| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Phishing-Zip-Anhang auf PC und Handy geöffnetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.06.2016, 16:50
| #1 |
| |  Phishing-Zip-Anhang auf PC und Handy geöffnet Hallo Zusammen, ich könnte gerade explodieren vor Wut, aber das bringt ja nichts - was ich brauche, ist schnelle Hilfe... Ein Kumpel fand' es scheinbar witzig mir eine an ihn adressierte Phishing-Mail von "Rechnungsstelle GiroPay AG" mit Anhang weiterzuleiten. Naja, auf jeden Fall ist mein Mail-Account so eingestellt, dass es Anhänge von ihm direkt runterlädt und öffnet, daher hab' ich den potentiellen Schaden jetzt auf Handy [Android] und PC [Windows 8]. Meine Fragen sind jetzt: Wie kann ich überprüfen, was an Daten, etc. schon verloren ist und geändert werden sollte? Und wie krieg' ich das Ganze effektiv wieder von meinen Geräten, sodass ich sie wieder gefahrlos benutzen kann? Es handelte sich um eine Zip-Datei, die wie üblich im Download-Ordner abgespeichert wurde. Gerade läuft ein Avira-Scan [schon seit über einer Stunde], habe hier allerdings schon mehrfach gelesen, dass das nicht den durchschlagenden Effekt hat. Außerdem habe ich die entsprechende Datei in den Papierkorb verschoben und ihn entleert. Beste Grüße und Danke an schnelle Helfer, Erthos Avira-Export: Code:
ATTFilter Exportierte Ereignisse:
21.06.2016 17:38 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Vera\AppData\Roaming\opamp-15\opamp-9.exe'
enthält folgendes Muster 'TR/Crypt.Xpack.zwpz' [trojan]
Ausgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Der Bootsektor wurde aufgrund des inkompatiblen Formats nicht gescannt.
Die Datei wurde zum Löschen nach einem Neustart markiert.
Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
21.06.2016 17:34 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Crypt.Xpack.zwpz [trojan]'
in Datei 'C:\Users\Vera\AppData\Roaming\opamp-15\opamp-9.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
21.06.2016 17:29 [System-Scanner] Malware gefunden
Die Datei
'C:\WINDOWS\system32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys'
enthält folgendes Muster 'Adware/BrowseFox.drc' [adware]
Ausgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Die Datei existiert nicht!
21.06.2016 17:29 [System-Scanner] Malware gefunden
Die Datei
'C:\AdwCleaner\Quarantine\C\Users\Vera\AppData\Local\Temp\OCS\ocs_v71.exe.vir'
enthält folgendes Muster 'PUA/DownloadSponsor.Gen' [riskware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '6d2ab98a.qua'
verschoben!
21.06.2016 17:28 [System-Scanner] Malware gefunden
Die Datei
'C:\AdwCleaner\Quarantine\C\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\
extensions\Extensions\pricepeep@getpricepeep.com.xpi.vir'
enthält folgendes Muster 'Adware/PricePeep.P' [adware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4673e58e.qua'
verschoben!
21.06.2016 17:28 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files (x86)\Freemake\Freemake Video
Converter\SetupUpdate.exe'
enthält folgendes Muster 'PUA/OpenCandy.Gen' [riskware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '33ef9db7.qua'
verschoben!
21.06.2016 17:28 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files (x86)\Mozilla Firefox\dbghelp.dll'
enthält folgendes Muster 'ADWARE/MultiPlug.Gen7' [adware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '11e0cfd2.qua'
verschoben!
21.06.2016 17:27 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\40fc97ae000019be\40fc97ae000019be.dll'
enthält folgendes Muster 'ADWARE/MultiPlug.Gen7' [adware]
Ausgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Der Bootsektor wurde aufgrund des inkompatiblen Formats nicht gescannt.
Die Datei wurde zum Löschen nach einem Neustart markiert.
Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
21.06.2016 17:27 [System-Scanner] Malware gefunden
Die Datei
'C:\ProgramData\{02bca1cf-8ab1-2d98-02bc-ca1cf8ab873e}\hqghumeaylnlf.exe'
enthält folgendes Muster 'PUA/SpeedUpMyPC.Gen' [riskware]
Ausgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Der Bootsektor wurde aufgrund des inkompatiblen Formats nicht gescannt.
Die Datei wurde zum Löschen nach einem Neustart markiert.
Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
21.06.2016 17:26 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Vera\AppData\Local\Temp\DwlTempFolder\temp.exe'
enthält folgendes Muster 'Adware/Agent.81920.132' [adware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1f7b8066.qua'
verschoben!
21.06.2016 17:26 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Vera\AppData\Local\Temp\st1260.tmp\dup.exe'
enthält folgendes Muster 'ADWARE/Adware.Gen7' [adware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0c90bcf2.qua'
verschoben!
21.06.2016 17:26 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Vera\AppData\Local\Temp\st1260.tmp\zlib1.dll'
enthält folgendes Muster 'Adware/ELEX.SKDE' [adware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '694cc877.qua'
verschoben!
21.06.2016 17:25 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Vera\AppData\Local\Temp\stAED8.tmp\dup.exe'
enthält folgendes Muster 'ADWARE/Adware.Gen7' [adware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0ceb8b01.qua'
verschoben!
21.06.2016 17:25 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Vera\Downloads\flstudio_11.1.exe'
enthält folgendes Muster 'PUA/OpenCandy.Gen' [riskware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '6dceaa86.qua'
verschoben!
21.06.2016 17:24 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Vera\Downloads\FreemakeVideoConverter419Full.exe'
enthält folgendes Muster 'PUA/OpenCandy.Gen' [riskware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '38f8ec45.qua'
verschoben!
21.06.2016 17:24 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Vera\Downloads\FreeScreenVideoRecorder.exe'
enthält folgendes Muster 'PUA/OpenCandy.Gen' [riskware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '188ee8d5.qua'
verschoben!
21.06.2016 17:24 [System-Scanner] Malware gefunden
Die Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys'
enthält folgendes Muster 'Adware/BrowseFox.drc' [adware]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '70f092b6.qua'
verschoben!
21.06.2016 17:17 [System-Scanner] Malware gefunden
Die Datei 'C:\Windows\Temp\tmpnq81cy\GoogleUpdateHelper.dll'
enthält folgendes Muster 'TR/ExtenBro.uhng' [trojan]
Ausgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Der Bootsektor wurde aufgrund des inkompatiblen Formats nicht gescannt.
Die Datei wurde zum Löschen nach einem Neustart markiert.
Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
21.06.2016 17:16 [System-Scanner] Malware gefunden
Die Datei 'C:\Windows\Temp\tmpxlvcqe\dljbcjbfojhlfhgenhepllagfecdpchb\lsdb.js'
enthält folgendes Muster 'JS/Agent.tsax' [virus]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4584db4b.qua'
verschoben!
21.06.2016 17:16 [System-Scanner] Malware gefunden
Die Datei
'C:\Windows\Temp\tmpxlvcqe\dljbcjbfojhlfhgenhepllagfecdpchb\content.js'
enthält folgendes Muster 'JS/Agent.tsaq' [virus]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0926f705.qua'
verschoben!
21.06.2016 17:16 [System-Scanner] Malware gefunden
Die Datei
'C:\Windows\Temp\tmpzaqnen\mphdpmllmopekbialgcdpofndkpbecdg\content.js'
enthält folgendes Muster 'JS/Agent.tsaq' [virus]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3a85e92d.qua'
verschoben!
21.06.2016 17:16 [System-Scanner] Malware gefunden
Die Datei 'C:\Windows\Temp\tmpzaqnen\mphdpmllmopekbialgcdpofndkpbecdg\lsdb.js'
enthält folgendes Muster 'JS/Agent.tsax' [virus]
Ausgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7f1bc417.qua'
verschoben!
20.06.2016 13:14 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.06.2016 15:55 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
14.06.2016 15:40 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
14.06.2016 15:40 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
12.06.2016 12:18 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
12.06.2016 12:18 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
05.06.2016 06:11 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
05.06.2016 06:11 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
04.06.2016 17:45 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
04.06.2016 17:44 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
02.06.2016 12:36 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
01.06.2016 12:45 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
29.05.2016 08:49 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
28.05.2016 20:11 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
28.05.2016 19:58 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
27.05.2016 14:23 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
27.05.2016 14:23 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
23.05.2016 12:32 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
22.05.2016 23:16 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/BrowseFox.drc [adware]'
in Datei
'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys
gefunden.
Durchgeführte Aktion: Zugriff verweigern
|
|
21.06.2016, 18:10
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Phishing-Zip-Anhang auf PC und Handy geöffnet Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
22.06.2016, 10:55
| #3 |
| | Phishing-Zip-Anhang auf PC und Handy geöffnet FRST.txt:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
durchgeführt von Vera (Administrator) auf VERAS-PC (22-06-2016 11:49:23)
Gestartet von C:\Users\Vera\Desktop
Geladene Profile: UpdatusUser & Vera (Verfügbare Profile: UpdatusUser & Vera)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Akamai Technologies, Inc.) C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(acer) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
( ) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-01-28] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-14] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-06-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [156448 2012-05-04] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-11-23] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [766464 2016-02-29] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Google Update] => "C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [class-57] => C:\ProgramData\class-58\class-8.exe [476672 2016-06-22] (Red Line Software)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\RunOnce: [analog-45] => C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe [505344 2016-06-22] ()
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {2ab3442b-78c5-11e5-801a-b888e359abb6} - "E:\AutoRun.exe"
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {736f669c-3581-11e3-bf6a-b888e359abb6} - "E:\AutoRun.exe"
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {736f672e-3581-11e3-bf6a-b888e359abb6} - "E:\AutoRun.exe"
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2012-12-28]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decibel-6.lnk [2016-06-21]
ShortcutTarget: decibel-6.lnk -> C:\Users\Vera\AppData\Roaming\decibel-28\decibel-5.exe (COBRA)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2016-05-19]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 129.206.100.126 129.206.210.127
Tcpip\..\Interfaces\{FC7B690A-ABE8-4FEF-9430-9736C44DA543}: [DhcpNameServer] 129.206.100.126 129.206.210.127
Internet Explorer:
==================
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1421356061&from=cor&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C326327563275&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1421356061&from=cor&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C326327563275&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrM2icxpsh_UTXjWxkoiojE1w,,&q={searchTerms}
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrM2icxpsh_UTXjWxkoiojE1w,,&q={searchTerms}
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
URLSearchHook: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 - (Kein Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Keine Datei
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=626a7b7b-442c-4a30-9136-26b3b71ea222&ref=toolbox&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> {2C7D51A4-33DF-4526-A44F-34E61322EA22} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> {36437782-15CF-4097-ABA2-39E22089CE35} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Gravity Space -> {8788dd2d-bed5-4071-8439-c822cef57bc8} -> C:\Program Files (x86)\Gravity Space\Extensions\8788dd2d-bed5-4071-8439-c822cef57bc8.dll => Keine Datei
IE Session Restore: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> ist aktiviert.
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vera\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-02-09] ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-25] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (YouTube) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-25] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (Adblock Plus) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-25] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (Google-Suche) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-25] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (SiteAdvisor) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-25] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (Google Docs Offline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-25] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Google Mail) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-25] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ACHTUNG
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-06-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-15] (Dritek System INC.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [274208 2012-05-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-06-04] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R1 inpoutx64; C:\Windows\System32\drivers\inpoutx64.sys [15008 2016-03-08] (Highresolution Enterprises [www.highrez.co.uk])
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 PRTDRV; C:\Windows\System32\Drivers\PRTDRV.sys [33640 2012-06-15] (Psychology Software Tools)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-15] (Dritek System Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2015-02-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gw64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys [61080 2014-09-07] (StdLib)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-22 11:50 - 2016-06-22 11:50 - 00000000 ____D C:\ProgramData\kelvin-6
2016-06-22 11:49 - 2016-06-22 11:49 - 00030034 _____ C:\Users\Vera\Desktop\FRST.txt
2016-06-22 11:49 - 2016-06-22 11:49 - 00000000 ____D C:\FRST
2016-06-22 11:48 - 2016-06-22 11:48 - 02387456 _____ (Farbar) C:\Users\Vera\Desktop\FRST64.exe
2016-06-22 11:48 - 2016-06-22 11:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\analog-1
2016-06-22 11:46 - 2016-06-22 11:46 - 00000000 ____D C:\ProgramData\class-58
2016-06-21 17:47 - 2016-06-21 17:47 - 00029134 _____ C:\Users\Vera\Documents\Ereignisse.txt
2016-06-21 17:46 - 2016-06-21 17:47 - 00029134 _____ C:\Users\Vera\Desktop\Ereignisse.txt
2016-06-21 12:21 - 2016-06-21 12:21 - 00000000 ____D C:\Users\Vera\AppData\Roaming\decibel-28
2016-06-21 11:37 - 2016-06-21 12:23 - 00000000 ____D C:\ProgramData\ct
2016-06-17 15:18 - 2016-06-17 15:18 - 00036663 _____ C:\Users\Vera\Downloads\learningpathsbachelorspsychologyradboud_20162017.pdf
2016-06-14 11:20 - 2016-06-14 11:20 - 00080896 _____ C:\Users\Vera\Downloads\Fachdidaktik_SoSe2015.xls
2016-06-06 13:18 - 2016-06-06 13:18 - 00041444 _____ C:\Users\Vera\Downloads\Tsvgg_Beitragsordnung_2015.pdf
2016-06-04 17:25 - 2016-06-04 17:25 - 00033415 _____ C:\Users\Vera\Downloads\Frauen Vortest Seiler.sav
2016-06-03 17:05 - 2016-06-03 17:05 - 00000000 ____D C:\Users\Vera\Documents\IBM
2016-06-03 17:00 - 2016-06-03 17:00 - 00000000 ____D C:\ProgramData\IBM
2016-06-03 16:53 - 2016-06-03 16:53 - 00000000 ____D C:\Program Files (x86)\IBM
2016-06-03 16:45 - 2016-03-03 09:59 - 856246096 _____ (IBM Corp) C:\Users\Vera\Desktop\SPSS_Statistics_24_win32.exe
2016-06-01 19:44 - 2016-06-01 19:45 - 00957112 _____ (Microsoft Corporation) C:\Users\Vera\Downloads\SaveAsPDFandXPS.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-21 21:43 - 2015-11-13 15:20 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-21 21:12 - 2015-07-18 13:55 - 00000000 ____D C:\Users\Vera\AppData\Local\Deployment
2016-06-21 20:47 - 2012-11-17 15:16 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4105031019-3425876013-4116755172-1002
2016-06-21 17:46 - 2014-07-31 03:32 - 00000000 ___DO C:\Users\Vera\OneDrive
2016-06-21 17:42 - 2015-10-04 01:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\Skype
2016-06-21 17:41 - 2015-01-24 20:19 - 00000000 ____D C:\Users\Vera\AppData\Local\LogMeIn Hamachi
2016-06-21 17:40 - 2015-11-13 15:20 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-21 17:40 - 2015-07-29 15:03 - 00000382 _____ C:\WINDOWS\Tasks\RNKCKUYTBN1.job
2016-06-21 17:39 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-21 17:39 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-21 17:35 - 2015-07-31 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-21 17:28 - 2013-12-20 18:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 14:36 - 2016-03-14 12:31 - 00000000 ____D C:\Users\Vera\AppData\Local\Microsoft Help
2016-06-21 14:32 - 2016-04-26 14:37 - 00000000 ____D C:\Users\Vera\AppData\Roaming\avidemux
2016-06-21 14:06 - 2015-07-18 13:55 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core.job
2016-06-21 13:56 - 2013-10-15 21:38 - 00000000 ____D C:\Users\Vera\Desktop\UNI Stuttgart
2016-06-21 13:53 - 2014-03-18 12:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-21 13:53 - 2014-03-18 11:25 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-21 13:53 - 2014-03-18 11:25 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-21 13:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-21 12:34 - 2013-12-06 22:30 - 00000000 ____D C:\Users\Vera\AppData\Roaming\vlc
2016-06-21 12:32 - 2015-07-26 12:32 - 00000370 _____ C:\WINDOWS\Tasks\FileInspect.job
2016-06-21 12:32 - 2015-07-24 12:32 - 00000368 _____ C:\WINDOWS\Tasks\EasyCite.job
2016-06-21 12:32 - 2015-07-18 18:32 - 00000368 _____ C:\WINDOWS\Tasks\PhraseSmartifier.job
2016-06-21 12:32 - 2015-07-17 12:32 - 00000370 _____ C:\WINDOWS\Tasks\InfoHider.job
2016-06-21 12:32 - 2015-07-16 18:32 - 00000368 _____ C:\WINDOWS\Tasks\WordSpill.job
2016-06-21 12:32 - 2015-07-15 00:32 - 00000370 _____ C:\WINDOWS\Tasks\WordWiz.job
2016-06-21 11:46 - 2015-07-31 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-20 11:49 - 2015-11-13 15:21 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-20 11:49 - 2015-11-13 15:21 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-19 23:29 - 2012-11-21 14:22 - 00000000 ____D C:\Users\Vera\Documents\Story
2016-06-19 22:01 - 2015-12-18 23:16 - 00008628 _____ C:\Users\Vera\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2016-06-17 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-15 11:14 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-10 20:55 - 2015-10-04 01:47 - 00000000 ____D C:\ProgramData\Skype
2016-06-10 20:54 - 2016-01-15 16:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-10 19:22 - 2013-12-06 22:31 - 00000000 ____D C:\Users\Vera\AppData\Roaming\dvdcss
2016-06-06 12:13 - 2014-01-10 19:56 - 00006656 _____ C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-04 17:17 - 2015-07-31 17:27 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-04 17:17 - 2015-07-31 17:27 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-03 17:00 - 2014-07-31 02:50 - 00000000 ____D C:\Users\Vera
2016-06-03 16:59 - 2015-12-09 14:08 - 00000000 ____D C:\Users\Vera\AppData\Local\javasharedresources
2016-06-03 16:57 - 2015-12-04 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2016-06-03 16:51 - 2015-12-04 20:50 - 00000219 _____ C:\WINDOWS\SysWOW64\lsprst7.tgz
2016-06-03 16:51 - 2015-12-04 20:50 - 00000205 _____ C:\WINDOWS\SysWOW64\lsprst7.dll
2016-06-03 16:51 - 2015-12-04 20:50 - 00000016 ____H C:\WINDOWS\SysWOW64\servdat.slm
2016-06-01 19:45 - 2015-01-19 16:18 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-06-01 16:58 - 2013-01-03 13:33 - 00000000 ____D C:\Users\Vera\Downloads\Bank
2016-05-29 10:58 - 2016-04-28 10:49 - 00002323 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-05-29 10:58 - 2016-04-26 18:47 - 00003178 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4105031019-3425876013-4116755172-1002
2016-05-27 15:39 - 2013-07-16 22:33 - 00000000 ____D C:\Users\Vera\Desktop\Veras Zeug
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-26 15:18 - 2015-07-29 15:44 - 0000024 _____ () C:\Users\Vera\AppData\Roaming\appdataFr25.bin
2015-12-18 23:16 - 2016-06-19 22:01 - 0008628 _____ () C:\Users\Vera\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-01-10 19:56 - 2016-06-06 12:13 - 0006656 _____ () C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-05 19:55 - 2016-04-05 19:55 - 0001477 _____ () C:\Users\Vera\AppData\Local\recently-used.xbel
2015-07-16 18:36 - 2015-07-16 18:36 - 0000000 _____ () C:\Users\Vera\AppData\Local\Temp.dat
2015-01-04 16:31 - 2015-01-04 16:31 - 0000016 ___SH () C:\ProgramData\ncli3f42.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\ncli3f42.dat
Einige Dateien in TEMP:
====================
C:\Users\Vera\AppData\Local\Temp\AutoRun.exe
C:\Users\Vera\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Vera\AppData\Local\Temp\avgnt.exe
C:\Users\Vera\AppData\Local\Temp\CmdLineExt01.dll
C:\Users\Vera\AppData\Local\Temp\eauninstall.exe
C:\Users\Vera\AppData\Local\Temp\ijl11.dll
C:\Users\Vera\AppData\Local\Temp\javagiac0.6939667421270448.dll
C:\Users\Vera\AppData\Local\Temp\ose00000.exe
C:\Users\Vera\AppData\Local\Temp\pegavi.dll
C:\Users\Vera\AppData\Local\Temp\pegcore.dll
C:\Users\Vera\AppData\Local\Temp\SIntf16.dll
C:\Users\Vera\AppData\Local\Temp\SIntf32.dll
C:\Users\Vera\AppData\Local\Temp\SIntfNT.dll
C:\Users\Vera\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Vera\AppData\Local\Temp\supoptsetup.exe
C:\Users\Vera\AppData\Local\Temp\The Sims 2 Glamour Life Stuff_uninst.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-21 22:59
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Vera (2016-06-22 11:51:34)
Gestartet von C:\Users\Vera\Desktop
Windows 8.1 (Update) (X64) (2014-07-31 01:26:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4105031019-3425876013-4116755172-500 - Administrator - Disabled)
Gast (S-1-5-21-4105031019-3425876013-4116755172-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-4105031019-3425876013-4116755172-1001 - Limited - Enabled) => C:\Users\UpdatusUser
Vera (S-1-5-21-4105031019-3425876013-4116755172-1002 - Administrator - Enabled) => C:\Users\Vera
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Abe's Oddysee (HKLM-x32\...\Abe's Oddysee) (Version: - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Reader XI (11.0.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.307 - ArcSoft)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{761cd2c4-5249-4346-8318-a499d06d2681}) (Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version: - )
Canon iP2600 series Benutzerregistrierung (HKLM-x32\...\Canon iP2600 series Benutzerregistrierung) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.14018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.14018 - Cisco Systems, Inc.) Hidden
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D.Radio (HKLM-x32\...\{213E2CCF-8265-444F-A6CA-40BD946A8D4A}) (Version: 1.1.5 - Geniatech)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
Die Sims™ 2: Glamour-Accessoires (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - )
EA SPORTS online 2004 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version: - )
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden
E-Prime 2.0 (2.0.8.90) (HKLM-x32\...\{77C74D8A-2014-4107-BE3F-DF879A443E0B}) (Version: 2.0.08090 - Psychology Software Tools, Inc.)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
FIFA 2004 (HKLM-x32\...\{782DDB70-3DF4-4366-00BF-E3767BCD173B}) (Version: - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeMat (HKLM-x32\...\FreeMat) (Version: 4.2 - Humanity)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Genius Biologie Demoversion (remove only) (HKLM-x32\...\Genius Biologie Demoversion) (Version: - )
Genius Physik (remove only) (HKLM-x32\...\Genius Physik) (Version: - )
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.8.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Harry Potter und der Gefangene von Askaban(TM) (HKLM-x32\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version: - )
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
IBM SPSS Statistics 24 (HKLM-x32\...\{4762AE15-E5A3-43BF-8822-1CFC70FB147A}) (Version: 24.0.0.0 - IBM Corp)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Inkscape 0.48.5 (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Inkscape) (Version: 0.48.5 - )
Inquisit 5 (HKLM-x32\...\Inquisit 5 5.0.1) (Version: 5.0.1 - Millisecond Software)
Inquisit 5 (Version: 5.0.1 - Millisecond Software) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kinovea (HKLM-x32\...\Kinovea) (Version: 0.8.15 - Kinovea)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.3 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyoResearch XP Master 1.08.27 (HKLM-x32\...\MyoResearch XP Master 1.08.27) (Version: Master 1.08 - Noraxon U.S.A. Inc.)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3102 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
ScenalyzerLive (entfernen) (HKLM-x32\...\ScenalyzerLive) (Version: - )
SecurityUtility (HKLM-x32\...\SecurityUtility) (Version: - ) <==== ACHTUNG
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: - )
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
TotalMedia Setup (HKLM-x32\...\{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}) (Version: 1.00.0000 - Conexant)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warcraft II BNE (HKLM-x32\...\Warcraft II BNE) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20} - System32\Tasks\WordSpill => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe <==== ACHTUNG
Task: {17E4CA9F-25FD-494E-BB74-B84A209FCA12} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {37660E5E-8A00-4829-B992-ECD0A5F396C9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002UA => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4BD91451-E5D0-44B0-BC66-CA629F52CFA6} - System32\Tasks\FileInspect => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe <==== ACHTUNG
Task: {5031E43D-8433-478B-ADEF-ED7A3609D51E} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {56D1C32C-601E-46D3-94C4-FDDD32C0C6DF} - System32\Tasks\RNKCKUYTBN1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
Task: {5A090A2A-1532-41D9-B014-D1DAA9FE16FE} - System32\Tasks\{7B191E72-26D1-4676-A94A-49D7D0D747F6} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {610E2F79-6BCC-476A-BA7D-A02C89B2F451} - System32\Tasks\WordWiz => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe <==== ACHTUNG
Task: {62E6E7F0-46E8-4077-B4B3-BBA069067EE2} - System32\Tasks\EasyCite => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe <==== ACHTUNG
Task: {6CB76679-0DA2-425F-9125-9EEB99CF1CDF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {7879C2EC-5773-4BAC-AE6A-A70CB56758E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.)
