b28e-f04da2bf283c} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-05] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{7E4C64A2-3924-4DBB-8316-0C684C56318B}: [DhcpNameServer] 62.217.213.70 62.217.213.71
Tcpip\..\Interfaces\{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}: [DhcpNameServer] 193.231.252.1 213.154.124.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {1F9A24E2-0FEF-4961-AAAF-545084DE2E3B} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-19] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-12-02] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\englische-ergebnisse.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\gmx-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\lastminute.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\webde-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\englische-ergebnisse.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\gmx-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\lastminute.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\webde-suche.xml [2012-10-04]
FF Extension: LeechBlock - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-09-25]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-08] [ist nicht signiert]
FF Extension: Multi YouTube mp3 - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\d.lehr@chello.at.xpi [2015-06-08]
FF Extension: German Dictionary - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-02-10]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: LeechBlock - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-09-25]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Multi YouTube mp3 - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\d.lehr@chello.at.xpi [2015-06-08]
FF Extension: German Dictionary - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-03-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (AdBlock) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-29]
CHR Extension: (Gmail) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-03] (Dell Inc.) [Datei ist nicht signiert]
S2 QQRepair139c; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair139c" [X]
S2 SDScannerService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [X]
S2 SDUpdateService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [X]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\Windows\System32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\Windows\System32\DRIVERS\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhidmini; C:\Windows\System32\DRIVERS\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [585944 2015-01-20] (Realtek Semiconductor Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [14368 1968-04-08] () [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-07] (Duplex Secure Ltd.)
U3 ah9uoren; C:\Windows\System32\Drivers\ah9uoren.sys [0 ] (Intel Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-02 01:26 - 2016-04-02 00:46 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-02 00:46 - 2016-04-02 01:19 - 00000000 ____D C:\zoek_backup
2016-03-31 14:40 - 2016-04-01 01:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-31 14:38 - 2016-04-01 00:59 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-31 14:38 - 2016-03-31 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-31 14:38 - 2016-03-31 14:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-31 14:38 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-31 14:38 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-31 14:38 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-31 14:20 - 2016-03-31 14:24 - 00000000 ____D C:\AdwCleaner
2016-03-31 13:39 - 2016-03-31 13:39 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-03-31 13:39 - 2016-03-31 13:39 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-03-30 13:48 - 2016-03-30 13:57 - 00229914 _____ C:\TDSSKiller.3.1.0.9_30.03.2016_13.48.17_log.txt
2016-03-30 07:33 - 2016-04-02 09:51 - 00000000 ____D C:\FRST
2016-03-29 13:27 - 2016-03-29 13:27 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-29 13:20 - 2016-03-29 13:20 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-03-29 13:19 - 2016-04-01 00:59 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-03-29 13:19 - 2016-03-31 14:02 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-29 13:19 - 2016-03-31 14:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-29 13:19 - 2016-03-31 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-29 13:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-03-29 13:05 - 2016-03-29 13:05 - 00000000 ____D C:\Windows\SysWOW64\tab
2016-03-29 13:05 - 2016-03-29 13:05 - 00000000 ____D C:\Windows\SysWOW64\hover
2016-03-29 13:01 - 2016-03-29 13:01 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-29 13:01 - 2016-03-29 13:01 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-21 19:14 - 2016-03-25 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-21 18:34 - 2016-03-21 18:34 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-16 22:57 - 2016-03-16 22:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-09 20:31 - 2016-02-12 21:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 20:31 - 2016-02-12 21:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 20:31 - 2016-02-12 21:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 20:31 - 2016-02-12 21:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 20:31 - 2016-02-12 21:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 20:31 - 2016-02-12 21:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 20:31 - 2016-02-12 21:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 20:31 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 20:31 - 2016-02-12 21:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 20:31 - 2016-02-12 21:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 20:31 - 2016-02-12 21:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 20:31 - 2016-02-12 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 20:31 - 2016-02-12 21:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 20:31 - 2016-02-09 12:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 20:31 - 2016-02-09 09:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 20:31 - 2016-02-09 09:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 20:31 - 2016-02-09 00:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 20:31 - 2016-02-08 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 20:31 - 2016-02-08 23:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 20:31 - 2016-02-08 23:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 20:31 - 2016-02-08 23:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 20:31 - 2016-02-08 23:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 20:31 - 2016-02-08 23:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 20:31 - 2016-02-08 23:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 20:31 - 2016-02-08 23:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 20:31 - 2016-02-08 23:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 20:31 - 2016-02-08 23:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 20:31 - 2016-02-08 23:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 20:31 - 2016-02-08 23:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 20:31 - 2016-02-08 23:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 20:31 - 2016-02-08 23:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 20:31 - 2016-02-08 23:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 20:31 - 2016-02-08 23:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 20:31 - 2016-02-08 23:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 20:31 - 2016-02-08 23:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 20:31 - 2016-02-08 23:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 20:31 - 2016-02-08 23:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 20:31 - 2016-02-08 23:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 20:31 - 2016-02-08 22:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 20:31 - 2016-02-08 22:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 20:31 - 2016-02-08 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 20:31 - 2016-02-08 21:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 20:31 - 2016-02-08 21:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 20:31 - 2016-02-08 21:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 20:31 - 2016-02-08 21:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 20:31 - 2016-02-08 21:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 20:31 - 2016-02-08 21:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 20:31 - 2016-02-08 21:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 20:31 - 2016-02-08 21:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 20:31 - 2016-02-08 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 20:31 - 2016-02-08 21:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 20:31 - 2016-02-08 20:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 20:31 - 2016-02-08 20:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 20:31 - 2016-02-08 20:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 20:31 - 2016-02-08 20:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 20:31 - 2016-02-08 20:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 20:31 - 2016-02-08 20:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 20:31 - 2016-02-08 20:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 20:31 - 2016-02-08 20:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 20:31 - 2016-02-08 19:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 20:31 - 2016-02-04 20:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 20:31 - 2016-02-03 21:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 20:31 - 2016-02-03 21:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 20:31 - 2016-02-03 21:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 20:31 - 2016-02-03 21:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 20:31 - 2016-02-03 21:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 20:31 - 2016-01-11 22:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 20:31 - 2015-11-19 17:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 20:30 - 2016-02-11 21:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 20:30 - 2016-02-11 21:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 20:30 - 2016-02-11 21:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 20:30 - 2016-02-11 21:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 20:30 - 2016-02-11 21:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 20:30 - 2016-02-11 21:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 20:30 - 2016-02-11 21:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 20:30 - 2016-02-11 21:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 20:30 - 2016-02-11 21:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 20:30 - 2016-02-11 21:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 20:30 - 2016-02-11 20:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 20:30 - 2016-02-11 20:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 20:30 - 2016-02-11 20:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 20:30 - 2016-02-11 20:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 20:30 - 2016-02-11 20:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 20:30 - 2016-02-11 20:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 20:30 - 2016-02-11 20:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 20:30 - 2016-02-11 20:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 20:30 - 2016-02-11 20:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:30 - 2016-02-08 23:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 20:30 - 2016-02-08 23:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 20:30 - 2016-02-08 23:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 20:30 - 2016-02-08 21:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 20:30 - 2016-02-08 21:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 20:30 - 2016-02-08 21:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 20:30 - 2016-02-08 21:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 20:30 - 2016-02-08 21:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 20:30 - 2016-02-08 21:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 20:30 - 2016-02-08 21:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 20:30 - 2016-02-08 21:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 20:30 - 2016-02-08 20:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 20:30 - 2016-02-08 20:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 20:30 - 2016-02-08 20:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 20:30 - 2016-02-08 20:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 20:30 - 2016-02-08 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 20:30 - 2016-02-08 20:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 20:29 - 2016-02-19 22:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 20:29 - 2016-02-19 21:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 20:29 - 2016-02-19 17:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 20:29 - 2016-02-11 17:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 20:29 - 2016-02-09 12:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 20:29 - 2016-02-09 12:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 20:29 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 20:29 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 20:29 - 2016-02-09 12:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 20:29 - 2016-02-09 12:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 20:29 - 2016-02-09 12:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 20:29 - 2016-02-09 12:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 20:29 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 20:29 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 20:29 - 2016-02-05 21:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 20:29 - 2016-02-05 21:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 20:29 - 2016-02-05 21:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 20:29 - 2016-02-05 21:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 20:29 - 2016-02-05 21:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 20:29 - 2016-02-05 21:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 20:29 - 2016-02-05 21:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 20:29 - 2016-02-05 20:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 20:29 - 2016-02-05 20:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 20:29 - 2016-02-05 20:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 20:29 - 2016-02-05 04:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 20:29 - 2016-02-04 21:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-02 09:35 - 2014-06-23 11:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-02 09:25 - 2015-06-27 22:13 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA.job
2016-04-02 09:14 - 2009-07-14 07:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-02 09:14 - 2009-07-14 07:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-02 09:08 - 2014-06-12 21:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-02 08:53 - 2014-06-23 11:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-02 08:53 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-02 00:39 - 2014-06-06 16:11 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\vlc
2016-04-01 00:59 - 2016-01-25 15:02 - 00001014 _____ C:\Users\Public\Desktop\Dark Crusade.lnk
2016-04-01 00:59 - 2014-06-27 21:54 - 00000583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baldur's Gate II Enhanced Edition.lnk