Task: {912C5971-B1DE-471E-852F-76E5FB35C78C} - System32\Tasks\PhraseSmartifier => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe <==== ACHTUNG
Task: {9613AC98-897D-400D-8ECF-E0E7781A2448} - System32\Tasks\InfoHider => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe <==== ACHTUNG
Task: {98CEFDC9-4187-453C-A3B4-C49FB9152592} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {A8701A53-BDEB-4875-AD33-424591258A36} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4105031019-3425876013-4116755172-1002 => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-29] (Microsoft Corporation)
Task: {A8943ACC-07D9-4B3F-B0C4-92CB380090D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {A915BF41-31C2-42E4-BD22-01E939E09DE2} - System32\Tasks\{3EFEC5D9-1D52-48FB-B382-C489FF10193D} => pcalua.exe -a C:\Users\Vera\Downloads\sclive20060412g\sclive.exe -d C:\Users\Vera\Downloads\sclive20060412g
Task: {A99F043E-634C-40F9-A6EE-2F4E90DE5FF7} - System32\Tasks\BoBrowser => C:\Users\Vera\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ACHTUNG
Task: {B95DD6AF-F8F9-4F0B-9AE1-10717A9AFD37} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4105031019-3425876013-4116755172-1002
Task: {C724FC1B-D5B1-4755-9754-A03B17BA053A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {D133FAB6-652A-4BDA-9C0A-E35FBA3E9FF5} - \Run_Bobby_Browser -> Keine Datei <==== ACHTUNG
Task: {DB52C38A-7BED-4C11-8C09-4DA13108FB1A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {E7F15A4F-84A8-4C14-B142-9F5F2BF683E7} - System32\Tasks\{EFF710BD-CF61-4810-8F4E-857944983CEF} => pcalua.exe -a D:\autostart.exe -d D:\
Task: {EF7B119D-D1F7-4F8A-B349-98D194BC932B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.)
Task: {F2C4B45D-8EAE-4FFD-8F99-54C2E2754DF6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {F83191E3-E913-4DC2-BE22-C614E7BF5FB0} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EasyCite.job => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\FileInspect.job => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core.job => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002UA.job => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\InfoHider.job => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\PhraseSmartifier.job => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\RNKCKUYTBN1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\WordSpill.job => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\WordWiz.job => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe <==== ACHTUNG
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-22 16:08 - 2012-05-04 17:19 - 00274208 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2016-05-29 10:57 - 2016-05-29 10:57 - 00959168 _____ () C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2013-01-28 17:21 - 2013-01-28 17:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-22 16:08 - 2012-05-04 17:19 - 00156448 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2015-12-11 18:30 - 2015-11-23 17:05 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-02-29 12:16 - 2016-02-29 12:16 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-07-31 01:04 - 2012-07-31 01:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 02289808 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\QtCore4.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 08173712 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\QtGui4.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 00197264 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\QtSql4.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 00921232 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\QtNetwork4.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 00277136 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\libcurl.dll
2012-11-22 15:33 - 2001-11-07 15:53 - 00310835 _____ () C:\program files (x86)\firefly studios\stronghold crusader\binkw32.dll
2012-11-22 15:33 - 2001-10-16 16:55 - 00348160 _____ () C:\program files (x86)\firefly studios\stronghold crusader\mss32.dll
2016-06-20 11:48 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-20 11:48 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2012-08-15 21:02 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-06-20 20:35 - 2016-06-20 20:35 - 00035472 _____ () C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\695e7e06\00901b68_b247cd01\PowerPointAddIn.DLL
2006-10-26 13:56 - 2006-10-26 13:56 - 00757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-05-15 01:16 - 2016-05-15 01:16 - 00034960 _____ () C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Vera\Pictures\Make History.jpg
DNS Servers: 129.206.100.126 - 129.206.210.127
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "TMMonitor.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{562AD6BE-EF65-4195-AAA5-F374590DD5E3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{67FEACB2-2401-4122-8D3D-66FAE5F98D53}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{7D0B75D0-989B-4913-BC73-E6996719AC85}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{16658953-BD08-4DE2-B7DA-F2D1B24B8872}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{484F0461-88EE-48FA-9FD8-BBCBF3E6E495}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F979EA54-0E59-49F8-B3A9-6A785542724F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{DFB3C773-7010-42DD-A159-29ED99BBAF03}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BD89FC6D-7633-42E8-A848-B61956B3B4AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB1D5594-C388-47E8-906D-80FE30EAC961}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D0E5BD68-B928-4989-B5F5-4C16AEC18868}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9661D67B-EAE3-4D42-AF33-E1D499220CD2}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{7704B728-7C00-442C-9AC8-2FE6B8A7F972}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{ACAD114C-735F-49BC-AB98-39CFB4FF1DDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{644A48DF-D8D1-42A0-BB7B-E4AA842EFC6E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{BB1A121B-2AC5-40E4-8B11-51910ED459C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{7EA55DA8-A5C0-4A69-BC29-2F28BE9EBA2E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{46C920C4-2E27-4A82-92E1-634F16ED18D2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{32B571B2-721F-4ACF-A816-F9B89001BF01}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{C4FB7AFE-D859-430E-BBF0-D49809786B14}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{B7D0094A-6789-49D2-AA2A-2E30A40D1397}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{6CD5F020-CB4D-41CB-B44B-B947BDD8B91E}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{3298A79E-04A7-4179-AC81-49ED4EABC1E5}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{4EA3AAB1-1CA0-4243-9A03-6A911B74DA56}] => (Allow) D:\AliceSetup.exe
FirewallRules: [{B0A151C9-F47C-4313-A4DD-FE26082A72CF}] => (Allow) D:\AliceSetup.exe
FirewallRules: [{9A009534-4288-44B3-8FA6-1B0B017660EC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{6D86272D-1F6E-43CE-89D7-0FFB40901B4E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{996E0AB8-043B-450A-A7FD-1825D9F9D03B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{EFFE22F3-ED01-4532-8488-1C1E4728F1C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{A87A6C22-D2DD-4F74-8706-23414A196020}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{10B14768-23FB-461A-888B-927744D74680}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{D511C497-9324-4CAD-9DF4-B0A66D476F5E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{3C8D17B8-783D-4B7B-8FAB-D91CCD9EE9A7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{92047C36-3FCF-4D60-8ABD-8E24D42294FB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{B72996AF-9E68-485C-B0AA-56521F1F0447}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{9101CCED-69A9-4B46-BBAB-7D39AA1FA45B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{6EE1F738-5154-4C11-B395-44D4963E581D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{3CCB51CF-1423-46ED-935E-E8BB081B5CD2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{32087D8E-507C-4CA1-89F4-15E56D11E319}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{C203FD96-1A43-4529-A0AB-08D0577083CF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{440E6ED9-62D2-4DB8-A42D-386381109FBF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E04C7F9F-DD2C-44F1-92B7-4F912A562F86}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{81562EA2-47D6-4F07-8FE6-4A0B0A20C097}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{6E911494-19DD-4B8E-A761-F30BB5871777}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E82CAC18-872F-42EB-8783-E55F1BB9DB71}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{4D211644-52DE-4B61-99A1-6263E6D00570}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{686F6810-3EE6-4DE8-A966-3824652A6A7D}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{D51C58D9-3849-4C5A-9795-B768CC4945D6}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{923BE562-A799-42B5-B859-1024B80F9757}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{DCAFFC6C-52FC-44DB-A66A-E4EE531C54E3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7FCACBBA-EA9E-47CB-B482-ADB67EB134FD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{3819FFFA-43A3-439F-B66F-AB80BC4D2349}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{0A9C6167-2BE5-4A96-BBD4-BF86CADDF56F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{3FD434BD-90E7-4BA3-9A32-7077F9B7998A}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B2D1AE20-8130-4070-8F07-B8E8E8730099}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{8F1D89C3-6D2F-44DF-B791-C0E75D71E3ED}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{19F500C0-F9C9-47DF-A48A-D4DA51833C9D}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{52E05373-D082-4DB4-BFDD-0355CF15E95E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{8497445D-8DFE-4732-8EF6-37CE0A7E0BF8}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{619D59EA-6C80-4BD6-A3FE-53F8E6403314}C:\users\vera\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E6809B4C-FEDE-4376-96FE-702471B7EB86}C:\users\vera\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4CA4F3FF-9067-403F-9FEE-E26381E28312}] => (Block) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BA7D56D1-3498-486B-9BDC-C0F5001F9367}] => (Block) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8E85D61B-BB0C-4E82-99D6-A48EBAA6C8CE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A38B098D-A33F-4BAF-ACEF-8925AB5D5200}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{055B3FEA-BCEA-4955-9844-53BA93A95A2D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{CC21E86E-C529-4CB6-A783-87F73ECA058F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{BBA1B2B2-21ED-49CF-92FF-D2DC20359C66}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{3D210D07-9D27-40EE-87CF-9594869764E9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{98B7060E-8C5B-4082-94B7-2D45335D9F48}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B58A47C5-B9EC-4D04-9F3C-00F5F4041113}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{F0226214-72F3-4793-ABE0-C1B9A1A22CB5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{1BC83989-0069-45D9-84E0-90D91721646F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [TCP Query User{79AEF083-0C85-484F-B074-056CF8EC7A19}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [UDP Query User{72C0C118-6D78-4742-A974-60AA12810129}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{57302029-5538-4FEF-839D-F80C8F5C1862}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{D0377A42-2018-425E-ACAE-7A0C038BF4F2}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{87589F37-408D-495A-8089-1D8C094026E5}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{6C78C0A7-1F14-4797-88FA-B72C1EADCCCD}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{C48D38E2-2A41-44BA-BCA0-42946E775322}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{38635752-3029-44E9-AE0C-D3D55F32B7DC}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [TCP Query User{B602313F-5169-4A26-9BBD-561393F6689D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{96AF43C9-96C5-4B32-BA5C-FAA8B068688F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7A0847FC-FEA1-432B-8BFC-AB20ECFA7576}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E0DBB789-3A15-492D-8B85-625F50575877}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B44E32F2-9A7D-4DFD-877C-8698EA6D0E73}C:\users\vera\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\vera\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3CBBCD8E-1B68-4D78-AE4A-4AE88E72D45A}C:\users\vera\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\vera\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{56B9702D-145B-41E4-BF03-456E9FAD4C54}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{23E563C7-A7F1-4675-92CE-FB66EA5DF961}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{60F9E8D2-4D59-43C8-A01F-B7D637B7ECD5}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{DFF96C53-0C9E-4646-A57D-6D5875B826C4}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{AC297AC9-5F33-4519-B52B-C3A0617CFD8D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{9A51A890-1A62-4786-845D-A83FFE873F1F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [TCP Query User{274B6FDC-0868-49C4-819E-20BE2B0708EF}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8038CF78-DD98-4889-9861-B9D4CE174D05}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{0A2277FB-2C4F-4A94-A5C4-F2B69D9BCFFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04B24D0B-EDFA-4A01-B92F-D305A37FA9A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E3DDE46-5A35-4B99-9A5F-CD345E305107}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5C1221A3-1EA7-4ACE-A6E6-97E0DC251EF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C429BF7-C815-449D-9EB1-DA395C172958}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F0432ACB-D720-4AC6-8F92-A4D0FC9532FD}C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe] => (Allow) C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [UDP Query User{DC956E12-076B-4F89-BFD0-751BEB95625C}C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe] => (Allow) C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [{14703AC8-061F-40D1-8730-EBC5A3D2EB89}] => (Allow) C:\Users\Vera\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{ABECCAC8-12FA-4E97-903B-EC2368B534E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2477C121-1E85-4DED-8F8E-A593CAA5FF08}] => (Allow) LPort=2869
FirewallRules: [{324CB72E-D18D-4F12-8EB2-ECAC2413CDA0}] => (Allow) LPort=1900
FirewallRules: [{726E4AFF-EB8E-4CCB-9279-C3F070A1DBAC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{58141989-8739-4F57-AD9D-448C3086F8C1}C:\program files (x86)\ibm\spss\statistics\24\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [UDP Query User{AE00DB7C-F24A-42AE-9C42-3A66C3E8D1C7}C:\program files (x86)\ibm\spss\statistics\24\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{2BB771B0-48DA-4041-8A11-34FB0A6E8836}] => (Block) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{31BFAC32-D47D-49F9-BA77-1A5546C18EC2}] => (Block) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{04CF2B76-CB79-47FE-8185-C9711F8CD11F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
03-06-2016 16:49:35 Installed IBM SPSS Statistics 24.
12-06-2016 12:33:05 Geplanter Prüfpunkt
20-06-2016 18:58:44 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/22/2016 11:45:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VERAS-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/21/2016 05:41:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Name des fehlerhaften Moduls: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001af76
ID des fehlerhaften Prozesses: 0x116c
Startzeit der fehlerhaften Anwendung: 0xACDaemon.exe0
Pfad der fehlerhaften Anwendung: ACDaemon.exe1
Pfad des fehlerhaften Moduls: ACDaemon.exe2
Berichtskennung: ACDaemon.exe3
Vollständiger Name des fehlerhaften Pakets: ACDaemon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ACDaemon.exe5
Error: (06/21/2016 05:34:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Name des fehlerhaften Moduls: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001af76
ID des fehlerhaften Prozesses: 0x12a0
Startzeit der fehlerhaften Anwendung: 0xACDaemon.exe0
Pfad der fehlerhaften Anwendung: ACDaemon.exe1
Pfad des fehlerhaften Moduls: ACDaemon.exe2
Berichtskennung: ACDaemon.exe3
Vollständiger Name des fehlerhaften Pakets: ACDaemon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ACDaemon.exe5
Error: (06/21/2016 05:17:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1134
Startzeit: 01d1cbcf45084c4c
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 3929a031-37c3-11e6-8040-b888e359abb6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/21/2016 05:07:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 11.0.16.13, Zeitstempel: 0x571b4006
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003c60c
ID des fehlerhaften Prozesses: 0x2078
Startzeit der fehlerhaften Anwendung: 0xAcroRd32.exe0
Pfad der fehlerhaften Anwendung: AcroRd32.exe1
Pfad des fehlerhaften Moduls: AcroRd32.exe2
Berichtskennung: AcroRd32.exe3
Vollständiger Name des fehlerhaften Pakets: AcroRd32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcroRd32.exe5
Error: (06/21/2016 05:02:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 11.0.16.13, Zeitstempel: 0x571b4006
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003c600
ID des fehlerhaften Prozesses: 0xf74
Startzeit der fehlerhaften Anwendung: 0xAcroRd32.exe0
Pfad der fehlerhaften Anwendung: AcroRd32.exe1
Pfad des fehlerhaften Moduls: AcroRd32.exe2
Berichtskennung: AcroRd32.exe3
Vollständiger Name des fehlerhaften Pakets: AcroRd32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcroRd32.exe5
Error: (06/21/2016 04:47:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16ec
Startzeit: 01d1cbcb1430c5ea
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 081c61dd-37bf-11e6-8040-b888e359abb6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/21/2016 04:09:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hh.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450543c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00000000000ec180
ID des fehlerhaften Prozesses: 0x1f68
Startzeit der fehlerhaften Anwendung: 0xhh.exe0
Pfad der fehlerhaften Anwendung: hh.exe1
Pfad des fehlerhaften Moduls: hh.exe2
Berichtskennung: hh.exe3
Vollständiger Name des fehlerhaften Pakets: hh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hh.exe5
Error: (06/21/2016 01:55:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 12.0.6514.5001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 18e4
Startzeit: 01d1cbb30baf96a8
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
Berichts-ID: fd9e5d79-37a6-11e6-8040-b888e359abb6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/21/2016 10:52:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VERAS-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (06/21/2016 12:43:27 PM) (Source: DCOM) (EventID: 10010) (User: VERAS-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (06/21/2016 12:42:04 PM) (Source: DCOM) (EventID: 10010) (User: VERAS-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (06/15/2016 10:48:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Avira.ServiceHost erreicht.