2016-04-01 00:59 - 2014-06-23 11:45 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-01 00:59 - 2014-06-08 10:42 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-01 00:59 - 2014-06-07 16:12 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-01 00:59 - 2014-06-07 16:04 - 00002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-01 00:59 - 2014-06-06 16:05 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-04-01 00:59 - 2014-06-06 16:02 - 00001889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-04-01 00:59 - 2010-12-21 15:38 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-01 00:59 - 2010-12-21 15:38 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-01 00:59 - 2009-07-14 07:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-01 00:58 - 2016-02-26 14:00 - 00000811 _____ C:\Users\Sinan\Desktop\SpellForce - Platinum Edition.lnk
2016-04-01 00:58 - 2014-06-06 16:07 - 00000855 _____ C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-04-01 00:58 - 2014-06-06 15:16 - 00001427 _____ C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-01 00:58 - 2009-07-14 08:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-01 00:58 - 2009-07-14 07:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-01 00:53 - 2015-10-15 21:06 - 00000000 ____D C:\Windows\rescache
2016-03-31 16:25 - 2015-06-27 22:13 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core.job
2016-03-30 13:06 - 2010-12-21 17:29 - 00710272 _____ C:\Windows\system32\perfh007.dat
2016-03-30 13:06 - 2010-12-21 17:29 - 00154570 _____ C:\Windows\system32\perfc007.dat
2016-03-30 13:06 - 2009-07-14 08:13 - 01649790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-30 13:06 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-03-29 21:28 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\TAPI
2016-03-29 15:01 - 2014-06-18 19:07 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-29 14:30 - 2014-06-06 15:16 - 00000000 ____D C:\Users\Sinan\AppData\Local\VirtualStore
2016-03-29 13:07 - 2009-07-14 07:45 - 00470048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 13:03 - 2014-06-06 15:14 - 00128040 _____ C:\Users\Sinan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-29 12:58 - 2014-06-06 16:07 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\BitTorrent
2016-03-25 23:54 - 2014-06-06 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 01:55 - 2015-04-05 00:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 01:55 - 2015-04-05 00:03 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 01:08 - 2014-06-12 21:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-24 01:08 - 2014-06-06 16:02 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 01:08 - 2014-06-06 16:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-21 18:35 - 2014-06-07 16:35 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Dropbox
2016-03-19 01:33 - 2014-06-07 12:48 - 01624070 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-10 01:14 - 2014-06-05 17:39 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 01:07 - 2014-06-05 17:39 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 01:06 - 2014-12-12 02:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-03 10:59 - 2014-06-07 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-03 01:20 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-01 13:42 - 2014-11-01 13:53 - 0005632 _____ () C:\Users\Sinan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-06 16:57 - 2016-01-06 19:55 - 0007590 _____ () C:\Users\Sinan\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Sinan\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 11:19
==================== Ende von FRST.txt ============================
|
|
02.04.2016, 07:58
| #13 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen hier das additional Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Sinan (2016-04-02 09:52:58)
Gestartet von D:\Documents\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-06-06 12:13:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4237310255-3682870643-3950776913-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4237310255-3682870643-3950776913-1002 - Limited - Enabled)
Gast (S-1-5-21-4237310255-3682870643-3950776913-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4237310255-3682870643-3950776913-1004 - Limited - Enabled)
Sinan (S-1-5-21-4237310255-3682870643-3950776913-1000 - Administrator - Enabled) => C:\Users\Sinan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Baldur's Gate II: Enhanced Edition (HKLM-x32\...\QmFsZHVyc0dhdGVJSUVuaGFuY2VkRWRpdGlvbg==_is1) (Version: 1 - )
BitTorrent (HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\BitTorrent) (Version: 7.9.5.41866 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{CF0D492B-12F2-40B0-AF33-0F1BAA0BEF37}) (Version: 2.28.0 - Kovid Goyal)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2400 series Benutzerregistrierung (HKLM-x32\...\Canon MG2400 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
DawnOfWar (HKLM-x32\...\InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ)
DawnOfWar (x32 Version: 1.00.00000 - THQ) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
EAX(tm) Unified (SHELL) (HKLM-x32\...\EAX(tm) Unified (SHELL)) (Version: - )
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.5.15.1211 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Mozilla Thunderbird 38.7.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.7.0 (x86 en-US)) (Version: 38.7.0 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Lite (HKLM-x32\...\Nero7Lite_is1) (Version: 7.11.10.0 - UpdatePack.nl)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PhotoShowExpress (x32 Version: 2.0.028 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.02.00 - Samsung Electronics Co., Ltd.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{6A07C77C-E4C9-422B-9B36-AD9E5156B0BA}) (Version: 2.2.3.0 - Husdawg, LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WildTangent-Spiele (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
电脑管家11.4 (HKLM-x32\...\QQPCMgr) (Version: 11.4.17347.218 - 腾讯科技(深圳)有限公司) <==== ACHTUNG
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {012CCAFA-A7C9-40FE-B88C-97169641CD9D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {03A7A24A-2D7E-453E-B14C-2EDA768A0590} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
Task: {0AA1318D-3AE5-4E2D-94F6-5CCEEE2E39D0} - System32\Tasks\{943DABAE-CF92-459D-8A46-530487D58B3B} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fd:\games\Uninst.isu
Task: {146728C0-2286-4250-9DB0-BE6EA803BC8C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27] (Dropbox, Inc.)
Task: {18714D5E-4028-4701-AF9B-4DB90D9CDE9A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27] (Dropbox, Inc.)
Task: {1BCDC67D-8CFC-4E8E-BB2C-AAE69EAF866F} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2015-11-30] (DivX, LLC)
Task: {52594208-A481-4FDD-974D-9AAA8C50E549} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {7673AD99-4B11-4A68-9C8A-358B964B608B} - System32\Tasks\{99976E2D-25EB-41E2-A30D-4200FFB6EEC2} => D:\Games\warhammer\Warhammer.exe
Task: {95DDBCDA-B2CA-49EF-9AA7-188C7BFA86F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-25] (Google Inc.)
Task: {9F4ED415-9BA9-4697-8552-9D7021874AC0} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {AACA7A20-9F20-4240-B2B7-6418749EB847} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {CB2084EE-EF50-4C90-88B2-5CD2B0B2A06B} - System32\Tasks\{AA669219-1160-4DF1-A49C-6C151B831A20} => pcalua.exe -a D:\Games\SpellForce\Register\Bonus.exe -d D:\Games\SPELLF~1\Register
Task: {CCF8BD27-FCAE-420E-9429-011562FFF5C3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {CD53EB52-1324-4037-BA21-1AEC65AE8511} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-25] (Google Inc.)
Task: {DB97873C-6D71-49F8-A77C-F50B0AF61824} - System32\Tasks\{C0F2B3C4-D032-4654-AB4C-42EEA2B5DB8F} => pcalua.exe -a H:\AutoPlay.exe -d H:\
Task: {EBA6D2D1-8ABB-48B0-8038-460D36EC8B8D} - System32\Tasks\{3217B88F-8C19-480D-9DE5-68022B47F2F0} => pcalua.exe -a D:\Games\winter\AutoPlay.exe -d D:\Games\winter
Task: {FB9804BA-2006-403A-9A43-41B5755ABEE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core.job => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA.job => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-11 21:18 - 2011-04-11 08:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2012-03-22 23:11 - 2012-03-22 23:11 - 00244944 _____ () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
2015-10-11 21:18 - 2013-03-18 17:16 - 01353728 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\spe__du.dll
2015-02-21 16:01 - 2015-12-11 02:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-02-21 16:02 - 2015-12-11 02:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2010-12-21 17:06 - 2010-08-12 03:19 - 00056544 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-12-21 17:06 - 2010-08-12 03:19 - 00113888 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-12-21 17:06 - 2010-08-12 03:19 - 00126176 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 193.231.252.1 - 213.154.124.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3042B909-E278-49C1-86A2-9C7C720AC9F9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0FF67F89-B0F2-459B-9036-029C958BF89F}] => (Allow) LPort=2869
FirewallRules: [{0B362937-E355-4146-A2D2-C846647A6A10}] => (Allow) LPort=1900
FirewallRules: [{41709D0C-2556-4C18-A02E-45C2E5A3C987}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F0D84185-4A54-42D8-B97F-257C883CF60D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2F78F74C-2940-44A9-BCF6-020963BBFF5D}] => (Allow) C:\Users\Sinan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{63616887-0307-43B1-98F3-A4573DEFC499}] => (Allow) C:\Users\Sinan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E5E8D5B4-AD81-43AB-8250-C0661BD7EFE4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BCB7AAAB-2CE5-400E-819E-2253AAB5785A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E92AA80-AB8F-4AAE-A35F-8C844B5F2F00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6721DE09-F262-4E74-8AD3-AAE0D85475BE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D600CE19-5FA9-4196-A2D3-5F64C5F690B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B2B78BB1-12D7-4053-B22E-2E05CA657C06}] => (Allow) C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1543C296-47CF-4D5C-9FD2-B25FD6B5701A}] => (Allow) C:\Users\Sinan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E5C6F7FF-9891-4F7F-B345-0F2C62EFBFD6}C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E46504CF-A9F9-4E53-9192-1393A79CD4FB}C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sinan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{39B63133-888A-4CAD-BFCE-4F45AE9ADF2A}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [UDP Query User{D04F1DD7-C11B-433F-BB89-D65BD4C9AB2E}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [TCP Query User{9F8E7EEC-AE41-4F93-905F-BEFF4EF56F07}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [UDP Query User{2CEBB885-4EDF-4648-AD49-258B4C176AC9}D:\games\neuer ordner\blur nosteam\blur.exe] => (Allow) D:\games\neuer ordner\blur nosteam\blur.exe
FirewallRules: [TCP Query User{5682D2BB-6AAB-4821-BE6F-CAAD15E71A1B}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{A8CB0490-5DF0-428A-9E8C-09361D31123C}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{562B8869-B9F5-44CA-9238-9B5D7B81C897}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D91E51A-97F7-4A1B-8C9E-5E86401E10DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{991616A3-386A-46B3-AB85-062C38382F49}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{978F8116-ACF9-40BB-83F0-E0BD5BFC9103}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FDF10FF1-45C5-4EAB-BA74-9C668A3059CF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0E2FFE2-C1F5-442B-B9D8-7DA9D66A89A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{666805BC-7A42-4A17-8442-DC9C16DF669D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E3FC3DB8-E1FF-4ABD-8B2F-FF745E04F709}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{839051C4-04E4-461F-BF4C-3FD686C1A093}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{71551989-ADDC-4E91-B45B-7291CF4976E6}C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sinan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{1217F1AD-FAC1-41EB-9FE0-C30879C141D6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{A0C4C207-9604-48CE-B45B-C43E8D0E1FA1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DDFDF9DA-4E61-4935-89D9-B68A7274C36B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AF587CA7-D39F-4646-B16B-7C5D41D9D54D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66FD9807-7629-47F6-946A-7F577782A394}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8026C3C6-C330-41C2-A492-6D74ED4B7535}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{49E214AF-0D7B-478F-8EC1-26613DD26E10}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E0C9FB51-BABE-405E-B20E-FF19A94D70EB}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B419B476-959A-40D2-92B0-D94D87F6E0FC}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2F83D292-5B02-4F1D-9ECC-7114EBDBA71C}C:\users\sinan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sinan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{656C236F-EF87-46E6-9EFA-C433CFAF4586}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{DDAFF662-EC99-4169-878E-5BB8A44678D1}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{885FC3D9-CF1D-438D-BD81-5B4051833732}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{B4C8D20B-EE9A-452B-9E17-AC79190FB3E6}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{1CC3F87D-6C96-484B-AA37-954EF579A1E5}C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe] => (Block) C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe
FirewallRules: [UDP Query User{A1058BEE-749F-422E-9328-9A6B835E1528}C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe] => (Block) C:\users\sinan\appdata\local\temp\9762807\download\minithunderplatform.exe
FirewallRules: [{B373EF8F-54F2-4941-BCB3-267DE8D01171}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
01-04-2016 23:15:53 Windows Update
02-04-2016 00:51:02 zoek.exe restore point
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: SRepairDrv
Description: SRepairDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SRepairDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: TsNetHlpX64.sys
Description: TsNetHlpX64.sys
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tsnethlpx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/02/2016 12:51:07 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (04/01/2016 11:15:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (04/01/2016 11:15:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (04/01/2016 10:56:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: STacSV64.exe, Version: 1.0.6289.0, Zeitstempel: 0x4c1ad990
Name des fehlerhaften Moduls: stapi64.dll, Version: 1.0.6289.0, Zeitstempel: 0x4c1ad8f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000036191
ID des fehlerhaften Prozesses: 0x3e4
Startzeit der fehlerhaften Anwendung: 0xSTacSV64.exe0
Pfad der fehlerhaften Anwendung: STacSV64.exe1
Pfad des fehlerhaften Moduls: STacSV64.exe2
Berichtskennung: STacSV64.exe3
Error: (03/31/2016 02:33:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 02:08:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 01:56:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 01:49:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 01:47:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (03/31/2016 01:41:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Systemfehler:
=============
Error: (04/02/2016 08:54:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/02/2016 08:53:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/02/2016 08:53:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/02/2016 08:53:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/02/2016 08:52:34 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst CSR Bluetooth Audio-Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (04/02/2016 01:14:32 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (04/02/2016 01:14:31 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (04/02/2016 01:14:30 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (04/02/2016 01:14:30 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (04/02/2016 01:14:29 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 2934.7 MB