Error: (06/10/2016 01:43:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/10/2016 12:36:35 PM) (Source: DCOM) (EventID: 10010) (User: VERAS-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
CodeIntegrity:
===================================
Date: 2015-06-18 22:12:10.901
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 21:59:20.509
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 21:59:20.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 21:59:20.416
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 12:24:13.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 09:35:03.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 08:52:48.344
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 08:35:19.403
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 08:27:42.372
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 08:11:18.359
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3909.28 MB
Verfügbarer physikalischer RAM: 2014.79 MB
Summe virtueller Speicher: 6341.28 MB
Verfügbarer virtueller Speicher: 3471.52 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:445.41 GB) (Free:67.11 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4FB6F86F)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
22.06.2016, 11:27
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Phishing-Zip-Anhang auf PC und Handy geöffnet Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
22.06.2016, 11:46
| #5 |
| | Phishing-Zip-Anhang auf PC und Handy geöffnet Teil1: Code:
ATTFilter 12:31:54.0109 0x1dbc TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
12:31:54.0109 0x1dbc UEFI system
12:32:24.0067 0x1dbc ============================================================
12:32:24.0067 0x1dbc Current date / time: 2016/06/22 12:32:24.0067
12:32:24.0067 0x1dbc SystemInfo:
12:32:24.0067 0x1dbc
12:32:24.0067 0x1dbc OS Version: 6.3.9600 ServicePack: 0.0
12:32:24.0067 0x1dbc Product type: Workstation
12:32:24.0067 0x1dbc ComputerName: VERAS-PC
12:32:24.0067 0x1dbc UserName: Vera
12:32:24.0067 0x1dbc Windows directory: C:\WINDOWS
12:32:24.0067 0x1dbc System windows directory: C:\WINDOWS
12:32:24.0067 0x1dbc Running under WOW64
12:32:24.0067 0x1dbc Processor architecture: Intel x64
12:32:24.0067 0x1dbc Number of processors: 4
12:32:24.0067 0x1dbc Page size: 0x1000
12:32:24.0067 0x1dbc Boot type: Normal boot
12:32:24.0067 0x1dbc ============================================================
12:32:24.0364 0x1dbc KLMD registered as C:\WINDOWS\system32\drivers\37249822.sys
12:32:24.0848 0x1dbc System UUID: {0C77AB4B-8A5B-2E14-3F8D-4DC699C7AA39}
12:32:25.0729 0x1dbc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:32:25.0729 0x1dbc ============================================================
12:32:25.0729 0x1dbc \Device\Harddisk0\DR0:
12:32:25.0729 0x1dbc GPT partitions:
12:32:25.0729 0x1dbc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {646C1E67-9640-45CC-9F6F-BC329161B87F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
12:32:25.0729 0x1dbc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {108190A6-72DA-4E52-A97F-66B8F0D11609}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
12:32:25.0729 0x1dbc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CED491D8-D288-49C3-85D0-0C823E2207A5}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
12:32:25.0729 0x1dbc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A019DB5F-CD1F-4BEE-A935-CD6185040928}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x37AD2000
12:32:25.0729 0x1dbc \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A9A6A84F-C7AD-4DC1-AB1A-D71AD29F8AB1}, Name: , StartLBA 0x37C70800, BlocksNum 0xE1000
12:32:25.0729 0x1dbc \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {07B020AC-BF9E-42DC-84C7-8AA1250EFDD0}, Name: , StartLBA 0x37D51800, BlocksNum 0xAF000
12:32:25.0729 0x1dbc \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {30F6A9DC-8AC2-4EDC-9766-219F5486A341}, Name: Basic data partition, StartLBA 0x37E00800, BlocksNum 0x2585800
12:32:25.0729 0x1dbc MBR partitions:
12:32:25.0729 0x1dbc ============================================================
12:32:25.0744 0x1dbc C: <-> \Device\Harddisk0\DR0\Partition4
12:32:25.0744 0x1dbc ============================================================
12:32:25.0744 0x1dbc Initialize success
12:32:25.0744 0x1dbc ============================================================
12:33:16.0096 0x1c60 ============================================================
12:33:16.0096 0x1c60 Scan started
12:33:16.0096 0x1c60 Mode: Manual; SigCheck; TDLFS;
12:33:16.0096 0x1c60 ============================================================
12:33:16.0096 0x1c60 KSN ping started
12:33:27.0481 0x1c60 KSN ping finished: true
12:33:30.0028 0x1c60 ================ Scan system memory ========================
12:33:30.0028 0x1c60 System memory - ok
12:33:30.0028 0x1c60 ================ Scan services =============================
12:33:30.0215 0x1c60 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:33:30.0278 0x1c60 1394ohci - ok
12:33:30.0293 0x1c60 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:33:30.0309 0x1c60 3ware - ok
12:33:30.0419 0x1c60 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:33:30.0434 0x1c60 ACDaemon - ok
12:33:30.0481 0x1c60 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:33:30.0512 0x1c60 ACPI - ok
12:33:30.0559 0x1c60 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:33:30.0575 0x1c60 acpiex - ok
12:33:30.0575 0x1c60 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:33:30.0590 0x1c60 acpipagr - ok
12:33:30.0622 0x1c60 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:33:30.0653 0x1c60 AcpiPmi - ok
12:33:30.0653 0x1c60 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:33:30.0669 0x1c60 acpitime - ok
12:33:30.0716 0x1c60 [ F28ADE410436B42A3FCB53C38CEFEFC8, 15FAF5CFC498FA08FF086C2AE50CBD0414D325F92FB1DA44F521CA0F1078B2C3 ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
12:33:30.0731 0x1c60 acsock - ok
12:33:30.0809 0x1c60 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:33:30.0825 0x1c60 AdobeARMservice - ok
12:33:30.0872 0x1c60 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:33:30.0919 0x1c60 ADP80XX - ok
12:33:30.0981 0x1c60 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
12:33:30.0997 0x1c60 AeLookupSvc - ok
12:33:31.0137 0x1c60 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\WINDOWS\syswow64\drivers\Afc.sys
12:33:31.0153 0x1c60 Afc - ok
12:33:31.0200 0x1c60 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:33:31.0247 0x1c60 AFD - ok
12:33:31.0278 0x1c60 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
12:33:31.0278 0x1c60 agp440 - ok
12:33:31.0325 0x1c60 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:33:31.0356 0x1c60 ahcache - ok
12:33:31.0387 0x1c60 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
12:33:31.0403 0x1c60 ALG - ok
12:33:31.0434 0x1c60 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:33:31.0497 0x1c60 AmdK8 - ok
12:33:31.0512 0x1c60 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:33:31.0544 0x1c60 AmdPPM - ok
12:33:31.0559 0x1c60 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:33:31.0575 0x1c60 amdsata - ok
12:33:31.0606 0x1c60 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:33:31.0622 0x1c60 amdsbs - ok
12:33:31.0637 0x1c60 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:33:31.0653 0x1c60 amdxata - ok
12:33:31.0747 0x1c60 [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
12:33:31.0794 0x1c60 AntiVirMailService - ok
12:33:31.0841 0x1c60 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
12:33:31.0872 0x1c60 AntiVirSchedulerService - ok
12:33:31.0919 0x1c60 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
12:33:31.0934 0x1c60 AntiVirService - ok
12:33:31.0981 0x1c60 [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
12:33:32.0044 0x1c60 AntiVirWebService - ok
12:33:32.0075 0x1c60 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:33:32.0106 0x1c60 AppID - ok
12:33:32.0138 0x1c60 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:33:32.0169 0x1c60 AppIDSvc - ok
12:33:32.0216 0x1c60 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:33:32.0231 0x1c60 Appinfo - ok
12:33:32.0310 0x1c60 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:33:32.0325 0x1c60 Apple Mobile Device Service - ok
12:33:32.0372 0x1c60 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
12:33:32.0419 0x1c60 AppReadiness - ok
12:33:32.0481 0x1c60 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
12:33:32.0575 0x1c60 AppXSvc - ok
12:33:32.0622 0x1c60 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:33:32.0638 0x1c60 arcsas - ok
12:33:32.0638 0x1c60 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:33:32.0685 0x1c60 AsyncMac - ok
12:33:32.0700 0x1c60 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:33:32.0716 0x1c60 atapi - ok
12:33:32.0731 0x1c60 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:33:32.0794 0x1c60 AudioEndpointBuilder - ok
12:33:32.0825 0x1c60 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:33:32.0888 0x1c60 Audiosrv - ok
12:33:32.0919 0x1c60 [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
12:33:32.0935 0x1c60 avgntflt - ok
12:33:32.0966 0x1c60 [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
12:33:32.0981 0x1c60 avipbb - ok
12:33:33.0060 0x1c60 [ 6458B31DE5443B766DEEFFDF09CAC656, 73449444C38E8D78DE441C3A391B85E181D064FD3B595C3C27CD0DB13CA64645 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:33:33.0075 0x1c60 Avira.ServiceHost - ok
12:33:33.0122 0x1c60 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
12:33:33.0138 0x1c60 avkmgr - ok
12:33:33.0153 0x1c60 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
12:33:33.0169 0x1c60 avnetflt - ok
12:33:33.0200 0x1c60 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:33:33.0247 0x1c60 AxInstSV - ok
12:33:33.0294 0x1c60 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:33:33.0341 0x1c60 b06bdrv - ok
12:33:33.0372 0x1c60 [ 458AF8D6C7B837B3169750254E531095, 0CA3DB39C706A06D90B95D7377A0FEBEFBBBFAD69F7F5087F7DF128C69D674D9 ] b57xdbd C:\WINDOWS\System32\drivers\b57xdbd.sys
12:33:33.0388 0x1c60 b57xdbd - ok
12:33:33.0419 0x1c60 [ B97D9ADFEB4F0AADD3DAC9F8D427AA7A, 1F52B09264715192ED73A2871254675425C211BDBFF3575F96A85DE0411B5D7A ] b57xdmp C:\WINDOWS\System32\drivers\b57xdmp.sys
12:33:33.0435 0x1c60 b57xdmp - ok
12:33:33.0466 0x1c60 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:33:33.0499 0x1c60 BasicDisplay - ok
12:33:33.0505 0x1c60 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:33:33.0528 0x1c60 BasicRender - ok
12:33:33.0794 0x1c60 [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
12:33:34.0107 0x1c60 BCM43XX - ok
12:33:34.0154 0x1c60 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
12:33:34.0154 0x1c60 bcmfn2 - ok
12:33:34.0201 0x1c60 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:33:34.0247 0x1c60 BDESVC - ok
12:33:34.0294 0x1c60 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:33:34.0341 0x1c60 Beep - ok
12:33:34.0435 0x1c60 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
12:33:34.0513 0x1c60 BFE - ok
12:33:34.0607 0x1c60 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
12:33:34.0685 0x1c60 BITS - ok
12:33:34.0716 0x1c60 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:33:34.0747 0x1c60 Bonjour Service - ok
12:33:34.0763 0x1c60 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:33:34.0794 0x1c60 bowser - ok
12:33:34.0841 0x1c60 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:33:34.0873 0x1c60 BrokerInfrastructure - ok
12:33:34.0919 0x1c60 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
12:33:34.0935 0x1c60 Browser - ok
12:33:34.0982 0x1c60 [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa C:\WINDOWS\System32\drivers\bScsiMSa.sys
12:33:34.0982 0x1c60 bScsiMSa - ok
12:33:35.0029 0x1c60 [ 8168FE3CA8C6C3F18137FF422F3C37DE, 5C0906D50D3585A2850316072FFC8726A70BCFBE7AFB17EE69A70A736125AD7A ] bScsiSDa C:\WINDOWS\System32\drivers\bScsiSDa.sys
12:33:35.0029 0x1c60 bScsiSDa - ok
12:33:35.0076 0x1c60 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:33:35.0107 0x1c60 BthAvrcpTg - ok
12:33:35.0154 0x1c60 [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:33:35.0185 0x1c60 BthHFEnum - ok
12:33:35.0201 0x1c60 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:33:35.0232 0x1c60 bthhfhid - ok
12:33:35.0279 0x1c60 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
12:33:35.0294 0x1c60 BthHFSrv - ok
12:33:35.0310 0x1c60 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:33:35.0341 0x1c60 BTHMODEM - ok
12:33:35.0373 0x1c60 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
12:33:35.0404 0x1c60 bthserv - ok
12:33:35.0513 0x1c60 [ F9709CC185D19D73F036CF2E47B6DEA5, 9A811FF234EC256A3A9ACDE7CFA23D9797321010E70CA3C2824AB8BBF07B80C0 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
12:33:35.0591 0x1c60 CCDMonitorService - ok
12:33:35.0623 0x1c60 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:33:35.0669 0x1c60 cdfs - ok
12:33:35.0685 0x1c60 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:33:35.0716 0x1c60 cdrom - ok
12:33:35.0748 0x1c60 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:33:35.0779 0x1c60 CertPropSvc - ok
12:33:35.0826 0x1c60 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:33:35.0841 0x1c60 circlass - ok
12:33:35.0873 0x1c60 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:33:35.0888 0x1c60 CLFS - ok
12:33:35.0935 0x1c60 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:33:35.0982 0x1c60 CmBatt - ok
12:33:36.0029 0x1c60 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:33:36.0060 0x1c60 CNG - ok
12:33:36.0076 0x1c60 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
12:33:36.0091 0x1c60 CompositeBus - ok
12:33:36.0107 0x1c60 COMSysApp - ok
12:33:36.0107 0x1c60 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:33:36.0154 0x1c60 condrv - ok
12:33:36.0263 0x1c60 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:33:36.0279 0x1c60 cphs - ok
12:33:36.0310 0x1c60 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:33:36.0357 0x1c60 CryptSvc - ok
12:33:36.0357 0x1c60 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
12:33:36.0373 0x1c60 dam - ok
12:33:36.0451 0x1c60 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:33:36.0498 0x1c60 DcomLaunch - ok
12:33:36.0544 0x1c60 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:33:36.0607 0x1c60 defragsvc - ok
12:33:36.0654 0x1c60 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:33:36.0685 0x1c60 DeviceAssociationService - ok
12:33:36.0763 0x1c60 [ 6EC5098678F3E8724A9F3E151031FEDE, 50D8BF9AC08497FA45C097186BD5C0E85C265DDC40A48491E78249BB7243649D ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
12:33:36.0779 0x1c60 DeviceFastLaneService - ok
12:33:36.0826 0x1c60 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:33:36.0841 0x1c60 DeviceInstall - ok
12:33:36.0873 0x1c60 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:33:36.0904 0x1c60 Dfsc - ok
12:33:36.0935 0x1c60 [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:33:36.0935 0x1c60 dg_ssudbus - ok
12:33:36.0998 0x1c60 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:33:37.0093 0x1c60 Dhcp - ok
12:33:37.0155 0x1c60 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
12:33:37.0155 0x1c60 disk - ok
12:33:37.0202 0x1c60 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:33:37.0233 0x1c60 dmvsc - ok
12:33:37.0280 0x1c60 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:33:37.0312 0x1c60 Dnscache - ok
12:33:37.0374 0x1c60 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:33:37.0405 0x1c60 dot3svc - ok
12:33:37.0452 0x1c60 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
12:33:37.0468 0x1c60 dot4 - ok
12:33:37.0483 0x1c60 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
12:33:37.0483 0x1c60 Dot4Print - ok
12:33:37.0499 0x1c60 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
12:33:37.0515 0x1c60 dot4usb - ok
12:33:37.0561 0x1c60 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
12:33:37.0577 0x1c60 DPS - ok
12:33:37.0608 0x1c60 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:33:37.0624 0x1c60 drmkaud - ok
12:33:37.0686 0x1c60 [ 7C685CB0AC7D4E998D213C8B84FA609F, C4D8D178987FA68BC2A8864CB84AAD47031B5956DECD74929C4ED36AE1F41470 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:33:37.0702 0x1c60 DsiWMIService - ok
12:33:37.0749 0x1c60 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:33:37.0780 0x1c60 DsmSvc - ok
12:33:37.0858 0x1c60 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:33:37.0921 0x1c60 DXGKrnl - ok
12:33:37.0968 0x1c60 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:33:37.0999 0x1c60 Eaphost - ok
12:33:38.0124 0x1c60 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:33:38.0265 0x1c60 ebdrv - ok
12:33:38.0312 0x1c60 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
12:33:38.0327 0x1c60 EFS - ok
12:33:38.0374 0x1c60 [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
12:33:38.0374 0x1c60 EgisTec Ticket Service - ok
12:33:38.0421 0x1c60 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:33:38.0437 0x1c60 EhStorClass - ok
12:33:38.0468 0x1c60 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:33:38.0484 0x1c60 EhStorTcgDrv - ok
12:33:38.0562 0x1c60 [ C9455140176A5D1F05FDA44E5F319856, 2FE7ED1C70BFF238F7EB5CFF76552F272A4C95449A8D5C264E340C46281C1F75 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
12:33:38.0593 0x1c60 ePowerSvc - ok
12:33:38.0609 0x1c60 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:33:38.0640 0x1c60 ErrDev - ok
12:33:38.0687 0x1c60 [ 4E8D5177B439872F7AE6DAB7B6859B6B, B0A3C3F0F92ADD3DE57838B213F23984FDFC6DD5B62C317DA519805EC4135E71 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
12:33:38.0702 0x1c60 ETD - ok
12:33:38.0765 0x1c60 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
12:33:38.0828 0x1c60 EventSystem - ok
12:33:38.0859 0x1c60 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:33:38.0921 0x1c60 exfat - ok
12:33:38.0968 0x1c60 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:33:38.0984 0x1c60 fastfat - ok
12:33:39.0031 0x1c60 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
12:33:39.0093 0x1c60 Fax - ok
12:33:39.0109 0x1c60 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:33:39.0140 0x1c60 fdc - ok
12:33:39.0171 0x1c60 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:33:39.0187 0x1c60 fdPHost - ok
12:33:39.0218 0x1c60 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:33:39.0234 0x1c60 FDResPub - ok
12:33:39.0281 0x1c60 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:33:39.0328 0x1c60 fhsvc - ok
12:33:39.0359 0x1c60 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:33:39.0374 0x1c60 FileInfo - ok
12:33:39.0406 0x1c60 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:33:39.0421 0x1c60 Filetrace - ok
12:33:39.0468 0x1c60 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:33:39.0499 0x1c60 FLEXnet Licensing Service - ok
12:33:39.0515 0x1c60 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:33:39.0531 0x1c60 flpydisk - ok
12:33:39.0578 0x1c60 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:33:39.0609 0x1c60 FltMgr - ok
12:33:39.0687 0x1c60 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
12:33:39.0765 0x1c60 FontCache - ok
12:33:39.0859 0x1c60 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:33:39.0874 0x1c60 FontCache3.0.0.0 - ok
12:33:39.0906 0x1c60 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:33:39.0921 0x1c60 FsDepends - ok
12:33:39.0937 0x1c60 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:33:39.0937 0x1c60 Fs_Rec - ok
12:33:39.0999 0x1c60 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:33:40.0031 0x1c60 fvevol - ok
12:33:40.0062 0x1c60 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
12:33:40.0093 0x1c60 FxPPM - ok
12:33:40.0109 0x1c60 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
12:33:40.0124 0x1c60 gagp30kx - ok
12:33:40.0140 0x1c60 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:33:40.0156 0x1c60 GEARAspiWDM - ok
12:33:40.0187 0x1c60 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:33:40.0203 0x1c60 gencounter - ok
12:33:40.0218 0x1c60 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:33:40.0234 0x1c60 GPIOClx0101 - ok
12:33:40.0312 0x1c60 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:33:40.0406 0x1c60 gpsvc - ok
12:33:40.0468 0x1c60 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:33:40.0484 0x1c60 gupdate - ok
12:33:40.0499 0x1c60 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:33:40.0499 0x1c60 gupdatem - ok
12:33:40.0546 0x1c60 [ 83BC656EE0821F9E5ED7AE1AE3DEDE0E, 788583DB61677856415588E3D1A2429C6C5DC360DC2CE6185DD73E774DF77C35 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
12:33:40.0546 0x1c60 Hamachi - ok
12:33:40.0640 0x1c60 [ E24E88736B13BC54CA93E7F86A0F4FCF, 0BD480373AE40C1155E4B4C1D5607C7DF9CD4C5D9C5034F7A35993180BDF2665 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:33:40.0703 0x1c60 Hamachi2Svc - ok
12:33:40.0734 0x1c60 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:33:40.0765 0x1c60 HDAudBus - ok
12:33:40.0781 0x1c60 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:33:40.0796 0x1c60 HidBatt - ok
12:33:40.0828 0x1c60 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:33:40.0859 0x1c60 HidBth - ok
12:33:40.0890 0x1c60 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:33:40.0921 0x1c60 hidi2c - ok
12:33:40.0953 0x1c60 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:33:40.0968 0x1c60 HidIr - ok