Verfügbarer physikalischer RAM: 1363.64 MB
Summe virtueller Speicher: 5867.61 MB
Verfügbarer virtueller Speicher: 3656.68 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:83.05 GB) (Free:6.68 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:200.29 GB) (Free:11.89 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 62B71F54)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=83 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=200.3 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Sinan (2016-04-02 09:56:39)
Gestartet von D:\Documents\Desktop
Start-Modus: Normal
================== Registry-Suche: "电脑管家;Tencent" ===========
===================== Suchergebnis für "电脑管家" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr]
"DisplayName"="电脑管家11.4"
===================== Suchergebnis für "Tencent" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{35627C7C-DB28-4772-9A6F-7607FFCBF9FF}\1.0\0\win64]
""="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSWebMon64.dat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}\1.0\HELPDIR]
""="C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{35627C7C-DB28-4772-9A6F-7607FFCBF9FF}\1.0\0\win64]
""="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TSWebMon64.dat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}\1.0\HELPDIR]
""="C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.qq.qmchext]
""="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\com.qq.qmchext.json"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr]
"DisplayIcon"=""C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCMgr.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr]
"UninstallString"=""C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Uninst.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{365ADADE-814B-400C-877C-95E9F684BBEB}]
"DisplayIcon"="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Plugins\QQPCB1AndroidJmp\QQPhoneManager.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{365ADADE-814B-400C-877C-95E9F684BBEB}]
"MainExecutable"="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Plugins\QQPCB1AndroidJmp\QQPhoneManager.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant]
"path"="C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Tencent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Tencent\QQPCMgr]
"InstallDir"="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}\1.0\0\win32]
""="C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\1.0\0\win32]
""="C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TAOKERNELDRIVER\0000]
"DeviceDesc"="Tencent Auto Optimize Platform."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SRepairDrv]
"ImagePath"="\??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tsnethlpx64]
"ImagePath"="\??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TAOKERNELDRIVER\0000]
"DeviceDesc"="Tencent Auto Optimize Platform."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SRepairDrv]
"ImagePath"="\??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\tsnethlpx64]
"ImagePath"="\??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TAOKERNELDRIVER\0000]
"DeviceDesc"="Tencent Auto Optimize Platform."
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SRepairDrv]
"ImagePath"="\??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tsnethlpx64]
"ImagePath"="\??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys"
[HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apk]
"Progid"="TencentAndroidAssistant"
[HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Tencent\AndroidServer\1.0.0.512]
"InstallPath"="C:\Users\Sinan\AppData\Roaming\Tencent\AndroidServer\1.0.0.512"
[HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Tencent\QQPhoneManager]
"QQPCMgrPluginPath"="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Plugins\QQPCB1AndroidJmp"
[HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Tencent\QQPhoneManager]
"QQPCMgrPluginPath2"="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Plugins\QQPCB2AndroidJmp"
[HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Tencent\QQPhoneManager]
"InstallPath"="C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Plugins\QQPCB1AndroidJmp"
[HKEY_USERS\S-1-5-21-4237310255-3682870643-3950776913-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\Tencent]
[HKEY_USERS\S-1-5-18\Software\Tencent]
====== Ende von Suche ======
|
|
03.04.2016, 16:54
| #14 |
| /// Malwareteam | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ic-0.3bd06eee758598.exe -start] => C:\Users\Sinan\AppData\Local\Temp\9762807\ic-0.3bd06eee758598.exe -start <===== ACHTUNG
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE" /regrun /qqrepair
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: H - H:\AutoPlay.exe
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: {8093af26-b829-11e5-b28e-f04da2bf283c} - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => Keine Datei
Tcpip\Parameters: [DhcpNameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{7E4C64A2-3924-4DBB-8316-0C684C56318B}: [DhcpNameServer] 62.217.213.70 62.217.213.71
Tcpip\..\Interfaces\{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}: [DhcpNameServer] 193.231.252.1 213.154.124.1
cmd: ipconfig /release
cmd: ipconfig /renew
cmd: ipconfig /flushdns
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [Keine Datei]
C:\Program Files (x86)\Common Files\Tencent
S2 QQRepair139c; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair139c" [X]
C:\Program Files (x86)\Tencent
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [X]
FirewallRules: [{0FF67F89-B0F2-459B-9036-029C958BF89F}] => (Allow) LPort=2869
FirewallRules: [{0B362937-E355-4146-A2D2-C846647A6A10}] => (Allow) LPort=1900
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr]
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt: 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt: 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.  Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
03.04.2016, 17:33
| #15 |
| | Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen Vielen vielen dank für die Hilfe. Hier ist die Fixlog datei: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Sinan (2016-04-03 19:09:39) Run:1
Gestartet von D:\Documents\Desktop
Geladene Profile: Sinan (Verfügbare Profile: Sinan)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
closeprocesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ic-0.3bd06eee758598.exe -start] => C:\Users\Sinan\AppData\Local\Temp\9762807\ic-0.3bd06eee758598.exe -start <===== ACHTUNG
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTRAY.EXE" /regrun /qqrepair
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: H - H:\AutoPlay.exe
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\MountPoints2: {8093af26-b829-11e5-b28e-f04da2bf283c} - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => Keine Datei
Tcpip\Parameters: [DhcpNameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{7E4C64A2-3924-4DBB-8316-0C684C56318B}: [DhcpNameServer] 62.217.213.70 62.217.213.71
Tcpip\..\Interfaces\{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}: [DhcpNameServer] 193.231.252.1 213.154.124.1
cmd: ipconfig /release
cmd: ipconfig /renew
cmd: ipconfig /flushdns
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [Keine Datei]
C:\Program Files (x86)\Common Files\Tencent
S2 QQRepair139c; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair139c" [X]
C:\Program Files (x86)\Tencent
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [X]
FirewallRules: [{0FF67F89-B0F2-459B-9036-029C958BF89F}] => (Allow) LPort=2869
FirewallRules: [{0B362937-E355-4146-A2D2-C846647A6A10}] => (Allow) LPort=1900
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr]
emptytemp:
*****************
Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ic-0.3bd06eee758598.exe -start => Wert erfolgreich entfernt
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => Wert erfolgreich entfernt
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8093af26-b829-11e5-b28e-f04da2bf283c}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{8093af26-b829-11e5-b28e-f04da2bf283c} => Schlüssel nicht gefunden.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} => Schlüssel nicht gefunden.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7E4C64A2-3924-4DBB-8316-0C684C56318B}\\DhcpNameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}\\DhcpNameServer => Wert erfolgreich entfernt
========= ipconfig /release =========
Windows-IP-Konfiguration
Es kann kein Vorgang auf Bluetooth-Netzwerkverbindung ausgef�hrt werden, solange dessen Medium nicht
verbunden ist.