12:33:40.0999 0x1c60 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
12:33:41.0031 0x1c60 hidserv - ok
12:33:41.0062 0x1c60 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:33:41.0093 0x1c60 HidUsb - ok
12:33:41.0125 0x1c60 [ A894FB2CAE6A29F5D9C8EDA47B074623, F39014379B6F546CF3D3F56A343A7173B600A350715638040AE93E03EAB81CAC ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
12:33:41.0140 0x1c60 HipShieldK - ok
12:33:41.0187 0x1c60 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
12:33:41.0218 0x1c60 hkmsvc - ok
12:33:41.0265 0x1c60 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:33:41.0297 0x1c60 HomeGroupListener - ok
12:33:41.0343 0x1c60 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:33:41.0390 0x1c60 HomeGroupProvider - ok
12:33:41.0437 0x1c60 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:33:41.0453 0x1c60 HpSAMD - ok
12:33:41.0500 0x1c60 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:33:41.0562 0x1c60 HTTP - ok
12:33:41.0609 0x1c60 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:33:41.0625 0x1c60 hwpolicy - ok
12:33:41.0640 0x1c60 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:33:41.0656 0x1c60 hyperkbd - ok
12:33:41.0672 0x1c60 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:33:41.0672 0x1c60 HyperVideo - ok
12:33:41.0718 0x1c60 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:33:41.0750 0x1c60 i8042prt - ok
12:33:41.0765 0x1c60 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:33:41.0765 0x1c60 iaLPSSi_GPIO - ok
12:33:41.0781 0x1c60 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:33:41.0797 0x1c60 iaLPSSi_I2C - ok
12:33:41.0859 0x1c60 [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
12:33:41.0875 0x1c60 iaStorA - ok
12:33:41.0906 0x1c60 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
12:33:41.0968 0x1c60 iaStorAV - ok
12:33:42.0000 0x1c60 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:33:42.0015 0x1c60 iaStorV - ok
12:33:42.0031 0x1c60 IEEtwCollectorService - ok
12:33:42.0204 0x1c60 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:33:42.0392 0x1c60 igfx - ok
12:33:42.0470 0x1c60 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:33:42.0532 0x1c60 IKEEXT - ok
12:33:42.0548 0x1c60 [ 9321A61A25C7961D9F36852ECAA86F55, F8965FDCE668692C3785AFA3559159F9A18287BC0D53ABB21902895A8ECF221B ] inpoutx64 C:\WINDOWS\system32\drivers\inpoutx64.sys
12:33:42.0548 0x1c60 inpoutx64 - ok
12:33:42.0720 0x1c60 [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:33:42.0860 0x1c60 IntcAzAudAddService - ok
12:33:42.0907 0x1c60 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:33:42.0938 0x1c60 IntcDAud - ok
12:33:42.0985 0x1c60 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:33:43.0017 0x1c60 Intel(R) Capability Licensing Service Interface - ok
12:33:43.0032 0x1c60 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:33:43.0032 0x1c60 intelide - ok
12:33:43.0064 0x1c60 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
12:33:43.0079 0x1c60 intelpep - ok
12:33:43.0095 0x1c60 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:33:43.0095 0x1c60 intelppm - ok
12:33:43.0110 0x1c60 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:33:43.0142 0x1c60 IpFilterDriver - ok
12:33:43.0204 0x1c60 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:33:43.0251 0x1c60 iphlpsvc - ok
12:33:43.0267 0x1c60 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:33:43.0298 0x1c60 IPMIDRV - ok
12:33:43.0329 0x1c60 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:33:43.0345 0x1c60 IPNAT - ok
12:33:43.0392 0x1c60 [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:33:43.0407 0x1c60 iPod Service - ok
12:33:43.0454 0x1c60 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:33:43.0485 0x1c60 IRENUM - ok
12:33:43.0517 0x1c60 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:33:43.0532 0x1c60 isapnp - ok
12:33:43.0579 0x1c60 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:33:43.0595 0x1c60 iScsiPrt - ok
12:33:43.0673 0x1c60 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:33:43.0673 0x1c60 jhi_service - ok
12:33:43.0735 0x1c60 [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
12:33:43.0751 0x1c60 k57nd60a - ok
12:33:43.0798 0x1c60 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:33:43.0814 0x1c60 kbdclass - ok
12:33:43.0845 0x1c60 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:33:43.0845 0x1c60 kbdhid - ok
12:33:43.0892 0x1c60 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:33:43.0907 0x1c60 kdnic - ok
12:33:43.0907 0x1c60 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
12:33:43.0923 0x1c60 KeyIso - ok
12:33:43.0970 0x1c60 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:33:43.0985 0x1c60 KSecDD - ok
12:33:44.0032 0x1c60 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:33:44.0048 0x1c60 KSecPkg - ok
12:33:44.0079 0x1c60 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:33:44.0079 0x1c60 ksthunk - ok
12:33:44.0111 0x1c60 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:33:44.0142 0x1c60 KtmRm - ok
12:33:44.0189 0x1c60 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:33:44.0220 0x1c60 LanmanServer - ok
12:33:44.0283 0x1c60 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:33:44.0298 0x1c60 LanmanWorkstation - ok
12:33:44.0329 0x1c60 [ CB832B008ABB822FD5ECDF03BA46C66E, 9512D5F5FDE1B05B0F2487FFE0E32C9091FD3D829AB8518FCAD660BD03779BB0 ] LcUvcUpper C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys
12:33:44.0345 0x1c60 LcUvcUpper - ok
12:33:44.0392 0x1c60 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
12:33:44.0454 0x1c60 lfsvc - ok
12:33:44.0470 0x1c60 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:33:44.0486 0x1c60 lltdio - ok
12:33:44.0533 0x1c60 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:33:44.0564 0x1c60 lltdsvc - ok
12:33:44.0611 0x1c60 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:33:44.0642 0x1c60 lmhosts - ok
12:33:44.0689 0x1c60 [ 02468469C450CD16FB66A56FAB70138B, 9C3788B3DB2DBF9DE192447EADB6F1A17B69FC4813284B86E589784A53154FAA ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:33:44.0704 0x1c60 LMIGuardianSvc - ok
12:33:44.0736 0x1c60 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:33:44.0751 0x1c60 LMS - ok
12:33:44.0798 0x1c60 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:33:44.0814 0x1c60 LSI_SAS - ok
12:33:44.0829 0x1c60 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:33:44.0845 0x1c60 LSI_SAS2 - ok
12:33:44.0861 0x1c60 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:33:44.0876 0x1c60 LSI_SAS3 - ok
12:33:44.0892 0x1c60 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:33:44.0908 0x1c60 LSI_SSS - ok
12:33:44.0954 0x1c60 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
12:33:45.0048 0x1c60 LSM - ok
12:33:45.0095 0x1c60 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:33:45.0111 0x1c60 luafv - ok
12:33:45.0126 0x1c60 [ 035C83CD72E06C47000793D32B1A642D, 38B498D912EB3D0E3EE1266BD559234A5CF463AF81E92D6CBEE83ABECBF5DB74 ] massfilter C:\WINDOWS\System32\drivers\massfilter.sys
12:33:45.0173 0x1c60 massfilter - ok
12:33:45.0204 0x1c60 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:33:45.0220 0x1c60 megasas - ok
12:33:45.0251 0x1c60 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
12:33:45.0283 0x1c60 megasr - ok
12:33:45.0314 0x1c60 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
12:33:45.0329 0x1c60 MEIx64 - ok
12:33:45.0361 0x1c60 [ 450B77CAC7384A9C1BAF476AC302CD4C, 796218B2EE59C1B8DEE1D5A9231CD0627775C79051596B88CFE029927820B798 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys
12:33:45.0376 0x1c60 mferkdet - ok
12:33:45.0408 0x1c60 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
12:33:45.0439 0x1c60 MMCSS - ok
12:33:45.0454 0x1c60 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:33:45.0486 0x1c60 Modem - ok
12:33:45.0517 0x1c60 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:33:45.0564 0x1c60 monitor - ok
12:33:45.0595 0x1c60 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:33:45.0611 0x1c60 mouclass - ok
12:33:45.0642 0x1c60 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:33:45.0673 0x1c60 mouhid - ok
12:33:45.0720 0x1c60 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:33:45.0736 0x1c60 mountmgr - ok
12:33:45.0767 0x1c60 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:33:45.0798 0x1c60 mpsdrv - ok
12:33:45.0861 0x1c60 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:33:45.0923 0x1c60 MpsSvc - ok
12:33:46.0001 0x1c60 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:33:46.0033 0x1c60 MRxDAV - ok
12:33:46.0064 0x1c60 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:33:46.0111 0x1c60 mrxsmb - ok
12:33:46.0173 0x1c60 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:33:46.0205 0x1c60 mrxsmb10 - ok
12:33:46.0236 0x1c60 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:33:46.0267 0x1c60 mrxsmb20 - ok
12:33:46.0299 0x1c60 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
12:33:46.0330 0x1c60 MsBridge - ok
12:33:46.0377 0x1c60 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:33:46.0392 0x1c60 MSDTC - ok
12:33:46.0439 0x1c60 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:33:46.0455 0x1c60 Msfs - ok
12:33:46.0502 0x1c60 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:33:46.0517 0x1c60 msgpiowin32 - ok
12:33:46.0533 0x1c60 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:33:46.0549 0x1c60 mshidkmdf - ok
12:33:46.0564 0x1c60 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:33:46.0564 0x1c60 mshidumdf - ok
12:33:46.0596 0x1c60 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:33:46.0596 0x1c60 msisadrv - ok
12:33:46.0642 0x1c60 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:33:46.0658 0x1c60 MSiSCSI - ok
12:33:46.0674 0x1c60 msiserver - ok
12:33:46.0705 0x1c60 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:33:46.0721 0x1c60 MSKSSRV - ok
12:33:46.0752 0x1c60 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:33:46.0783 0x1c60 MsLldp - ok
12:33:46.0799 0x1c60 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:33:46.0814 0x1c60 MSPCLOCK - ok
12:33:46.0830 0x1c60 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:33:46.0861 0x1c60 MSPQM - ok
12:33:46.0908 0x1c60 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:33:46.0924 0x1c60 MsRPC - ok
12:33:46.0939 0x1c60 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:33:46.0955 0x1c60 mssmbios - ok
12:33:46.0971 0x1c60 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:33:47.0002 0x1c60 MSTEE - ok
12:33:47.0002 0x1c60 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:33:47.0033 0x1c60 MTConfig - ok
12:33:47.0049 0x1c60 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:33:47.0064 0x1c60 Mup - ok
12:33:47.0080 0x1c60 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:33:47.0096 0x1c60 mvumis - ok
12:33:47.0111 0x1c60 [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys
12:33:47.0127 0x1c60 mwlPSDFilter - ok
12:33:47.0158 0x1c60 [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys
12:33:47.0174 0x1c60 mwlPSDNServ - ok
12:33:47.0189 0x1c60 [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys
12:33:47.0189 0x1c60 mwlPSDVDisk - ok
12:33:47.0236 0x1c60 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
12:33:47.0267 0x1c60 napagent - ok
12:33:47.0330 0x1c60 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:33:47.0361 0x1c60 NativeWifiP - ok
12:33:47.0408 0x1c60 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:33:47.0424 0x1c60 NcaSvc - ok
12:33:47.0486 0x1c60 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
12:33:47.0502 0x1c60 NcbService - ok
12:33:47.0533 0x1c60 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:33:47.0549 0x1c60 NcdAutoSetup - ok
12:33:47.0627 0x1c60 [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:33:47.0705 0x1c60 NDIS - ok
12:33:47.0752 0x1c60 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:33:47.0752 0x1c60 NdisCap - ok
12:33:47.0799 0x1c60 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:33:47.0814 0x1c60 NdisImPlatform - ok
12:33:47.0861 0x1c60 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:33:47.0892 0x1c60 NdisTapi - ok
12:33:47.0924 0x1c60 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:33:47.0939 0x1c60 Ndisuio - ok
12:33:47.0955 0x1c60 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:33:47.0971 0x1c60 NdisVirtualBus - ok
12:33:47.0986 0x1c60 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:33:48.0017 0x1c60 NdisWan - ok
12:33:48.0033 0x1c60 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:33:48.0049 0x1c60 NdisWanLegacy - ok
12:33:48.0096 0x1c60 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:33:48.0111 0x1c60 NDProxy - ok
12:33:48.0143 0x1c60 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:33:48.0158 0x1c60 Ndu - ok
12:33:48.0189 0x1c60 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:33:48.0221 0x1c60 NetBIOS - ok
12:33:48.0252 0x1c60 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:33:48.0283 0x1c60 NetBT - ok
12:33:48.0299 0x1c60 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
12:33:48.0314 0x1c60 Netlogon - ok
12:33:48.0346 0x1c60 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
12:33:48.0377 0x1c60 Netman - ok
12:33:48.0424 0x1c60 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:33:48.0471 0x1c60 netprofm - ok
12:33:48.0518 0x1c60 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:33:48.0564 0x1c60 NetTcpPortSharing - ok
12:33:48.0611 0x1c60 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
12:33:48.0627 0x1c60 netvsc - ok
12:33:48.0674 0x1c60 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:33:48.0705 0x1c60 NlaSvc - ok
12:33:48.0752 0x1c60 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:33:48.0783 0x1c60 Npfs - ok
12:33:48.0814 0x1c60 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:33:48.0830 0x1c60 npsvctrig - ok
12:33:48.0877 0x1c60 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:33:48.0908 0x1c60 nsi - ok
12:33:48.0955 0x1c60 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:33:48.0971 0x1c60 nsiproxy - ok
12:33:49.0064 0x1c60 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:33:49.0174 0x1c60 Ntfs - ok
12:33:49.0236 0x1c60 [ FF472A7055E765498AE52564B1503C3F, 89A6E603238F854AA20F9E8EA4A4D4E281B95ED941A087B7E48FE961D1052CBA ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
12:33:49.0252 0x1c60 NTI IScheduleSvc - ok
12:33:49.0268 0x1c60 [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:33:49.0283 0x1c60 NTIDrvr - ok
12:33:49.0299 0x1c60 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
12:33:49.0330 0x1c60 Null - ok
12:33:49.0689 0x1c60 [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
12:33:50.0112 0x1c60 nvlddmkm - ok
12:33:50.0143 0x1c60 [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
12:33:50.0158 0x1c60 nvpciflt - ok
12:33:50.0190 0x1c60 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:33:50.0205 0x1c60 nvraid - ok
12:33:50.0221 0x1c60 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:33:50.0237 0x1c60 nvstor - ok
12:33:50.0299 0x1c60 [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
12:33:50.0330 0x1c60 nvsvc - ok
12:33:50.0424 0x1c60 [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:33:50.0502 0x1c60 nvUpdatusService - ok
12:33:50.0534 0x1c60 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
12:33:50.0549 0x1c60 nv_agp - ok
12:33:50.0627 0x1c60 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:33:50.0643 0x1c60 odserv - ok
12:33:50.0674 0x1c60 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:33:50.0690 0x1c60 ose - ok
12:33:50.0737 0x1c60 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:33:50.0768 0x1c60 p2pimsvc - ok
12:33:50.0815 0x1c60 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:33:50.0862 0x1c60 p2psvc - ok
12:33:50.0909 0x1c60 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:33:50.0924 0x1c60 Parport - ok
12:33:50.0955 0x1c60 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:33:50.0971 0x1c60 partmgr - ok
12:33:51.0018 0x1c60 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:33:51.0065 0x1c60 PcaSvc - ok
12:33:51.0096 0x1c60 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
12:33:51.0112 0x1c60 pci - ok
12:33:51.0127 0x1c60 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:33:51.0143 0x1c60 pciide - ok
12:33:51.0159 0x1c60 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:33:51.0174 0x1c60 pcmcia - ok
12:33:51.0190 0x1c60 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:33:51.0190 0x1c60 pcw - ok
12:33:51.0221 0x1c60 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:33:51.0237 0x1c60 pdc - ok
12:33:51.0284 0x1c60 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:33:51.0362 0x1c60 PEAUTH - ok
12:33:51.0471 0x1c60 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:33:51.0487 0x1c60 PerfHost - ok
12:33:51.0580 0x1c60 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
12:33:51.0659 0x1c60 pla - ok
12:33:51.0705 0x1c60 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:33:51.0721 0x1c60 PlugPlay - ok
12:33:51.0752 0x1c60 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:33:51.0768 0x1c60 PNRPAutoReg - ok
12:33:51.0799 0x1c60 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:33:51.0815 0x1c60 PNRPsvc - ok
12:33:51.0862 0x1c60 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:33:51.0909 0x1c60 PolicyAgent - ok
12:33:51.0940 0x1c60 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
12:33:51.0955 0x1c60 Power - ok
12:33:52.0002 0x1c60 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:33:52.0034 0x1c60 PptpMiniport - ok
12:33:52.0190 0x1c60 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:33:52.0346 0x1c60 PrintNotify - ok
12:33:52.0393 0x1c60 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:33:52.0409 0x1c60 Processor - ok
12:33:52.0456 0x1c60 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:33:52.0487 0x1c60 ProfSvc - ok
12:33:52.0503 0x1c60 [ 60C5C840B019B301650296F2334BDE8D, D03675809F9468140319F7D7D658290A4A23A9C0A7076A3035F81F200196669E ] PRTDRV C:\WINDOWS\system32\Drivers\PRTDRV.sys
12:33:52.0518 0x1c60 PRTDRV - ok
12:33:52.0556 0x1c60 [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
12:33:52.0563 0x1c60 Ps2Kb2Hid - ok
12:33:52.0597 0x1c60 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
12:33:52.0612 0x1c60 Psched - ok
12:33:52.0659 0x1c60 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:33:52.0706 0x1c60 QWAVE - ok
12:33:52.0784 0x1c60 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:33:52.0862 0x1c60 QWAVEdrv - ok
12:33:52.0925 0x1c60 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:33:52.0925 0x1c60 RasAcd - ok
12:33:52.0956 0x1c60 [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
12:33:52.0987 0x1c60 RasAgileVpn - ok
12:33:53.0034 0x1c60 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:33:53.0050 0x1c60 RasAuto - ok
12:33:53.0097 0x1c60 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:33:53.0112 0x1c60 Rasl2tp - ok
12:33:53.0159 0x1c60 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:33:53.0191 0x1c60 RasMan - ok
12:33:53.0222 0x1c60 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:33:53.0237 0x1c60 RasPppoe - ok
12:33:53.0269 0x1c60 [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
12:33:53.0284 0x1c60 RasSstp - ok
12:33:53.0331 0x1c60 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:33:53.0363 0x1c60 rdbss - ok
12:33:53.0394 0x1c60 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:33:53.0425 0x1c60 rdpbus - ok
12:33:53.0441 0x1c60 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:33:53.0472 0x1c60 RDPDR - ok
12:33:53.0503 0x1c60 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:33:53.0519 0x1c60 RdpVideoMiniport - ok
12:33:53.0534 0x1c60 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:33:53.0550 0x1c60 rdyboost - ok
12:33:53.0628 0x1c60 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
12:33:53.0691 0x1c60 ReFS - ok
12:33:53.0737 0x1c60 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:33:53.0753 0x1c60 RemoteAccess - ok
12:33:53.0800 0x1c60 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:33:53.0816 0x1c60 RemoteRegistry - ok
12:33:53.0847 0x1c60 [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
12:33:53.0863 0x1c60 RfButtonDriverService - ok
12:33:53.0894 0x1c60 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:33:53.0909 0x1c60 RpcEptMapper - ok
12:33:53.0956 0x1c60 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
12:33:53.0972 0x1c60 RpcLocator - ok
12:33:54.0034 0x1c60 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:33:54.0066 0x1c60 RpcSs - ok
12:33:54.0113 0x1c60 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:33:54.0128 0x1c60 rspndr - ok
12:33:54.0159 0x1c60 [ 646B22BADBD24C6D528AA6B8ABE0EC0E, 7A7D5927302CD637ACEA57CCAB5CAB231994ACDE0F2106EF635DF1C1B3F2D544 ] RTL2832UBDA C:\WINDOWS\system32\drivers\RTL2832UBDA.sys
12:33:54.0175 0x1c60 RTL2832UBDA - ok
12:33:54.0191 0x1c60 [ C4D4EF0FF8F43A4D5C4F5F05A7F13631, DA7D49F4D14E70F90DD80CDAFAEA7529DF94A69CE10B4FC46CF8B644DA20CB50 ] RTL2832UUSB C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys
12:33:54.0206 0x1c60 RTL2832UUSB - ok
12:33:54.0238 0x1c60 [ 19FAA5E7CF3D5263F4E79450A03E50CA, 372CA259C8996B2B0283698F10A8FFD381E549BC9221EB105056DAEB4023B446 ] RTL2832U_IRHID C:\WINDOWS\System32\drivers\RTL2832U_IRHID.sys
12:33:54.0253 0x1c60 RTL2832U_IRHID - ok
12:33:54.0269 0x1c60 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:33:54.0284 0x1c60 s3cap - ok
12:33:54.0331 0x1c60 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
12:33:54.0347 0x1c60 SamSs - ok
12:33:54.0378 0x1c60 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:33:54.0394 0x1c60 sbp2port - ok
12:33:54.0441 0x1c60 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:33:54.0472 0x1c60 SCardSvr - ok
12:33:54.0503 0x1c60 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
12:33:54.0519 0x1c60 ScDeviceEnum - ok
12:33:54.0566 0x1c60 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:33:54.0581 0x1c60 scfilter - ok
12:33:54.0659 0x1c60 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:33:54.0738 0x1c60 Schedule - ok
12:33:54.0784 0x1c60 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:33:54.0800 0x1c60 SCPolicySvc - ok
12:33:54.0831 0x1c60 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:33:54.0863 0x1c60 sdbus - ok
12:33:54.0894 0x1c60 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:33:54.0909 0x1c60 sdstor - ok
12:33:54.0956 0x1c60 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
12:33:54.0988 0x1c60 secdrv - ok
12:33:55.0034 0x1c60 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
12:33:55.0050 0x1c60 seclogon - ok
12:33:55.0081 0x1c60 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
12:33:55.0097 0x1c60 SENS - ok
12:33:55.0144 0x1c60 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:33:55.0191 0x1c60 SensrSvc - ok
12:33:55.0222 0x1c60 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:33:55.0238 0x1c60 SerCx - ok
12:33:55.0253 0x1c60 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
12:33:55.0269 0x1c60 SerCx2 - ok
12:33:55.0284 0x1c60 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:33:55.0300 0x1c60 Serenum - ok
12:33:55.0316 0x1c60 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:33:55.0331 0x1c60 Serial - ok
12:33:55.0363 0x1c60 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:33:55.0378 0x1c60 sermouse - ok
12:33:55.0425 0x1c60 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:33:55.0456 0x1c60 SessionEnv - ok
12:33:55.0503 0x1c60 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:33:55.0503 0x1c60 sfloppy - ok
12:33:55.0581 0x1c60 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:33:55.0613 0x1c60 SharedAccess - ok
12:33:55.0691 0x1c60 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:33:55.0738 0x1c60 ShellHWDetection - ok
12:33:55.0784 0x1c60 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:33:55.0784 0x1c60 SiSRaid2 - ok
12:33:55.0831 0x1c60 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:33:55.0847 0x1c60 SiSRaid4 - ok
12:33:55.0925 0x1c60 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:33:55.0956 0x1c60 SkypeUpdate - ok
12:33:56.0003 0x1c60 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
12:33:56.0019 0x1c60 smphost - ok
12:33:56.0050 0x1c60 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:33:56.0066 0x1c60 SNMPTRAP - ok
12:33:56.0113 0x1c60 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:33:56.0144 0x1c60 spaceport - ok
12:33:56.0191 0x1c60 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:33:56.0207 0x1c60 SpbCx - ok
12:33:56.0269 0x1c60 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:33:56.0332 0x1c60 Spooler - ok
12:33:56.0582 0x1c60 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:33:56.0863 0x1c60 sppsvc - ok
12:33:56.0910 0x1c60 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:33:56.0972 0x1c60 srv - ok
12:33:57.0019 0x1c60 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:33:57.0113 0x1c60 srv2 - ok
12:33:57.0144 0x1c60 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:33:57.0175 0x1c60 srvnet - ok
12:33:57.0238 0x1c60 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:33:57.0269 0x1c60 SSDPSRV - ok
12:33:57.0300 0x1c60 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:33:57.0316 0x1c60 SstpSvc - ok
12:33:57.0347 0x1c60 [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:33:57.0363 0x1c60 ssudmdm - ok
12:33:57.0410 0x1c60 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:33:57.0410 0x1c60 stexstor - ok
12:33:57.0488 0x1c60 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:33:57.0550 0x1c60 stisvc - ok
12:33:57.0566 0x1c60 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:33:57.0582 0x1c60 storahci - ok
12:33:57.0629 0x1c60 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
12:33:57.0644 0x1c60 storflt - ok
12:33:57.0691 0x1c60 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
12:33:57.0691 0x1c60 stornvme - ok
12:33:57.0738 0x1c60 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:33:57.0769 0x1c60 StorSvc - ok
12:33:57.0769 0x1c60 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:33:57.0785 0x1c60 storvsc - ok
12:33:57.0816 0x1c60 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
12:33:57.0847 0x1c60 svsvc - ok
12:33:57.0894 0x1c60 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:33:57.0910 0x1c60 swenum - ok
12:33:57.0972 0x1c60 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
12:33:58.0035 0x1c60 swprv - ok
12:33:58.0098 0x1c60 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
12:33:58.0176 0x1c60 SysMain - ok
12:33:58.0223 0x1c60 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:33:58.0238 0x1c60 SystemEventsBroker - ok
12:33:58.0301 0x1c60 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:33:58.0348 0x1c60 TabletInputService - ok
12:33:58.0379 0x1c60 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:33:58.0410 0x1c60 TapiSrv - ok
12:33:58.0535 0x1c60 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:33:58.0644 0x1c60 Tcpip - ok
12:33:58.0738 0x1c60 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:33:58.0832 0x1c60 TCPIP6 - ok
12:33:58.0879 0x1c60 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:33:58.0895 0x1c60 tcpipreg - ok
12:33:58.0957 0x1c60 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:33:58.0957 0x1c60 tdx - ok
12:33:59.0004 0x1c60 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:33:59.0019 0x1c60 terminpt - ok
12:33:59.0082 0x1c60 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
12:33:59.0145 0x1c60 TermService - ok
12:33:59.0207 0x1c60 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
12:33:59.0223 0x1c60 Themes - ok
12:33:59.0270 0x1c60 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
12:33:59.0270 0x1c60 THREADORDER - ok
12:33:59.0301 0x1c60 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
12:33:59.0332 0x1c60 TimeBroker - ok
12:33:59.0379 0x1c60 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
12:33:59.0395 0x1c60 TPM - ok
12:33:59.0441 0x1c60 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:33:59.0457 0x1c60 TrkWks - ok
12:33:59.0504 0x1c60 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:33:59.0535 0x1c60 TrustedInstaller - ok
12:33:59.0566 0x1c60 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:33:59.0582 0x1c60 TsUsbFlt - ok
12:33:59.0629 0x1c60 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:33:59.0645 0x1c60 TsUsbGD - ok
12:33:59.0691 0x1c60 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:33:59.0707 0x1c60 tunnel - ok
12:33:59.0723 0x1c60 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
12:33:59.0738 0x1c60 uagp35 - ok
12:33:59.0785 0x1c60 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:33:59.0785 0x1c60 UASPStor - ok
12:33:59.0816 0x1c60 [ 69CC6087483FCE6AEBF1DF5AE791044F, 64A2699447049F77A4A5469537F81124114978BF356C079B123B79782EDC760A ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:33:59.0832 0x1c60 UBHelper - ok
12:33:59.0863 0x1c60 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
12:33:59.0879 0x1c60 UCX01000 - ok
12:33:59.0910 0x1c60 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:33:59.0957 0x1c60 udfs - ok
12:33:59.0973 0x1c60 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
12:33:59.0988 0x1c60 UEFI - ok
12:34:00.0035 0x1c60 [ C46C4BE1BAB0F0669F6C21151BBDA557, 3E74BF7B0AA65591B76F2E8635CA18F7F078534B3D92DB0F7750C184E58785B9 ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
12:34:00.0051 0x1c60 UI Assistant Service - ok
12:34:00.0098 0x1c60 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:34:00.0113 0x1c60 UI0Detect - ok
12:34:00.0145 0x1c60 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
12:34:00.0145 0x1c60 uliagpkx - ok
12:34:00.0176 0x1c60 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:34:00.0191 0x1c60 umbus - ok
12:34:00.0207 0x1c60 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:34:00.0223 0x1c60 UmPass - ok
12:34:00.0254 0x1c60 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:34:00.0301 0x1c60 UmRdpService - ok
12:34:00.0395 0x1c60 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:34:00.0410 0x1c60 UNS - ok
12:34:00.0457 0x1c60 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:34:00.0504 0x1c60 upnphost - ok
12:34:00.0520 0x1c60 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
12:34:00.0551 0x1c60 USBAAPL64 - ok
12:34:00.0598 0x1c60 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:34:00.0629 0x1c60 usbaudio - ok
12:34:00.0645 0x1c60 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:34:00.0660 0x1c60 usbccgp - ok
12:34:00.0707 0x1c60 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:34:00.0723 0x1c60 usbcir - ok
12:34:00.0754 0x1c60 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:34:00.0770 0x1c60 usbehci - ok
12:34:00.0801 0x1c60 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:34:00.0832 0x1c60 usbhub - ok
12:34:00.0879 0x1c60 [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:34:00.0926 0x1c60 USBHUB3 - ok
12:34:00.0941 0x1c60 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:34:00.0957 0x1c60 usbohci - ok
12:34:00.0973 0x1c60 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:34:01.0004 0x1c60 usbprint - ok
12:34:01.0051 0x1c60 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
12:34:01.0067 0x1c60 usbscan - ok
12:34:01.0098 0x1c60 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:34:01.0114 0x1c60 USBSTOR - ok
12:34:01.0145 0x1c60 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:34:01.0160 0x1c60 usbuhci - ok
12:34:01.0207 0x1c60 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
12:34:01.0239 0x1c60 usbvideo - ok
12:34:01.0285 0x1c60 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:34:01.0301 0x1c60 USBXHCI - ok
12:34:01.0317 0x1c60 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:34:01.0332 0x1c60 VaultSvc - ok
12:34:01.0364 0x1c60 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:34:01.0379 0x1c60 vdrvroot - ok
12:34:01.0442 0x1c60 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
12:34:01.0520 0x1c60 vds - ok
12:34:01.0535 0x1c60 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:34:01.0551 0x1c60 VerifierExt - ok
12:34:01.0614 0x1c60 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:34:01.0660 0x1c60 vhdmp - ok
12:34:01.0692 0x1c60 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
12:34:01.0707 0x1c60 viaide - ok
12:34:01.0730 0x1c60 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:34:01.0746 0x1c60 vmbus - ok
12:34:01.0762 0x1c60 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:34:01.0793 0x1c60 VMBusHID - ok
12:34:01.0840 0x1c60 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:34:01.0871 0x1c60 vmicguestinterface - ok
12:34:01.0887 0x1c60 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
12:34:01.0918 0x1c60 vmicheartbeat - ok
12:34:01.0933 0x1c60 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:34:01.0965 0x1c60 vmickvpexchange - ok
12:34:01.0980 0x1c60 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
12:34:02.0012 0x1c60 vmicrdv - ok
12:34:02.0027 0x1c60 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
12:34:02.0043 0x1c60 vmicshutdown - ok
12:34:02.0074 0x1c60 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
12:34:02.0090 0x1c60 vmictimesync - ok
12:34:02.0105 0x1c60 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
12:34:02.0137 0x1c60 vmicvss - ok
12:34:02.0152 0x1c60 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:34:02.0168 0x1c60 volmgr - ok
12:34:02.0199 0x1c60 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:34:02.0215 0x1c60 volmgrx - ok
12:34:02.0262 0x1c60 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:34:02.0277 0x1c60 volsnap - ok
12:34:02.0324 0x1c60 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:34:02.0324 0x1c60 vpci - ok
12:34:02.0387 0x1c60 [ CED5750ECF0D60F76727BE53CE05ED68, 192E7767BED6C1EA925F5A790EC75A1C2BC4FF20F6C832A1C910D515AA565B69 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
12:34:02.0418 0x1c60 vpnagent - ok
12:34:02.0465 0x1c60 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys
12:34:02.0480 0x1c60 vpnva - ok
12:34:02.0512 0x1c60 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:34:02.0527 0x1c60 vsmraid - ok
12:34:02.0605 0x1c60 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
12:34:02.0668 0x1c60 VSS - ok
12:34:02.0699 0x1c60 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:34:02.0730 0x1c60 VSTXRAID - ok
12:34:02.0793 0x1c60 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:34:02.0809 0x1c60 vwifibus - ok
12:34:02.0840 0x1c60 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:34:02.0855 0x1c60 vwififlt - ok
12:34:02.0887 0x1c60 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
12:34:02.0902 0x1c60 vwifimp - ok
12:34:02.0949 0x1c60 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
12:34:02.0980 0x1c60 W32Time - ok
12:34:03.0012 0x1c60 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:34:03.0027 0x1c60 WacomPen - ok
12:34:03.0074 0x1c60 [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:34:03.0090 0x1c60 Wanarp - ok
12:34:03.0090 0x1c60 [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:34:03.0105 0x1c60 Wanarpv6 - ok
12:34:03.0199 0x1c60 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
12:34:03.0277 0x1c60 wbengine - ok
12:34:03.0324 0x1c60 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:34:03.0418 0x1c60 WbioSrvc - ok
12:34:03.0465 0x1c60 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:34:03.0496 0x1c60 Wcmsvc - ok
12:34:03.0543 0x1c60 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:34:03.0574 0x1c60 wcncsvc - ok
12:34:03.0606 0x1c60 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:34:03.0633 0x1c60 WcsPlugInService - ok
12:34:03.0653 0x1c60 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
12:34:03.0668 0x1c60 WdBoot - ok
12:34:03.0715 0x1c60 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:34:03.0762 0x1c60 Wdf01000 - ok
12:34:03.0778 0x1c60 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
12:34:03.0809 0x1c60 WdFilter - ok
12:34:03.0856 0x1c60 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:34:03.0871 0x1c60 WdiServiceHost - ok
12:34:03.0871 0x1c60 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:34:03.0887 0x1c60 WdiSystemHost - ok
12:34:03.0918 0x1c60 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:34:03.0934 0x1c60 WdNisDrv - ok
12:34:03.0965 0x1c60 WdNisSvc - ok
12:34:03.0996 0x1c60 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:34:04.0043 0x1c60 WebClient - ok
12:34:04.0090 0x1c60 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:34:04.0121 0x1c60 Wecsvc - ok
12:34:04.0168 0x1c60 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
12:34:04.0184 0x1c60 WEPHOSTSVC - ok
12:34:04.0215 0x1c60 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:34:04.0262 0x1c60 wercplsupport - ok
12:34:04.0293 0x1c60 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:34:04.0324 0x1c60 WerSvc - ok
12:34:04.0371 0x1c60 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:34:04.0387 0x1c60 WFPLWFS - ok
12:34:04.0418 0x1c60 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:34:04.0434 0x1c60 WiaRpc - ok
12:34:04.0481 0x1c60 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:34:04.0496 0x1c60 WIMMount - ok
12:34:04.0496 0x1c60 WinDefend - ok
12:34:04.0559 0x1c60 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:34:04.0621 0x1c60 WinHttpAutoProxySvc - ok
12:34:04.0684 0x1c60 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:34:04.0699 0x1c60 Winmgmt - ok
12:34:04.0824 0x1c60 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:34:04.0934 0x1c60 WinRM - ok
12:34:04.0981 0x1c60 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
12:34:04.0996 0x1c60 WinUsb - ok
12:34:05.0059 0x1c60 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:34:05.0137 0x1c60 WlanSvc - ok
12:34:05.0215 0x1c60 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:34:05.0293 0x1c60 wlidsvc - ok
12:34:05.0325 0x1c60 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:34:05.0340 0x1c60 WmiAcpi - ok
12:34:05.0387 0x1c60 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:34:05.0418 0x1c60 wmiApSrv - ok
12:34:05.0434 0x1c60 WMPNetworkSvc - ok
12:34:05.0481 0x1c60 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
12:34:05.0497 0x1c60 Wof - ok
12:34:05.0590 0x1c60 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
12:34:05.0668 0x1c60 workfolderssvc - ok
12:34:05.0715 0x1c60 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:34:05.0731 0x1c60 wpcfltr - ok
12:34:05.0762 0x1c60 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
12:34:05.0793 0x1c60 WPCSvc - ok
12:34:05.0825 0x1c60 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:34:05.0856 0x1c60 WPDBusEnum - ok
12:34:05.0903 0x1c60 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:34:05.0918 0x1c60 WpdUpFltr - ok
12:34:05.0950 0x1c60 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:34:05.0965 0x1c60 ws2ifsl - ok
12:34:06.0012 0x1c60 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:34:06.0059 0x1c60 wscsvc - ok
12:34:06.0075 0x1c60 WSearch - ok
12:34:06.0200 0x1c60 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
12:34:06.0372 0x1c60 WSService - ok
12:34:06.0512 0x1c60 [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:34:06.0684 0x1c60 wuauserv - ok
12:34:06.0731 0x1c60 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:34:06.0778 0x1c60 WudfPf - ok
12:34:06.0825 0x1c60 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:34:06.0840 0x1c60 WUDFRd - ok
12:34:06.0903 0x1c60 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
12:34:06.0919 0x1c60 wudfsvc - ok
12:34:06.0950 0x1c60 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
12:34:06.0965 0x1c60 WUDFWpdFs - ok
12:34:06.0965 0x1c60 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
12:34:06.0997 0x1c60 WUDFWpdMtp - ok
12:34:07.0044 0x1c60 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:34:07.0075 0x1c60 WwanSvc - ok
12:34:07.0106 0x1c60 [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
12:34:07.0137 0x1c60 ZTEusbmdm6k - ok
12:34:07.0169 0x1c60 [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
12:34:07.0184 0x1c60 ZTEusbnmea - ok
12:34:07.0184 0x1c60 [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
12:34:07.0200 0x1c60 ZTEusbser6k - ok
12:34:07.0231 0x1c60 [ 731AEBADAB92257170D83230589A2FAC, DFC30EBF412B078CCEBD0DE7A75EB021953BB6CDFE3C57950D0743EA4BFE4AF0 ] {5eeb83d0-96ea-4249-942c-beead6847053}Gw64 C:\WINDOWS\system32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys
12:34:07.0247 0x1c60 {5eeb83d0-96ea-4249-942c-beead6847053}Gw64 - ok
12:34:07.0247 0x1c60 ================ Scan global ===============================
12:34:07.0294 0x1c60 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
12:34:07.0340 0x1c60 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
12:34:07.0387 0x1c60 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
12:34:07.0434 0x1c60 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
12:34:07.0434 0x1c60 [ Global ] - ok
12:34:07.0434 0x1c60 ================ Scan MBR ==================================
12:34:07.0450 0x1c60 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:34:07.0575 0x1c60 \Device\Harddisk0\DR0 - ok
12:34:07.0575 0x1c60 ================ Scan VBR ==================================
12:34:07.0575 0x1c60 [ 36E87CEB6825ED22593DDF658BF9715C ] \Device\Harddisk0\DR0\Partition1
12:34:07.0575 0x1c60 \Device\Harddisk0\DR0\Partition1 - ok
12:34:07.0606 0x1c60 [ B639FD34D60D8446DFC89D67C59C38E8 ] \Device\Harddisk0\DR0\Partition2
12:34:07.0622 0x1c60 \Device\Harddisk0\DR0\Partition2 - ok
12:34:07.0622 0x1c60 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
12:34:07.0622 0x1c60 \Device\Harddisk0\DR0\Partition3 - ok
12:34:07.0637 0x1c60 [ 0AD1958067CE237766A7DB0170DD9504 ] \Device\Harddisk0\DR0\Partition4
12:34:07.0637 0x1c60 \Device\Harddisk0\DR0\Partition4 - ok
12:34:07.0669 0x1c60 [ 6DE9ACE9E7EA6190A7DDB3BC535F1507 ] \Device\Harddisk0\DR0\Partition5
12:34:07.0700 0x1c60 \Device\Harddisk0\DR0\Partition5 - ok
12:34:07.0716 0x1c60 [ 1135611D35158181F9856605509CD68D ] \Device\Harddisk0\DR0\Partition6
12:34:07.0731 0x1c60 \Device\Harddisk0\DR0\Partition6 - ok
12:34:07.0747 0x1c60 [ 33FB7924E42BBA158A1ECC934CB00F93 ] \Device\Harddisk0\DR0\Partition7
12:34:07.0762 0x1c60 \Device\Harddisk0\DR0\Partition7 - ok
|
|
22.06.2016, 11:46
| #6 |
| | Phishing-Zip-Anhang auf PC und Handy geöffnet Teil2: Code:
ATTFilter 12:34:07.0762 0x1c60 ================ Scan generic autorun ======================
12:34:07.0794 0x1c60 ETDCtrl - ok
12:34:08.0216 0x1c60 [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:34:08.0669 0x1c60 RTHDVCPL - ok