Es kann kein Vorgang auf LAN-Verbindung 2 ausgef�hrt werden, solange dessen Medium nicht
verbunden ist.
Ethernet-Adapter Bluetooth-Netzwerkverbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Ethernet-Adapter LAN-Verbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Verbindungslokale IPv6-Adresse . : fe80::69a1:8740:6e74:c7e1%11
Standardgateway . . . . . . . . . :
Tunneladapter LAN-Verbindung* 4:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Tunneladapter isatap.{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Tunneladapter LAN-Verbindung* 12:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
========= Ende von CMD: =========
========= ipconfig /renew =========
Windows-IP-Konfiguration
Es kann kein Vorgang auf Bluetooth-Netzwerkverbindung ausgef�hrt werden, solange dessen Medium nicht
verbunden ist.
Es kann kein Vorgang auf LAN-Verbindung 2 ausgef�hrt werden, solange dessen Medium nicht
verbunden ist.
Ethernet-Adapter Bluetooth-Netzwerkverbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Ethernet-Adapter LAN-Verbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Verbindungslokale IPv6-Adresse . : fe80::69a1:8740:6e74:c7e1%11
IPv4-Adresse . . . . . . . . . . : 192.168.1.101
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : 192.168.1.1
Tunneladapter LAN-Verbindung* 4:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Tunneladapter isatap.{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
========= Ende von CMD: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => Schlüssel nicht gefunden.
"HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Schlüssel nicht gefunden.
"HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant" => Schlüssel erfolgreich entfernt
"C:\Program Files (x86)\Common Files\Tencent" => nicht gefunden.
QQRepair139c => Dienst erfolgreich entfernt
"C:\Program Files (x86)\Tencent" => nicht gefunden.
SRepairDrv => Dienst erfolgreich entfernt
tsnethlpx64 => Dienst erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0FF67F89-B0F2-459B-9036-029C958BF89F} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B362937-E355-4146-A2D2-C846647A6A10} => Wert erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr => Schlüssel erfolgreich entfernt
EmptyTemp: => 190.2 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 19:10:01 ====
Code:
ATTFilter # AdwCleaner v5.108 - Bericht erstellt am 03/04/2016 um 19:20:00
# Aktualisiert am 30/03/2016 von Xplode
# Datenbank : 2016-04-03.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Sinan - SINAN-PC
# Gestartet von : D:\Documents\Desktop\AdwCleaner_5.108.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: "Tracing" schlüssel löschen
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [24697 Bytes] - [31/03/2016 14:24:41]
C:\AdwCleaner\AdwCleaner[C2].txt - [965 Bytes] - [03/04/2016 19:20:00]
C:\AdwCleaner\AdwCleaner[S1].txt - [24226 Bytes] - [31/03/2016 14:22:17]
C:\AdwCleaner\AdwCleaner[S2].txt - [966 Bytes] - [03/04/2016 19:17:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1183 Bytes] ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Sinan (Administrator) auf SINAN-PC (03-04-2016 19:26:17)
Gestartet von D:\Documents\Desktop
Geladene Profile: Sinan (Verfügbare Profile: Sinan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\PrintIsolationHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-18] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [837640 2015-12-08] (DivX, LLC)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [Dropbox Update] => C:\Users\Sinan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-27] (Dropbox, Inc.)
HKU\S-1-5-21-4237310255-3682870643-3950776913-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-05] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sinan\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{EAA309E0-F6DD-4BD6-84B9-0F5D71C1621C}: [DhcpNameServer] 193.231.252.1 213.154.124.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4237310255-3682870643-3950776913-1000 -> {1F9A24E2-0FEF-4961-AAAF-545084DE2E3B} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-19] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-12-02] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\englische-ergebnisse.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\gmx-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\lastminute.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\searchplugins\webde-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\englische-ergebnisse.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\gmx-suche.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\lastminute.xml [2012-10-04]
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\webde-suche.xml [2012-10-04]
FF Extension: LeechBlock - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-09-25]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\0760ublh.default-1402145157343\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-08] [ist nicht signiert]
FF Extension: Multi YouTube mp3 - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\d.lehr@chello.at.xpi [2015-06-08]
FF Extension: German Dictionary - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-02-10]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: LeechBlock - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-09-25]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\yoz294ne.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Multi YouTube mp3 - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\d.lehr@chello.at.xpi [2016-04-02]
FF Extension: German Dictionary - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-03-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: Adblock Plus - C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-02]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (AdBlock) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-29]
CHR Extension: (Gmail) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-03] (Dell Inc.) [Datei ist nicht signiert]
S2 SDScannerService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [X]
S2 SDUpdateService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [X]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\Windows\System32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\Windows\System32\DRIVERS\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhidmini; C:\Windows\System32\DRIVERS\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [585944 2015-01-20] (Realtek Semiconductor Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [14368 1968-04-08] () [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-07] (Duplex Secure Ltd.)
U3 a5gku6x1; C:\Windows\System32\Drivers\a5gku6x1.sys [0 ] (Intel Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-02 01:26 - 2016-04-02 00:46 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-02 00:46 - 2016-04-02 01:19 - 00000000 ____D C:\zoek_backup
2016-03-31 14:40 - 2016-04-01 01:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-31 14:38 - 2016-04-01 00:59 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-31 14:38 - 2016-03-31 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-31 14:38 - 2016-03-31 14:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-31 14:38 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-31 14:38 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-31 14:38 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-31 14:20 - 2016-04-03 19:20 - 00000000 ____D C:\AdwCleaner
2016-03-31 13:39 - 2016-03-31 13:39 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-03-31 13:39 - 2016-03-31 13:39 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-03-30 13:48 - 2016-03-30 13:57 - 00229914 _____ C:\TDSSKiller.3.1.0.9_30.03.2016_13.48.17_log.txt
2016-03-30 07:33 - 2016-04-03 19:26 - 00000000 ____D C:\FRST
2016-03-29 13:27 - 2016-03-29 13:27 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-29 13:20 - 2016-03-29 13:20 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-03-29 13:19 - 2016-03-31 14:02 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-29 13:19 - 2016-03-31 14:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-29 13:19 - 2016-03-31 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-29 13:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-03-29 13:05 - 2016-03-29 13:05 - 00000000 ____D C:\Windows\SysWOW64\tab
2016-03-29 13:05 - 2016-03-29 13:05 - 00000000 ____D C:\Windows\SysWOW64\hover
2016-03-29 13:01 - 2016-03-29 13:01 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-29 13:01 - 2016-03-29 13:01 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-21 19:14 - 2016-03-25 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-21 18:34 - 2016-03-21 18:34 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-16 22:57 - 2016-03-16 22:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-09 20:31 - 2016-02-12 21:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 20:31 - 2016-02-12 21:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 20:31 - 2016-02-12 21:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 20:31 - 2016-02-12 21:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 20:31 - 2016-02-12 21:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 20:31 - 2016-02-12 21:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 20:31 - 2016-02-12 21:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 20:31 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 20:31 - 2016-02-12 21:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 20:31 - 2016-02-12 21:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 20:31 - 2016-02-12 21:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 20:31 - 2016-02-12 21:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 20:31 - 2016-02-12 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 20:31 - 2016-02-12 21:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 20:31 - 2016-02-09 12:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 20:31 - 2016-02-09 09:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 20:31 - 2016-02-09 09:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 20:31 - 2016-02-09 00:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 20:31 - 2016-02-08 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 20:31 - 2016-02-08 23:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 20:31 - 2016-02-08 23:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 20:31 - 2016-02-08 23:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 20:31 - 2016-02-08 23:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 20:31 - 2016-02-08 23:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 20:31 - 2016-02-08 23:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 20:31 - 2016-02-08 23:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 20:31 - 2016-02-08 23:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 20:31 - 2016-02-08 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 20:31 - 2016-02-08 23:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 20:31 - 2016-02-08 23:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 20:31 - 2016-02-08 23:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 20:31 - 2016-02-08 23:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 20:31 - 2016-02-08 23:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 20:31 - 2016-02-08 23:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 20:31 - 2016-02-08 23:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 20:31 - 2016-02-08 23:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 20:31 - 2016-02-08 23:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 20:31 - 2016-02-08 23:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 20:31 - 2016-02-08 23:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 20:31 - 2016-02-08 23:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 20:31 - 2016-02-08 22:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 20:31 - 2016-02-08 22:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 20:31 - 2016-02-08 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 20:31 - 2016-02-08 21:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 20:31 - 2016-02-08 21:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 20:31 - 2016-02-08 21:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 20:31 - 2016-02-08 21:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 20:31 - 2016-02-08 21:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 20:31 - 2016-02-08 21:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 20:31 - 2016-02-08 21:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 20:31 - 2016-02-08 21:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 20:31 - 2016-02-08 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 20:31 - 2016-02-08 21:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 20:31 - 2016-02-08 20:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 20:31 - 2016-02-08 20:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 20:31 - 2016-02-08 20:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 20:31 - 2016-02-08 20:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 20:31 - 2016-02-08 20:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 20:31 - 2016-02-08 20:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 20:31 - 2016-02-08 20:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 20:31 - 2016-02-08 20:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 20:31 - 2016-02-08 19:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 20:31 - 2016-02-04 20:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 20:31 - 2016-02-03 21:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 20:31 - 2016-02-03 21:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 20:31 - 2016-02-03 21:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 20:31 - 2016-02-03 21:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 20:31 - 2016-02-03 21:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 20:31 - 2016-01-11 22:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 20:31 - 2015-11-19 17:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 20:31 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 20:30 - 2016-02-11 21:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 20:30 - 2016-02-11 21:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 20:30 - 2016-02-11 21:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 20:30 - 2016-02-11 21:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 20:30 - 2016-02-11 21:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 20:30 - 2016-02-11 21:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 20:30 - 2016-02-11 21:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 20:30 - 2016-02-11 21:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 20:30 - 2016-02-11 21:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 20:30 - 2016-02-11 21:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 20:30 - 2016-02-11 21:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 20:30 - 2016-02-11 21:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 20:30 - 2016-02-11 21:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 20:30 - 2016-02-11 21:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 20:30 - 2016-02-11 21:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 20:30 - 2016-02-11 21:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 20:30 - 2016-02-11 21:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 20:30 - 2016-02-11 21:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 20:30 - 2016-02-11 20:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 20:30 - 2016-02-11 20:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 20:30 - 2016-02-11 20:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 