12:34:08.0763 0x1c60 [ DB45D01FB4379346A422C6739FF30723, FBBBDAE8127DE99B8BDFB931FA550139C536C78487542AADF545BD5748F19B76 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
12:34:08.0794 0x1c60 CanonSolutionMenu - ok
12:34:08.0872 0x1c60 [ B28AD85B8C199CB573621FCE54D7E19C, 42FFD67529592C5F349936C175E0C40E4E116E20B041042AB1E05FF164AEDD17 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
12:34:08.0935 0x1c60 CanonMyPrinter - ok
12:34:08.0966 0x1c60 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\WINDOWS\system32\igfxtray.exe
12:34:08.0982 0x1c60 IgfxTray - ok
12:34:08.0997 0x1c60 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\WINDOWS\system32\igfxpers.exe
12:34:09.0013 0x1c60 Persistence - ok
12:34:09.0060 0x1c60 [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
12:34:09.0075 0x1c60 iTunesHelper - ok
12:34:09.0138 0x1c60 [ 704A01D402F0275877E7FA1BB151D997, 585C8B31599FFF0EF9B1DF9FD63979E498D2A601497780E07706A99A359AB8B8 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
12:34:09.0169 0x1c60 BakupManagerTray - ok
12:34:09.0169 0x1c60 mcui_exe - ok
12:34:09.0232 0x1c60 [ 7AA219D7AEAA8BADCAC7853AE6AE3BD5, 018F85DCD9EB33DC775CCCB58B999A640B6F8FEF37898EA45600B433E77CF9AE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:34:09.0247 0x1c60 APSDaemon - ok
12:34:09.0310 0x1c60 [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
12:34:09.0325 0x1c60 ArcSoft Connection Service - ok
12:34:09.0357 0x1c60 IR_SERVER - ok
12:34:09.0388 0x1c60 [ C2CE42005E3381A95460876020518440, 562EB30DA9A1DB58DB221423177C0680E69A4C38EEE2D5FD936633B2EB8A616E ] C:\Program Files (x86)\QuickTime\QTTask.exe
12:34:09.0419 0x1c60 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
12:34:19.0483 0x1c60 QuickTime Task ( UnsignedFile.Multi.Generic ) - warning
12:34:21.0890 0x1c60 [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
12:34:21.0936 0x1c60 avgnt - ok
12:34:21.0999 0x1c60 [ 0F23636F5CC526F1B7CD1A749F173610, 75CC836AF8E6E2D505A696A9BEAF30AF0513695DB743B2920B66C2B0D11C5BAA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
12:34:22.0015 0x1c60 Avira SystrayStartTrigger - ok
12:34:22.0046 0x1c60 [ 84A459BB89031D7A662769E2EC73C930, A7FA9D2E60A5B9DEA08134DA3040A1E130148772D3D1D4C9AADF00E6909178FF ] C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
12:34:22.0061 0x1c60 UIExec - ok
12:34:22.0109 0x1c60 [ 0576B37CB84E42110130E267ED98BBDA, EDC954D788755E64E095B5DA18CC035E9F84A577E6E9E394059CA7BEFB33C4E0 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
12:34:22.0124 0x1c60 ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
12:34:24.0422 0x1c60 Detect skipped due to KSN trusted
12:34:24.0422 0x1c60 ProductUpdater - ok
12:34:24.0579 0x1c60 [ B5E3681782D33159AF28CFE2E0E3B9B2, 6E55DADEECD40232CFC2DEC117540A70D69F6075A5A10D9A1F250B2977F33385 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
12:34:24.0728 0x1c60 LogMeIn Hamachi Ui - ok
12:34:24.0779 0x1c60 [ C4FFD238884D74241C9DD3CD9BD1B5F7, AB6C54313A75BB7FF7FAEEC0CC6C4D67805AF89B0692DE2A112928C5F62763EA ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
12:34:24.0825 0x1c60 Cisco AnyConnect Secure Mobility Agent for Windows - ok
12:34:24.0875 0x1c60 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
12:34:24.0937 0x1c60 WAB Migrate - ok
12:34:25.0179 0x1c60 [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
12:34:25.0365 0x1c60 Akamai NetSession Interface - ok
12:34:25.0431 0x1c60 Google Update - ok
12:34:25.0473 0x1c60 Skype - ok
12:34:25.0556 0x1c60 [ 79E89B3178AC191C2FFE65D075E7647D, 157A4D1CE683DAFCBA6547CB3268E235D06CE19B0ABD3D4736F6607CD92490C6 ] C:\ProgramData\class-58\class-8.exe
12:34:25.0582 0x1c60 class-57 - detected UnsignedFile.Multi.Generic ( 1 )
12:34:27.0892 0x1c60 class-57 ( UnsignedFile.Multi.Generic ) - warning
12:34:27.0892 0x1c60 Force sending object to P2P due to detect: C:\ProgramData\class-58\class-8.exe
12:34:30.0268 0x1c60 Object send P2P result: true
12:34:32.0662 0x1c60 [ CD4004CAB56EB92A0D205C8C9EAB8A89, 63E1B385F3035C9F9A8ED08FAB4664AB3BDB6D342CEFF9160385E3443E2473CA ] C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe
12:34:32.0684 0x1c60 analog-45 - detected UnsignedFile.Multi.Generic ( 1 )
12:34:35.0000 0x1c60 analog-45 ( UnsignedFile.Multi.Generic ) - warning
12:34:35.0000 0x1c60 Force sending object to P2P due to detect: C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe
12:34:46.0499 0x1c60 Object send P2P result: true
12:34:48.0835 0x1c60 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.17.264 ), 0x41010 ( enabled : outofdate )
12:34:48.0835 0x1c60 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
12:34:48.0839 0x1c60 Win FW state via NFP2: enabled ( trusted )
12:34:51.0169 0x1c60 ============================================================
12:34:51.0169 0x1c60 Scan finished
12:34:51.0169 0x1c60 ============================================================
12:34:51.0180 0x0f58 Detected object count: 3
12:34:51.0180 0x0f58 Actual detected object count: 3
12:35:08.0018 0x0f58 QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:08.0018 0x0f58 QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:35:08.0018 0x0f58 class-57 ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:08.0018 0x0f58 class-57 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:35:08.0033 0x0f58 analog-45 ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:08.0033 0x0f58 analog-45 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich hoffe das sieht schlimmer aus, als es ist... Und besten Dank für Deine Hilfe! :] |
|
22.06.2016, 20:01
| #7 |
| /// TB-Ausbilder /// Anleitungs-Guru | Phishing-Zip-Anhang auf PC und Handy geöffnet Hi, Schritt 1 Bitte deinstalliere folgende Programme: Security Utility Versuche es bei Windows 8  mit der Windowstaste + X über  .Sollte das nicht gehen, lade Dir bitte Revo Uninstaller  hier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter. Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus: Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3  Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument: Code:
ATTFilter CloseProcesses:
HKLM-x32\...\Run: [LManager] => [X]
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [class-57] => C:\ProgramData\class-58\class-8.exe [476672 2016-06-22] (Red Line Software)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\RunOnce: [analog-45] => C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe [505344 2016-06-22] ()
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decibel-6.lnk [2016-06-21]
ShortcutTarget: decibel-6.lnk -> C:\Users\Vera\AppData\Roaming\decibel-28\decibel-5.exe (COBRA)
GroupPolicy: Beschränkung - Chrome
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google: Beschränkung
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Google: Beschränkung
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung
URLSearchHook: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 - (Kein Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Keine Datei
BHO-x32: Gravity Space -> {8788dd2d-bed5-4071-8439-c822cef57bc8} -> C:\Program Files (x86)\Gravity Space\Extensions\8788dd2d-bed5-4071-8439-c822cef57bc8.dll => Keine Datei
2016-06-22 11:50 - 2016-06-22 11:50 - 00000000 ____D C:\ProgramData\kelvin-6
2016-06-22 11:48 - 2016-06-22 11:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\analog-1
2016-06-22 11:46 - 2016-06-22 11:46 - 00000000 ____D C:\ProgramData\class-58
2016-06-21 12:21 - 2016-06-21 12:21 - 00000000 ____D C:\Users\Vera\AppData\Roaming\decibel-28
2016-06-21 11:37 - 2016-06-21 12:23 - 00000000 ____D C:\ProgramData\ct
C:\ProgramData\ncli3f42.dat
Task: {08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20} - System32\Tasks\WordSpill => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe
Task: {4BD91451-E5D0-44B0-BC66-CA629F52CFA6} - System32\Tasks\FileInspect => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe
Task: {56D1C32C-601E-46D3-94C4-FDDD32C0C6DF} - System32\Tasks\RNKCKUYTBN1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe "
Task: {610E2F79-6BCC-476A-BA7D-A02C89B2F451} - System32\Tasks\WordWiz => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe
Task: {62E6E7F0-46E8-4077-B4B3-BBA069067EE2} - System32\Tasks\EasyCite => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe
Task: {912C5971-B1DE-471E-852F-76E5FB35C78C} - System32\Tasks\PhraseSmartifier => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe
Task: {9613AC98-897D-400D-8ECF-E0E7781A2448} - System32\Tasks\InfoHider => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe
Task: {A99F043E-634C-40F9-A6EE-2F4E90DE5FF7} - System32\Tasks\BoBrowser => C:\Users\Vera\AppData\Local\BoBrowser\Application\bobrowser.exe
Task: {D133FAB6-652A-4BDA-9C0A-E35FBA3E9FF5} - \Run_Bobby_Browser -> Keine Datei
Task: C:\WINDOWS\Tasks\EasyCite.job => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe
Task: C:\WINDOWS\Tasks\FileInspect.job => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe
Task: C:\WINDOWS\Tasks\InfoHider.job => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe
Task: C:\WINDOWS\Tasks\PhraseSmartifier.job => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe
C:\ProgramData\SecurityUtility
Task: C:\WINDOWS\Tasks\RNKCKUYTBN1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe
Task: C:\WINDOWS\Tasks\WordSpill.job => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe
Task: C:\WINDOWS\Tasks\WordWiz.job => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe
File: C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\695e7e06\00901b68_b247cd01\PowerPointAddIn.DLL
File: "C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL"
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]
CreateRestorePoint:
EmptyTemp:
Schritt 4  
Schritt 5 Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
23.06.2016, 13:08
| #8 |
| | Phishing-Zip-Anhang auf PC und Handy geöffnet AdwCleaner: Code:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 23/06/2016 um 11:38:42
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-22.1 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Vera - VERAS-PC
# Gestartet von : C:\Users\Vera\Desktop\AdwCleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht : C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
[-] Ordner gelöscht : C:\ProgramData\14566771537994078081
[-] Ordner gelöscht : C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb
[#] Ordner gelöscht : C:\ProgramData\Application Data\7b24ec7cc000461ebe26d116b88142c8
[#] Ordner gelöscht : C:\ProgramData\Application Data\14566771537994078081
[#] Ordner gelöscht : C:\ProgramData\Application Data\f4ec396c-3454-45dd-b141-69ee6db2debb
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Ordner gelöscht : C:\Program Files (x86)\eye perform
[-] Ordner gelöscht : C:\Users\Vera\AppData\Local\Temp\eye perform
[-] Ordner gelöscht : C:\Users\Vera\AppData\Local\Temp\Iminent
[-] Ordner gelöscht : C:\Users\Vera\AppData\Local\Temp\SmarterPower
[-] Ordner gelöscht : C:\Users\Vera\AppData\Local\globalUpdate
***** [ Dateien ] *****
[-] Datei gelöscht : C:\claraInstaller.txt
[-] Datei gelöscht : C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[#] Datei gelöscht : C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\startfenster.lnk
[-] Datei gelöscht : C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
[#] Datei gelöscht : C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\startfenster.lnk
[-] Datei gelöscht : C:\Users\Vera\Favorites\Startfenster.lnk
[#] Datei gelöscht : C:\Users\Vera\Favorites\startfenster.lnk
[-] Datei gelöscht : C:\Users\Vera\Favorites\Links\Startfenster.lnk
[#] Datei gelöscht : C:\Users\Vera\Favorites\Links\startfenster.lnk
[-] Datei gelöscht : C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] Datei gelöscht : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
[-] Verknüpfung desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Professor Tim\Sierra Webseite.lnk
[-] Verknüpfung desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\3D Ultra RC Racers Deluxe\Sierra Webseite.lnk
[-] Verknüpfung desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\3D Ultra RC Racers Deluxe\WON.net Webseite.lnk
***** [ Aufgabenplanung ] *****
[-] Geplante Aufgabe gelöscht : Run_Bobby_Browser
[-] Geplante Aufgabe gelöscht : BoBrowser
[-] Geplante Aufgabe gelöscht : RNKCKUYTBN1
[-] Geplante Aufgabe gelöscht : RNKCKUYTBN1
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Schlüssel gelöscht : HKLM\SOFTWARE\42f6e9e5-3693-a3b0-6ff0-6683fc65b111
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel gelöscht : HKCU\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
[-] Schlüssel gelöscht : HKCU\Software\foxydeal
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\V9
[-] Schlüssel gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\foxydeal
[-] Schlüssel gelöscht : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Clara
[-] Schlüssel gelöscht : HKLM\SOFTWARE\delta-homesSoftware
[-] Schlüssel gelöscht : HKLM\SOFTWARE\hdcode
[-] Schlüssel gelöscht : HKLM\SOFTWARE\PicexaSvc
[-] Schlüssel gelöscht : HKLM\SOFTWARE\SecurityUtility
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\SecurityUtility
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\BetterDeals-11
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel gelöscht : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\BetterDeals-11
[-] Schlüssel gelöscht : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
[-] Schlüssel gelöscht : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [First Home Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [First Home Page]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2C7D51A4-33DF-4526-A44F-34E61322EA22}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{36437782-15CF-4097-ABA2-39E22089CE35}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\start.iminent.com
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [13189 Bytes] - [23/06/2016 11:38:42]
C:\AdwCleaner\AdwCleaner[R0].txt - [15545 Bytes] - [28/12/2013 15:21:21]
C:\AdwCleaner\AdwCleaner[R1].txt - [1116 Bytes] - [28/12/2013 15:29:29]
C:\AdwCleaner\AdwCleaner[S0].txt - [14204 Bytes] - [28/12/2013 15:22:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [22369 Bytes] - [23/06/2016 11:36:03]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13558 Bytes] ##########
Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Vera (2016-06-23 11:48:52) Run:1
Gestartet von C:\Users\Vera\Desktop
Geladene Profile: UpdatusUser & Vera (Verfügbare Profile: UpdatusUser & Vera)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
HKLM-x32\...\Run: [LManager] => [X]
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [class-57] => C:\ProgramData\class-58\class-8.exe [476672 2016-06-22] (Red Line Software)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\RunOnce: [analog-45] => C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe [505344 2016-06-22] ()
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decibel-6.lnk [2016-06-21]
ShortcutTarget: decibel-6.lnk -> C:\Users\Vera\AppData\Roaming\decibel-28\decibel-5.exe (COBRA)
GroupPolicy: Beschränkung - Chrome
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google: Beschränkung
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Google: Beschränkung
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung
URLSearchHook: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 - (Kein Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Keine Datei
BHO-x32: Gravity Space -> {8788dd2d-bed5-4071-8439-c822cef57bc8} -> C:\Program Files (x86)\Gravity Space\Extensions\8788dd2d-bed5-4071-8439-c822cef57bc8.dll => Keine Datei
2016-06-22 11:50 - 2016-06-22 11:50 - 00000000 ____D C:\ProgramData\kelvin-6
2016-06-22 11:48 - 2016-06-22 11:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\analog-1
2016-06-22 11:46 - 2016-06-22 11:46 - 00000000 ____D C:\ProgramData\class-58
2016-06-21 12:21 - 2016-06-21 12:21 - 00000000 ____D C:\Users\Vera\AppData\Roaming\decibel-28
2016-06-21 11:37 - 2016-06-21 12:23 - 00000000 ____D C:\ProgramData\ct
C:\ProgramData\ncli3f42.dat
Task: {08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20} - System32\Tasks\WordSpill => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe
Task: {4BD91451-E5D0-44B0-BC66-CA629F52CFA6} - System32\Tasks\FileInspect => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe
Task: {56D1C32C-601E-46D3-94C4-FDDD32C0C6DF} - System32\Tasks\RNKCKUYTBN1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe "
Task: {610E2F79-6BCC-476A-BA7D-A02C89B2F451} - System32\Tasks\WordWiz => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe
Task: {62E6E7F0-46E8-4077-B4B3-BBA069067EE2} - System32\Tasks\EasyCite => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe
Task: {912C5971-B1DE-471E-852F-76E5FB35C78C} - System32\Tasks\PhraseSmartifier => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe
Task: {9613AC98-897D-400D-8ECF-E0E7781A2448} - System32\Tasks\InfoHider => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe
Task: {A99F043E-634C-40F9-A6EE-2F4E90DE5FF7} - System32\Tasks\BoBrowser => C:\Users\Vera\AppData\Local\BoBrowser\Application\bobrowser.exe
Task: {D133FAB6-652A-4BDA-9C0A-E35FBA3E9FF5} - \Run_Bobby_Browser -> Keine Datei
Task: C:\WINDOWS\Tasks\EasyCite.job => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe
Task: C:\WINDOWS\Tasks\FileInspect.job => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe
Task: C:\WINDOWS\Tasks\InfoHider.job => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe
Task: C:\WINDOWS\Tasks\PhraseSmartifier.job => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe
C:\ProgramData\SecurityUtility
Task: C:\WINDOWS\Tasks\RNKCKUYTBN1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe
Task: C:\WINDOWS\Tasks\WordSpill.job => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe
Task: C:\WINDOWS\Tasks\WordWiz.job => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe
File: C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\695e7e06\00901b68_b247cd01\PowerPointAddIn.DLL
File: "C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL"
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]
CreateRestorePoint:
EmptyTemp:
*****************
Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => Wert erfolgreich entfernt
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Windows\CurrentVersion\Run\\class-57 => Wert nicht gefunden.
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\analog-45 => Wert nicht gefunden.
C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decibel-6.lnk => nicht gefunden.
C:\Users\Vera\AppData\Roaming\decibel-28\decibel-5.exe => nicht gefunden.
"C:\WINDOWS\system32\GroupPolicy\Machine" => nicht gefunden.
HKLM\SOFTWARE\Policies\Google => Schlüssel nicht gefunden.
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google => Schlüssel nicht gefunden.
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Google => Schlüssel nicht gefunden.
"HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} => Wert nicht gefunden.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8788dd2d-bed5-4071-8439-c822cef57bc8}" => Schlüssel erfolgreich entfernt
"HKCR\Wow6432Node\CLSID\{8788dd2d-bed5-4071-8439-c822cef57bc8}" => Schlüssel erfolgreich entfernt
"C:\ProgramData\kelvin-6" => nicht gefunden.
"C:\Users\Vera\AppData\Roaming\analog-1" => nicht gefunden.
"C:\ProgramData\class-58" => nicht gefunden.
"C:\Users\Vera\AppData\Roaming\decibel-28" => nicht gefunden.
C:\ProgramData\ct => erfolgreich verschoben
C:\ProgramData\ncli3f42.dat => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\WordSpill => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordSpill" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BD91451-E5D0-44B0-BC66-CA629F52CFA6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BD91451-E5D0-44B0-BC66-CA629F52CFA6}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\FileInspect => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FileInspect" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56D1C32C-601E-46D3-94C4-FDDD32C0C6DF} => Schlüssel nicht gefunden.
C:\WINDOWS\System32\Tasks\RNKCKUYTBN1 => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RNKCKUYTBN1 => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{610E2F79-6BCC-476A-BA7D-A02C89B2F451}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{610E2F79-6BCC-476A-BA7D-A02C89B2F451}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\WordWiz => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordWiz" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62E6E7F0-46E8-4077-B4B3-BBA069067EE2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62E6E7F0-46E8-4077-B4B3-BBA069067EE2}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\EasyCite => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyCite" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{912C5971-B1DE-471E-852F-76E5FB35C78C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{912C5971-B1DE-471E-852F-76E5FB35C78C}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\PhraseSmartifier => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhraseSmartifier" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9613AC98-897D-400D-8ECF-E0E7781A2448}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9613AC98-897D-400D-8ECF-E0E7781A2448}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\InfoHider => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\InfoHider" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A99F043E-634C-40F9-A6EE-2F4E90DE5FF7} => Schlüssel nicht gefunden.
C:\WINDOWS\System32\Tasks\BoBrowser => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BoBrowser => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D133FAB6-652A-4BDA-9C0A-E35FBA3E9FF5} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser => Schlüssel nicht gefunden.
C:\WINDOWS\Tasks\EasyCite.job => erfolgreich verschoben
C:\WINDOWS\Tasks\FileInspect.job => erfolgreich verschoben
C:\WINDOWS\Tasks\InfoHider.job => erfolgreich verschoben
C:\WINDOWS\Tasks\PhraseSmartifier.job => erfolgreich verschoben
"C:\ProgramData\SecurityUtility" => nicht gefunden.
C:\WINDOWS\Tasks\RNKCKUYTBN1.job => nicht gefunden.
C:\WINDOWS\Tasks\WordSpill.job => erfolgreich verschoben
C:\WINDOWS\Tasks\WordWiz.job => erfolgreich verschoben
========================= File: C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\695e7e06\00901b68_b247cd01\PowerPointAddIn.DLL ========================
Datei ist digital signiert
MD5: A8A06DAE9BEC0E30531AE81E0D344921
Erstellungs- und Änderungsdatum: 2016-06-20 20:35 - 2016-06-20 20:35
Größe: 0035472
Attribute: ----A
Firmenname:
Interne Name: PowerPointAddIn.dll
Original Name: PowerPointAddIn.dll
Produkt: PowerPointAddIn
Beschreibung: PowerPointAddIn
Datei Version: 1.0.0.0
Produkt Version: 1.0.0.0
Urheberrecht: Copyright © 2011
====== Ende von File: ======
========================= File: "C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL" ========================
Datei ist digital signiert
MD5: EBA646337DDE481FB0F0DC87DEA0532A
Erstellungs- und Änderungsdatum: 2016-05-15 01:16 - 2016-05-15 01:16
Größe: 0034960
Attribute: ----A
Firmenname:
Interne Name: WordAddIn.dll
Original Name: WordAddIn.dll
Produkt: WordAddIn
Beschreibung: WordAddIn
Datei Version: 1.0.0.0
Produkt Version: 1.0.0.0
Urheberrecht: Copyright © 2011
====== Ende von File: ======
C:\ProgramData\Temp => ":373E1720" ADS erfolgreich entfernt.
Wiederherstellungspunkt wurde erfolgreich erstellt.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45276039 B
Java, Flash, Steam htmlcache => 2226 B
Windows/system/drivers => 725822218 B
Edge => 0 B
Chrome => 193535340 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 139 B
LocalService => 8890250 B
NetworkService => 1173636 B
UpdatusUser => 0 B
Vera => 3917164284 B
RecycleBin => 0 B
EmptyTemp: => 4.6 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:51:03 ====
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 23.06.2016 Suchlaufzeit: 12:13 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.06.23.02 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Vera Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 367097 Abgelaufene Zeit: 1 Std., 32 Min., 32 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 9 PUP.Optional.SnapDo, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [e6782fd16436e94d98811179748efd03], PUP.Optional.GravitySpace, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8788DD2D-BED5-4071-8439-C822CEF57BC8}, In Quarantäne, [144a6d939505d561cd0312797e84e21e], PUP.Optional.GravitySpace, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8788DD2D-BED5-4071-8439-C822CEF57BC8}, In Quarantäne, [144a6d939505d561cd0312797e84e21e], PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [5c02e719fe9cde58d12c1774d72bd828], PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [a7b7837dc3d749edb949fb91f40ea25e], PUP.Optional.GravitySpace, HKLM\SOFTWARE\WOW6432NODE\GravitySpace, In Quarantäne, [5905dc24cbcfc96d7998cdd3a55e1ee2], PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64, In Quarantäne, [7be31ce49406fa3c64ee416d57ac39c7], PUP.Optional.ICinema, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\I - Cinema-nv-ie, In Quarantäne, [f767659b702a39fdbbd5059cb84b5ca4], PUP.Optional.CrossRider, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4B93A81-33E6-415E-85EF-DCA9BCC2C963}, In Quarantäne, [302e6a9652484cea16931f7bd33053ad], Registrierungswerte: 2 PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, In Quarantäne, [382634cce9b1d36374b8cdc0cb383cc4] PUP.Optional.CrossRider, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4B93A81-33E6-415E-85EF-DCA9BCC2C963}|AppName, Plus-HD-4.8-enabler.exe-buttonutil.exe, In Quarantäne, [302e6a9652484cea16931f7bd33053ad] Registrierungsdaten: 7 PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[441a19e79efc0c2a63f8eb8037cdbd43] PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[055916ea108a3df9411a14572cd8aa56] PUP.Optional.V9.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w, Gut: (www.google.com), Schlecht: (hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w),Ersetzt,[4717db25623836004e3a0d5e976dfe02] PUP.Optional.V9.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|First Home Page, hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=httpSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]AGut: (www.google.com)FGut: (www.google.com)Fwww.v9.comSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]FtypeSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dhp%26tsSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D1434359636%26fromSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dmych123%26uidSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dwdcxwd5000lpvtGut: (www.google.com)D22g33t0%5FwdGut: (www.google.com)Dwx71c326327563275%26zSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=httpSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]AGut: (www.google.com)FGut: (www.google.com)Fwww.v9.comGut: (www.google.com)FwebSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]FtypeSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dds%26tsSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D1434359636%26fromSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dzzgbkk123%26uidSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dwdcxwd5000lpvtGut: (www.google.com)D22g33t0%5FwdGut: (www.google.com)Dwx71c326327563275%26zSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26qSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D%7BsearchTerms%7D, %4, %5 PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[f866a8585248b680a7b57af130d443bd] PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[5905cd33c5d5a98d9fbd3536778df010] PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[e17dd62ae9b1191d2a34f5761de715eb] Ordner: 279 Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [e17d9b659ffbc175557eb7dc49b9b24e], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ar, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\bg, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ca, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\cs, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\da, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\de, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\el, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\en_GB, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\en_US, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\es, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\es_419, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\et, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\eu, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fi, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fil, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fr, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\he, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hi, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hr, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hu, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\id, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\it, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ja, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ko, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\lt, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\lv, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ms, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\nl, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\no, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pl, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pt_BR, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pt_PT, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ro, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ru, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sk, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sl, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sr, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sv, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\th, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\tr, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\uk, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\vi, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\zh_CN, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\zh_TW, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_metadata, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ar, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\bg, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ca, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\cs, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\da, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\de, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\el, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\en, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\es, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fi, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fil, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fr, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\he, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hi, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hr, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hu, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\id, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\it, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ja, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ko, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\lt, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\lv, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\nl, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\no, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pl, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pt_BR, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pt_PT, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ro, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ru, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sk, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sl, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sr, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sv, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\th, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\tr, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\uk, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\vi, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\zh_CN, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\zh_TW, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_metadata, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\js, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\features, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\fonts, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\id, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ar, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\bg, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\bn, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ca, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\cs, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\da, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\de, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\el, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\en_GB, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\en_US, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\es, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\es_419, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\et, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fa, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fi, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fil, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fr, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\gu, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\he, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hi, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hr, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hu, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\it, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ja, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ko, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\lt, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\lv, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ml, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ms, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\nb, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\nl, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pl, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pt_BR, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pt_PT, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ro, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ru, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sk, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sl, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sr, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sv, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sw, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ta, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\te, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\th, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\tr, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\uk, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\vi, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\zh_CN, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\zh_TW, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_metadata, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb, In Quarantäne, [8ad4b24e564483b336686035966e936d], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\ar, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\bg, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\ca, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\cs, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\da, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\de, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\el, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en_GB, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en_US, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\es, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\es_419, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\et, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fi, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fil, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fr, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\he, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hi, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hr, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hu, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_metadata, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\_metadata, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\button, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ar, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\bg, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ca, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\cs, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\da, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\de, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\el, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\en, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\es, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\fi, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\fr, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\gu, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\he, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\hr, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\hu, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\id, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\it, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ja, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\nb, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\nl, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pl, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pt_BR, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pt_PT, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ro, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ru, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sk, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sl, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sr, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sv, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\te, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\tr, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\uk, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\vi, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\zh_CN, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\zh_TW, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_metadata, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ar, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\bg, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ca, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\cs, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\da, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\de, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\el, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\en, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\es, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fi, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fil, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fr, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hi, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hr, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hu, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\id, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\it, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ja, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ko, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\lt, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\lv, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\nl, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\no, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pl, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pt_BR, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pt_PT, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ro, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ru, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\se, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sk, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sl, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sr, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\th, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\tr, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\uk, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\vi, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\zh_CN, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\zh_TW, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_metadata, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], |
|
23.06.2016, 13:11
| #9 |
| | Phishing-Zip-Anhang auf PC und Handy geöffnet mbam.txt Teil2: Code:
ATTFilter Dateien: 527
PUP.Optional.BrowseFox, C:\WINDOWS\SYSTEM32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys, Löschen bei Neustart, [731aebadab92257170d83230589a2fac],
PUP.Optional.APNToolBar, C:\Users\Vera\Downloads\YTD471Setup.exe, In Quarantäne, [164829d7762462d4290c69c03dc4f30d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\manifest.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\128.png, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ar\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\bg\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ca\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\cs\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\da\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\de\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\el\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\en_GB\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\en_US\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\es\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\es_419\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\et\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\eu\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fi\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fil\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fr\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\he\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hi\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hr\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hu\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\id\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\it\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ja\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ko\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\lt\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\lv\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ms\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\nl\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\no\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pl\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pt_BR\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pt_PT\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ro\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ru\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sk\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sl\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sr\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sv\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\th\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\tr\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\uk\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\vi\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\zh_CN\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\zh_TW\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_metadata\verified_contents.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\manifest.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\128.png, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ar\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\bg\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ca\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\cs\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\da\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\de\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\el\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\en\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\es\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fi\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fil\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fr\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\he\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hi\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hr\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hu\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\id\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\it\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ja\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ko\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\lt\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\lv\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\nl\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\no\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pl\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pt_BR\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pt_PT\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ro\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ru\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sk\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sl\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sr\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sv\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\th\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\tr\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\uk\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\vi\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\zh_CN\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\zh_TW\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_metadata\verified_contents.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\manifest.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\managed-storage-schema.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\background.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\block.html, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\block.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\firstRun.html, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\firstRun.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\i18n.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\include.postload.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\include.preload.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\messageResponder.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\notification.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\options.html, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\options.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\popup.html, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\popup.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\popupBlocker.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\stats.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\subscriptions.xml, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\utils.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\webrequest.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext\background.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext\common.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext\content.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext\popup.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-16.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-32.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed\abp-128.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed\abp-32.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed\abp-48.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed\abp-64.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\jquery-ui-1.8.16.custom.css, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_flat_0_aaaaaa_40x100.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_flat_75_ffffff_40x100.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_55_fbf9ee_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_65_ffffff_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_dadada_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_e6e6e6_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_95_fef1ec_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_highlight-soft_75_cccccc_1x100.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_222222_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_2e83ff_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_454545_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_888888_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_cd0a0a_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\js\jquery-1.7.1.min.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\js\jquery-ui-1.8.16.custom.min.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\adblockplus.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\compat.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\info.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\jsbn.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\publicSuffixList.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\punycode.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\rsa.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\sha1.js, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\ajax-loader.gif, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\background-main.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\background-share.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\background.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\donate.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\firstRun.css, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\popup.css, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\popup.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\features\malware.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\features\social.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\features\tracking.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\fonts\CreteRound-Italic.otf, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\fonts\CreteRound-Regular.otf, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\facebook.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\googleplus.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\renren.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\twitter.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\weibo.png, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\id\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ar\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\bg\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\bn\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ca\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\cs\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\da\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\de\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\el\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\en_GB\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\en_US\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\es\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\es_419\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\et\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fa\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fi\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fil\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fr\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\gu\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\he\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hi\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hr\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hu\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\it\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ja\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ko\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\lt\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\lv\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ml\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ms\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\nb\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\nl\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pl\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pt_BR\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pt_PT\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ro\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ru\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sk\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sl\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sr\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sv\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sw\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ta\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\te\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\th\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\tr\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\uk\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\vi\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\zh_CN\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\zh_TW\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_metadata\computed_hashes.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_metadata\verified_contents.json, In Quarantäne, [8ad4b24e564483b336686035966e936d],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\manifest.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\128.png, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\16.png, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\32.png, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\48.png, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\ar\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\bg\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\ca\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\cs\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\da\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\de\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\el\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en_GB\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en_US\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\es\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\es_419\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\et\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fi\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fil\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fr\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\he\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hi\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hr\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hu\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_metadata\verified_contents.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\manifest.json, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Background.html, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\background.js, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\ContentOnDocStart.js, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\ContentScript.js, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\popup.html, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\popup.js, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\128.png, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_black.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_black_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_black_small.GIF, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_cashback.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_cashback_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_disabled.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_green.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_green_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_grey.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_grey_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_hs.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_hs_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_red.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_red_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_yellow.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_yellow_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\_metadata\computed_hashes.json, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\_metadata\verified_contents.json, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\manifest.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\adblock_start_chrome.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\adblock_start_common.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\background.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\bandaids.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\CHANGELOG.txt, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\checkupdates.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\chrome_oauth_receiver.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\chrome_oauth_receiver.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\dropbox-datastores.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\functions.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\gab_question.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\idlehandler.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\LICENSE, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\notificationoverlay.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\port.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\punycode.min.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\README.markdown, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\stats.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\survey.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\translators.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\ytchannel.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\button\popup.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\button\popup.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\button\popup.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\domainset.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\filternormalizer.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\filteroptions.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\filterset.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\filtertypes.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\myfilters.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\delete.gif, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\dropbox1.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\dropbox2.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\dropbox3.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\facebook-sprite.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\gifloader.gif, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\gplus-sprite.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon128.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon16.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon16_grayscale.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon16_grayscale@2x.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon19-grayscale.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon19-whitelisted.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon19.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon24.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon32.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon38-grayscale.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon38-whitelisted.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon38.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon48.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\logo.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\twitter-sprite.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\check.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
|
|
23.06.2016, 13:23
| #10 |
| | Phishing-Zip-Anhang auf PC und Handy geöffnet mbam.txt Teil3: Code:
ATTFilter PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\magnifying_glass.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\search-engine-card_no-shadow.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\search-engine-icons.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\search-omnibox-card_no-shadow.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\search_engine_select_arrow.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\jquery-ui.custom.min.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\jquery.cookie.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\jquery.min.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\jquery-ui.custom.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\override-page.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_flat_55_999999_40x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_flat_75_aaaaaa_40x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_glass_45_0078ae_1x400.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_glass_55_f8da4e_1x400.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_glass_75_79c9ec_1x400.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_gloss-wave_50_38cfff_500x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_gloss-wave_75_2191c0_500x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_inset-hard_100_fcfdfd_1x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-icons_056b93_256x240.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-icons_d8e7f3_256x240.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\customize.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\customize.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\filters.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\filters.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\general.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\general.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\index.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\index.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\options.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\support.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\support.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\adreport.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\adreport.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\resourceblock.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\resourceblock.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\subscribe.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\subscribe.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\subscribe.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\load_jquery_ui.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\send_content_to_back.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\top_open_blacklist_ui.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\top_open_whitelist_ui.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\blacklistui.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\clickwatcher.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\elementchain.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\overlay.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\rightclick_hook.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ar\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\bg\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ca\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\cs\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\da\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\de\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\el\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\en\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\es\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\fi\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\fr\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\gu\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\he\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\hr\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\hu\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\id\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\it\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ja\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\nb\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\nl\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pl\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pt_BR\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pt_PT\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ro\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ru\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sk\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sl\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sr\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sv\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\te\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\tr\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\uk\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\vi\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\zh_CN\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\zh_TW\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_metadata\computed_hashes.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_metadata\verified_contents.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\manifest.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\128.png, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ar\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\bg\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ca\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\cs\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\da\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\de\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\el\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\en\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\es\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fi\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fil\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fr\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hi\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hr\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hu\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\id\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\it\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ja\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ko\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\lt\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\lv\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\nl\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\no\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pl\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pt_BR\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pt_PT\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ro\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ru\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\se\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sk\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sl\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sr\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\th\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\tr\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\uk\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\vi\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\zh_CN\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\zh_TW\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_metadata\verified_contents.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
durchgeführt von Vera (Administrator) auf VERAS-PC (23-06-2016 14:13:25)
Gestartet von C:\Users\Vera\Desktop
Geladene Profile: UpdatusUser & Vera (Verfügbare Profile: UpdatusUser & Vera)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-01-28] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-14] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-06-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [156448 2012-05-04] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-11-23] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [766464 2016-02-29] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Google Update] => "C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [hardness-81] => C:\ProgramData\hardness-2\hardness-9.exe [441344 2016-06-23] (Лаборатория Касперского)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\RunOnce: [receiver-7] => C:\Users\Vera\AppData\Roaming\receiver-31\receiver-16.exe [504320 2016-06-23] ()
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {2ab3442b-78c5-11e5-801a-b888e359abb6} - "E:\AutoRun.exe"
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {736f669c-3581-11e3-bf6a-b888e359abb6} - "E:\AutoRun.exe"
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {736f672e-3581-11e3-bf6a-b888e359abb6} - "E:\AutoRun.exe"
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2016-06-23]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\homerf-0.lnk [2016-06-23]
ShortcutTarget: homerf-0.lnk -> C:\Users\Vera\AppData\Roaming\homerf-6\homerf-89.exe (COBRA)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2016-06-23]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 129.206.100.126 129.206.210.127
Tcpip\..\Interfaces\{FC7B690A-ABE8-4FEF-9430-9736C44DA543}: [DhcpNameServer] 129.206.100.126 129.206.210.127
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> ist aktiviert.