20:30 - 2016-02-11 20:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 20:30 - 2016-02-11 20:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 20:30 - 2016-02-11 20:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 20:30 - 2016-02-11 20:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 20:30 - 2016-02-11 20:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 20:30 - 2016-02-11 20:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 20:30 - 2016-02-11 20:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:30 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:30 - 2016-02-08 23:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 20:30 - 2016-02-08 23:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 20:30 - 2016-02-08 23:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 20:30 - 2016-02-08 21:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 20:30 - 2016-02-08 21:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 20:30 - 2016-02-08 21:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 20:30 - 2016-02-08 21:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 20:30 - 2016-02-08 21:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 20:30 - 2016-02-08 21:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 20:30 - 2016-02-08 21:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 20:30 - 2016-02-08 21:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 20:30 - 2016-02-08 20:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 20:30 - 2016-02-08 20:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 20:30 - 2016-02-08 20:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 20:30 - 2016-02-08 20:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 20:30 - 2016-02-08 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 20:30 - 2016-02-08 20:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 20:29 - 2016-02-19 22:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 20:29 - 2016-02-19 21:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 20:29 - 2016-02-19 17:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 20:29 - 2016-02-11 17:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 20:29 - 2016-02-09 12:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 20:29 - 2016-02-09 12:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 20:29 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 20:29 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 20:29 - 2016-02-09 12:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 20:29 - 2016-02-09 12:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 20:29 - 2016-02-09 12:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 20:29 - 2016-02-09 12:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 20:29 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 20:29 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 20:29 - 2016-02-05 21:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 20:29 - 2016-02-05 21:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 20:29 - 2016-02-05 21:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 20:29 - 2016-02-05 21:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 20:29 - 2016-02-05 21:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 20:29 - 2016-02-05 21:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 20:29 - 2016-02-05 21:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 20:29 - 2016-02-05 20:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 20:29 - 2016-02-05 20:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 20:29 - 2016-02-05 20:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 20:29 - 2016-02-05 17:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 20:29 - 2016-02-05 04:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 20:29 - 2016-02-04 21:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-03 19:25 - 2015-06-27 22:13 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000UA.job
2016-04-03 19:22 - 2014-06-23 11:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-03 19:22 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-03 19:19 - 2009-07-14 07:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-03 19:19 - 2009-07-14 07:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-03 19:08 - 2014-06-12 21:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-03 18:35 - 2014-06-23 11:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-02 20:44 - 2009-07-14 08:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-02 11:17 - 2014-06-06 16:11 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\vlc
2016-04-01 00:59 - 2014-06-27 21:54 - 00000583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baldur's Gate II Enhanced Edition.lnk
2016-04-01 00:59 - 2014-06-23 11:45 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-01 00:59 - 2014-06-08 10:42 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-01 00:59 - 2014-06-07 16:12 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-01 00:59 - 2014-06-07 16:04 - 00002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-01 00:59 - 2014-06-06 16:05 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-04-01 00:59 - 2014-06-06 16:02 - 00001889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-04-01 00:59 - 2010-12-21 17:05 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-04-01 00:59 - 2010-12-21 15:38 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-01 00:59 - 2010-12-21 15:38 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-01 00:59 - 2009-07-14 07:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-01 00:59 - 2009-07-14 07:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-01 00:58 - 2016-02-26 14:00 - 00000811 _____ C:\Users\Sinan\Desktop\SpellForce - Platinum Edition.lnk
2016-04-01 00:58 - 2014-06-06 16:07 - 00000855 _____ C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-04-01 00:58 - 2014-06-06 15:16 - 00001427 _____ C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-01 00:58 - 2009-07-14 08:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-01 00:58 - 2009-07-14 07:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-01 00:53 - 2015-10-15 21:06 - 00000000 ____D C:\Windows\rescache
2016-03-31 16:25 - 2015-06-27 22:13 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4237310255-3682870643-3950776913-1000Core.job
2016-03-30 13:06 - 2010-12-21 17:29 - 00710272 _____ C:\Windows\system32\perfh007.dat
2016-03-30 13:06 - 2010-12-21 17:29 - 00154570 _____ C:\Windows\system32\perfc007.dat
2016-03-30 13:06 - 2009-07-14 08:13 - 01649790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-30 13:06 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-03-29 21:28 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\TAPI
2016-03-29 15:01 - 2014-06-18 19:07 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-29 14:30 - 2014-06-06 15:16 - 00000000 ____D C:\Users\Sinan\AppData\Local\VirtualStore
2016-03-29 13:07 - 2009-07-14 07:45 - 00470048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 13:03 - 2014-06-06 15:14 - 00128040 _____ C:\Users\Sinan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-29 12:58 - 2014-06-06 16:07 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\BitTorrent
2016-03-25 23:54 - 2014-06-06 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 01:55 - 2015-04-05 00:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 01:55 - 2015-04-05 00:03 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 01:08 - 2014-06-12 21:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-24 01:08 - 2014-06-06 16:02 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 01:08 - 2014-06-06 16:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-21 18:35 - 2014-06-07 16:35 - 00000000 ____D C:\Users\Sinan\AppData\Roaming\Dropbox
2016-03-19 01:33 - 2014-06-07 12:48 - 01624070 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-10 01:14 - 2014-06-05 17:39 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 01:07 - 2014-06-05 17:39 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 01:06 - 2014-12-12 02:21 - 00000000 ____D C:\Windows\system32\appraiser
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-01 13:42 - 2014-11-01 13:53 - 0005632 _____ () C:\Users\Sinan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-06 16:57 - 2016-01-06 19:55 - 0007590 _____ () C:\Users\Sinan\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Sinan\AppData\Local\Temp\avgnt.exe
C:\Users\Sinan\AppData\Local\Temp\libeay32.dll
C:\Users\Sinan\AppData\Local\Temp\msvcr120.dll
C:\Users\Sinan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 11:19
==================== Ende von FRST.txt ============================
|
|
| Themen zu Kann Chinesische Malware Tencent nicht Löschen, habe erfolglos versucht das Problem selbst zu lösen |
| browser, browser-security, desktop, detected, dll, explorer.exe, firefox, helper.exe, ics, install.exe, internet, internet explorer, log, löschen, malware, malwarebytes, microsoft, mozilla, ordner, problem, programm, programme, software, system, system32, temp, update, yahoo |
dann auf 
und dann auf 
. 
Linear-Darstellung