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vera\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-02-09] ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs Offline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-06-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-15] (Dritek System INC.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [274208 2012-05-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-06-04] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R1 inpoutx64; C:\Windows\System32\drivers\inpoutx64.sys [15008 2016-03-08] (Highresolution Enterprises [www.highrez.co.uk])
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 PRTDRV; C:\Windows\System32\Drivers\PRTDRV.sys [33640 2012-06-15] (Psychology Software Tools)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-15] (Dritek System Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2015-02-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-23 14:02 - 2016-06-23 14:02 - 00199094 _____ C:\Users\Vera\Desktop\mbam.txt
2016-06-23 13:46 - 2016-06-23 13:46 - 00000000 ____D C:\ProgramData\current-2
2016-06-23 12:43 - 2016-06-23 12:43 - 00000000 ____D C:\ProgramData\hardness-2
2016-06-23 12:24 - 2016-06-23 12:24 - 00000000 ____D C:\Users\Vera\AppData\Roaming\homerf-6
2016-06-23 12:10 - 2016-06-23 14:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-23 12:09 - 2016-06-23 13:58 - 00000707 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-23 12:09 - 2016-06-23 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-06-23 12:09 - 2016-06-23 12:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-23 12:09 - 2016-06-23 12:09 - 00000000 ____D C:\ Malwarebytes Anti-Malware
2016-06-23 12:09 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-23 12:09 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-23 12:09 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-23 12:03 - 2016-06-23 12:06 - 22851472 _____ (Malwarebytes ) C:\Users\Vera\Desktop\mbam-setup-2.2.1.1043.exe
2016-06-23 11:48 - 2016-06-23 12:23 - 00000000 ____D C:\ProgramData\ct
2016-06-23 11:48 - 2016-06-23 11:51 - 00012765 _____ C:\Users\Vera\Desktop\Fixlog.txt
2016-06-23 11:34 - 2016-06-23 12:24 - 00000000 ____D C:\Users\Vera\AppData\Roaming\microamp-1
2016-06-23 11:32 - 2016-06-23 11:32 - 00000000 ____D C:\Users\Vera\Desktop\RevoUninstallerPortable
2016-06-23 11:31 - 2016-06-23 11:32 - 02785665 _____ (PortableApps.com) C:\Users\Vera\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2016-06-23 11:30 - 2016-06-23 11:30 - 00000000 ____D C:\Users\Vera\AppData\Roaming\receiver-31
2016-06-23 11:25 - 2016-06-23 11:30 - 03703360 _____ C:\Users\Vera\Desktop\AdwCleaner_5.200.exe
2016-06-22 12:31 - 2016-06-22 14:46 - 00245766 _____ C:\TDSSKiller.3.1.0.9_22.06.2016_12.31.54_log.txt
2016-06-22 12:31 - 2016-06-22 12:31 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Vera\Desktop\tdsskiller.exe
2016-06-22 11:51 - 2016-06-22 11:53 - 00060058 _____ C:\Users\Vera\Desktop\Addition.txt
2016-06-22 11:49 - 2016-06-23 14:13 - 00021874 _____ C:\Users\Vera\Desktop\FRST.txt
2016-06-22 11:49 - 2016-06-23 14:13 - 00000000 ____D C:\FRST
2016-06-22 11:48 - 2016-06-22 11:48 - 02387456 _____ (Farbar) C:\Users\Vera\Desktop\FRST64.exe
2016-06-21 17:47 - 2016-06-21 17:47 - 00029134 _____ C:\Users\Vera\Documents\Ereignisse.txt
2016-06-21 17:46 - 2016-06-21 17:47 - 00029134 _____ C:\Users\Vera\Desktop\Ereignisse.txt
2016-06-17 15:18 - 2016-06-17 15:18 - 00036663 _____ C:\Users\Vera\Downloads\learningpathsbachelorspsychologyradboud_20162017.pdf
2016-06-14 11:20 - 2016-06-14 11:20 - 00080896 _____ C:\Users\Vera\Downloads\Fachdidaktik_SoSe2015.xls
2016-06-06 13:18 - 2016-06-06 13:18 - 00041444 _____ C:\Users\Vera\Downloads\Tsvgg_Beitragsordnung_2015.pdf
2016-06-04 17:25 - 2016-06-04 17:25 - 00033415 _____ C:\Users\Vera\Downloads\Frauen Vortest Seiler.sav
2016-06-03 17:05 - 2016-06-03 17:05 - 00000000 ____D C:\Users\Vera\Documents\IBM
2016-06-03 17:00 - 2016-06-03 17:00 - 00000000 ____D C:\ProgramData\IBM
2016-06-03 16:53 - 2016-06-03 16:53 - 00000000 ____D C:\Program Files (x86)\IBM
2016-06-03 16:45 - 2016-03-03 09:59 - 856246096 _____ (IBM Corp) C:\Users\Vera\Desktop\SPSS_Statistics_24_win32.exe
2016-06-01 19:44 - 2016-06-01 19:45 - 00957112 _____ (Microsoft Corporation) C:\Users\Vera\Downloads\SaveAsPDFandXPS.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-23 14:06 - 2015-07-18 13:55 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core.job
2016-06-23 14:03 - 2012-11-17 15:16 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4105031019-3425876013-4116755172-1002
2016-06-23 14:00 - 2015-10-04 01:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\Skype
2016-06-23 13:59 - 2015-01-24 20:19 - 00000000 ____D C:\Users\Vera\AppData\Local\LogMeIn Hamachi
2016-06-23 13:59 - 2014-07-31 03:32 - 00000000 __RDO C:\Users\Vera\OneDrive
2016-06-23 13:58 - 2016-04-28 16:15 - 00001182 _____ C:\Users\Public\Desktop\Inquisit 5.lnk
2016-06-23 13:58 - 2016-04-26 18:53 - 00001325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-06-23 13:58 - 2016-04-26 18:52 - 00001478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-06-23 13:58 - 2016-04-26 18:51 - 00002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-06-23 13:58 - 2016-04-26 14:37 - 00000968 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64 bits.lnk
2016-06-23 13:58 - 2016-01-17 18:01 - 00001763 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-23 13:58 - 2015-12-11 18:30 - 00001338 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-06-23 13:58 - 2015-11-13 15:21 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-23 13:58 - 2015-11-13 15:21 - 00002193 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-23 13:58 - 2015-11-11 15:57 - 00001975 _____ C:\Users\Public\Desktop\Citavi 5.lnk
2016-06-23 13:58 - 2015-10-22 16:08 - 00001987 _____ C:\Users\Public\Desktop\1&1 Surf-Stick.lnk
2016-06-23 13:58 - 2015-07-29 15:06 - 00001232 _____ C:\Users\Public\Desktop\Icecream Media Converter.lnk
2016-06-23 13:58 - 2014-08-17 01:04 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-06-23 13:58 - 2014-07-31 03:01 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-23 13:58 - 2014-01-06 19:03 - 00001394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-06-23 13:58 - 2013-12-07 21:30 - 00000923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-06-23 13:58 - 2013-03-23 19:31 - 00000940 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-06-23 13:58 - 2012-12-28 14:54 - 00002003 _____ C:\Users\Public\Desktop\TotalMedia 3.5.lnk
2016-06-23 13:58 - 2012-11-21 20:11 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-06-23 13:58 - 2012-11-21 20:11 - 00002017 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-06-23 13:58 - 2012-08-15 21:25 - 00001685 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer User's Manual.lnk
2016-06-23 13:58 - 2012-08-15 21:25 - 00001667 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Quick Guide.lnk
2016-06-23 13:57 - 2016-05-19 09:42 - 00001690 _____ C:\Users\Vera\Desktop\Notizen.lnk
2016-06-23 13:57 - 2016-05-19 09:24 - 00001690 _____ C:\Users\Vera\Desktop\Word.lnk
2016-06-23 13:57 - 2016-04-28 10:49 - 00002323 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-23 13:57 - 2014-10-06 21:25 - 00001089 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2016-06-23 13:57 - 2014-07-31 03:26 - 00001458 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-23 13:57 - 2014-07-31 02:50 - 00000469 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-06-23 13:57 - 2014-07-31 02:50 - 00000467 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-06-23 13:57 - 2013-12-07 21:30 - 00000911 _____ C:\Users\Vera\Desktop\Audacity.lnk
2016-06-23 13:57 - 2012-11-21 13:29 - 00000355 _____ C:\Users\Vera\Desktop\Computer.lnk
2016-06-23 13:56 - 2015-11-13 15:20 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-23 13:56 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-23 13:55 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-06-23 13:55 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-23 13:49 - 2015-12-04 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2016-06-23 13:44 - 2015-11-13 15:20 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-23 12:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-23 12:28 - 2014-03-18 12:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-23 12:28 - 2014-03-18 11:25 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-23 12:28 - 2014-03-18 11:25 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-23 12:28 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-23 11:38 - 2015-07-25 12:28 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-23 11:38 - 2015-06-11 21:07 - 00000000 ____D C:\WINDOWS\system32\log
2016-06-23 11:38 - 2013-12-28 15:21 - 00000000 ____D C:\AdwCleaner
2016-06-21 21:12 - 2015-07-18 13:55 - 00000000 ____D C:\Users\Vera\AppData\Local\Deployment
2016-06-21 17:35 - 2015-07-31 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-21 17:28 - 2013-12-20 18:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 14:36 - 2016-03-14 12:31 - 00000000 ____D C:\Users\Vera\AppData\Local\Microsoft Help
2016-06-21 14:32 - 2016-04-26 14:37 - 00000000 ____D C:\Users\Vera\AppData\Roaming\avidemux
2016-06-21 13:56 - 2013-10-15 21:38 - 00000000 ____D C:\Users\Vera\Desktop\UNI Stuttgart
2016-06-21 12:34 - 2013-12-06 22:30 - 00000000 ____D C:\Users\Vera\AppData\Roaming\vlc
2016-06-21 11:46 - 2015-07-31 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-19 23:29 - 2012-11-21 14:22 - 00000000 ____D C:\Users\Vera\Documents\Story
2016-06-19 22:01 - 2015-12-18 23:16 - 00008628 _____ C:\Users\Vera\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2016-06-15 11:14 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-10 20:55 - 2015-10-04 01:47 - 00000000 ____D C:\ProgramData\Skype
2016-06-10 20:54 - 2016-01-15 16:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-10 19:22 - 2013-12-06 22:31 - 00000000 ____D C:\Users\Vera\AppData\Roaming\dvdcss
2016-06-06 12:13 - 2014-01-10 19:56 - 00006656 _____ C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-04 17:17 - 2015-07-31 17:27 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-04 17:17 - 2015-07-31 17:27 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-03 17:00 - 2014-07-31 02:50 - 00000000 ____D C:\Users\Vera
2016-06-03 16:59 - 2015-12-09 14:08 - 00000000 ____D C:\Users\Vera\AppData\Local\javasharedresources
2016-06-03 16:51 - 2015-12-04 20:50 - 00000219 _____ C:\WINDOWS\SysWOW64\lsprst7.tgz
2016-06-03 16:51 - 2015-12-04 20:50 - 00000205 _____ C:\WINDOWS\SysWOW64\lsprst7.dll
2016-06-03 16:51 - 2015-12-04 20:50 - 00000016 ____H C:\WINDOWS\SysWOW64\servdat.slm
2016-06-01 19:45 - 2015-01-19 16:18 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-06-01 16:58 - 2013-01-03 13:33 - 00000000 ____D C:\Users\Vera\Downloads\Bank
2016-05-29 10:58 - 2016-04-26 18:47 - 00003178 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4105031019-3425876013-4116755172-1002
2016-05-27 15:39 - 2013-07-16 22:33 - 00000000 ____D C:\Users\Vera\Desktop\Veras Zeug
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-26 15:18 - 2015-07-29 15:44 - 0000024 _____ () C:\Users\Vera\AppData\Roaming\appdataFr25.bin
2015-12-18 23:16 - 2016-06-19 22:01 - 0008628 _____ () C:\Users\Vera\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-01-10 19:56 - 2016-06-06 12:13 - 0006656 _____ () C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-05 19:55 - 2016-04-05 19:55 - 0001477 _____ () C:\Users\Vera\AppData\Local\recently-used.xbel
2015-07-16 18:36 - 2015-07-16 18:36 - 0000000 _____ () C:\Users\Vera\AppData\Local\Temp.dat
Einige Dateien in TEMP:
====================
C:\Users\Vera\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-21 22:59
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Vera (2016-06-23 14:14:29)
Gestartet von C:\Users\Vera\Desktop
Windows 8.1 (Update) (X64) (2014-07-31 01:26:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4105031019-3425876013-4116755172-500 - Administrator - Disabled)
Gast (S-1-5-21-4105031019-3425876013-4116755172-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-4105031019-3425876013-4116755172-1001 - Limited - Enabled) => C:\Users\UpdatusUser
Vera (S-1-5-21-4105031019-3425876013-4116755172-1002 - Administrator - Enabled) => C:\Users\Vera
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Abe's Oddysee (HKLM-x32\...\Abe's Oddysee) (Version: - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Reader XI (11.0.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.307 - ArcSoft)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{761cd2c4-5249-4346-8318-a499d06d2681}) (Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version: - )
Canon iP2600 series Benutzerregistrierung (HKLM-x32\...\Canon iP2600 series Benutzerregistrierung) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.14018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.14018 - Cisco Systems, Inc.) Hidden
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D.Radio (HKLM-x32\...\{213E2CCF-8265-444F-A6CA-40BD946A8D4A}) (Version: 1.1.5 - Geniatech)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
Die Sims™ 2: Glamour-Accessoires (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - )
EA SPORTS online 2004 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version: - )
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden
E-Prime 2.0 (2.0.8.90) (HKLM-x32\...\{77C74D8A-2014-4107-BE3F-DF879A443E0B}) (Version: 2.0.08090 - Psychology Software Tools, Inc.)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
FIFA 2004 (HKLM-x32\...\{782DDB70-3DF4-4366-00BF-E3767BCD173B}) (Version: - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeMat (HKLM-x32\...\FreeMat) (Version: 4.2 - Humanity)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Genius Biologie Demoversion (remove only) (HKLM-x32\...\Genius Biologie Demoversion) (Version: - )
Genius Physik (remove only) (HKLM-x32\...\Genius Physik) (Version: - )
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.8.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Harry Potter und der Gefangene von Askaban(TM) (HKLM-x32\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version: - )
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
IBM SPSS Statistics 24 (HKLM-x32\...\{4762AE15-E5A3-43BF-8822-1CFC70FB147A}) (Version: 24.0.0.0 - IBM Corp)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Inkscape 0.48.5 (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Inkscape) (Version: 0.48.5 - )
Inquisit 5 (HKLM-x32\...\Inquisit 5 5.0.1) (Version: 5.0.1 - Millisecond Software)
Inquisit 5 (Version: 5.0.1 - Millisecond Software) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kinovea (HKLM-x32\...\Kinovea) (Version: 0.8.15 - Kinovea)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.3 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyoResearch XP Master 1.08.27 (HKLM-x32\...\MyoResearch XP Master 1.08.27) (Version: Master 1.08 - Noraxon U.S.A. Inc.)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3102 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
ScenalyzerLive (entfernen) (HKLM-x32\...\ScenalyzerLive) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: - )
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
TotalMedia Setup (HKLM-x32\...\{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}) (Version: 1.00.0000 - Conexant)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warcraft II BNE (HKLM-x32\...\Warcraft II BNE) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {17E4CA9F-25FD-494E-BB74-B84A209FCA12} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {37660E5E-8A00-4829-B992-ECD0A5F396C9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002UA => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {5031E43D-8433-478B-ADEF-ED7A3609D51E} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {5A090A2A-1532-41D9-B014-D1DAA9FE16FE} - System32\Tasks\{7B191E72-26D1-4676-A94A-49D7D0D747F6} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {6CB76679-0DA2-425F-9125-9EEB99CF1CDF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {7879C2EC-5773-4BAC-AE6A-A70CB56758E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.)
Task: {98CEFDC9-4187-453C-A3B4-C49FB9152592} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {A8701A53-BDEB-4875-AD33-424591258A36} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4105031019-3425876013-4116755172-1002 => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-29] (Microsoft Corporation)
Task: {A8943ACC-07D9-4B3F-B0C4-92CB380090D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {A915BF41-31C2-42E4-BD22-01E939E09DE2} - System32\Tasks\{3EFEC5D9-1D52-48FB-B382-C489FF10193D} => pcalua.exe -a C:\Users\Vera\Downloads\sclive20060412g\sclive.exe -d C:\Users\Vera\Downloads\sclive20060412g
Task: {B95DD6AF-F8F9-4F0B-9AE1-10717A9AFD37} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4105031019-3425876013-4116755172-1002
Task: {C724FC1B-D5B1-4755-9754-A03B17BA053A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {DB52C38A-7BED-4C11-8C09-4DA13108FB1A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {E7F15A4F-84A8-4C14-B142-9F5F2BF683E7} - System32\Tasks\{EFF710BD-CF61-4810-8F4E-857944983CEF} => pcalua.exe -a D:\autostart.exe -d D:\
Task: {EF7B119D-D1F7-4F8A-B349-98D194BC932B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.)
Task: {F2C4B45D-8EAE-4FFD-8F99-54C2E2754DF6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {F83191E3-E913-4DC2-BE22-C614E7BF5FB0} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core.job => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002UA.job => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-22 16:08 - 2012-05-04 17:19 - 00274208 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2013-01-28 17:21 - 2013-01-28 17:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-22 16:08 - 2012-05-04 17:19 - 00156448 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2015-12-11 18:30 - 2015-11-23 17:05 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2014-03-18 11:44 - 2014-03-18 11:44 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\ErrorReporting.dll
2016-02-29 12:16 - 2016-02-29 12:16 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-07-31 01:04 - 2012-07-31 01:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2016-06-20 11:48 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-20 11:48 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2012-08-15 21:02 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2006-10-26 13:56 - 2006-10-26 13:56 - 00757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-05-15 01:16 - 2016-05-15 01:16 - 00034960 _____ () C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Vera\Pictures\Make History.jpg
DNS Servers: 129.206.100.126 - 129.206.210.127
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "TMMonitor.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{562AD6BE-EF65-4195-AAA5-F374590DD5E3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{67FEACB2-2401-4122-8D3D-66FAE5F98D53}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{7D0B75D0-989B-4913-BC73-E6996719AC85}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{16658953-BD08-4DE2-B7DA-F2D1B24B8872}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{484F0461-88EE-48FA-9FD8-BBCBF3E6E495}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F979EA54-0E59-49F8-B3A9-6A785542724F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{DFB3C773-7010-42DD-A159-29ED99BBAF03}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BD89FC6D-7633-42E8-A848-B61956B3B4AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB1D5594-C388-47E8-906D-80FE30EAC961}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D0E5BD68-B928-4989-B5F5-4C16AEC18868}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9661D67B-EAE3-4D42-AF33-E1D499220CD2}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{7704B728-7C00-442C-9AC8-2FE6B8A7F972}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{ACAD114C-735F-49BC-AB98-39CFB4FF1DDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{644A48DF-D8D1-42A0-BB7B-E4AA842EFC6E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{BB1A121B-2AC5-40E4-8B11-51910ED459C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{7EA55DA8-A5C0-4A69-BC29-2F28BE9EBA2E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{46C920C4-2E27-4A82-92E1-634F16ED18D2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{32B571B2-721F-4ACF-A816-F9B89001BF01}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{C4FB7AFE-D859-430E-BBF0-D49809786B14}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{B7D0094A-6789-49D2-AA2A-2E30A40D1397}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{6CD5F020-CB4D-41CB-B44B-B947BDD8B91E}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{3298A79E-04A7-4179-AC81-49ED4EABC1E5}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{4EA3AAB1-1CA0-4243-9A03-6A911B74DA56}] => (Allow) D:\AliceSetup.exe
FirewallRules: [{B0A151C9-F47C-4313-A4DD-FE26082A72CF}] => (Allow) D:\AliceSetup.exe
FirewallRules: [{9A009534-4288-44B3-8FA6-1B0B017660EC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{6D86272D-1F6E-43CE-89D7-0FFB40901B4E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{996E0AB8-043B-450A-A7FD-1825D9F9D03B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{EFFE22F3-ED01-4532-8488-1C1E4728F1C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{A87A6C22-D2DD-4F74-8706-23414A196020}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{10B14768-23FB-461A-888B-927744D74680}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{D511C497-9324-4CAD-9DF4-B0A66D476F5E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{3C8D17B8-783D-4B7B-8FAB-D91CCD9EE9A7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{92047C36-3FCF-4D60-8ABD-8E24D42294FB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{B72996AF-9E68-485C-B0AA-56521F1F0447}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{9101CCED-69A9-4B46-BBAB-7D39AA1FA45B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{6EE1F738-5154-4C11-B395-44D4963E581D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{3CCB51CF-1423-46ED-935E-E8BB081B5CD2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{32087D8E-507C-4CA1-89F4-15E56D11E319}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{C203FD96-1A43-4529-A0AB-08D0577083CF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{440E6ED9-62D2-4DB8-A42D-386381109FBF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E04C7F9F-DD2C-44F1-92B7-4F912A562F86}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{81562EA2-47D6-4F07-8FE6-4A0B0A20C097}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{6E911494-19DD-4B8E-A761-F30BB5871777}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E82CAC18-872F-42EB-8783-E55F1BB9DB71}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{4D211644-52DE-4B61-99A1-6263E6D00570}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{686F6810-3EE6-4DE8-A966-3824652A6A7D}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{D51C58D9-3849-4C5A-9795-B768CC4945D6}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{923BE562-A799-42B5-B859-1024B80F9757}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{DCAFFC6C-52FC-44DB-A66A-E4EE531C54E3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7FCACBBA-EA9E-47CB-B482-ADB67EB134FD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{3819FFFA-43A3-439F-B66F-AB80BC4D2349}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{0A9C6167-2BE5-4A96-BBD4-BF86CADDF56F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{3FD434BD-90E7-4BA3-9A32-7077F9B7998A}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B2D1AE20-8130-4070-8F07-B8E8E8730099}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{8F1D89C3-6D2F-44DF-B791-C0E75D71E3ED}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{19F500C0-F9C9-47DF-A48A-D4DA51833C9D}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{52E05373-D082-4DB4-BFDD-0355CF15E95E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{8497445D-8DFE-4732-8EF6-37CE0A7E0BF8}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{619D59EA-6C80-4BD6-A3FE-53F8E6403314}C:\users\vera\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E6809B4C-FEDE-4376-96FE-702471B7EB86}C:\users\vera\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4CA4F3FF-9067-403F-9FEE-E26381E28312}] => (Block) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BA7D56D1-3498-486B-9BDC-C0F5001F9367}] => (Block) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8E85D61B-BB0C-4E82-99D6-A48EBAA6C8CE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A38B098D-A33F-4BAF-ACEF-8925AB5D5200}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{055B3FEA-BCEA-4955-9844-53BA93A95A2D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{CC21E86E-C529-4CB6-A783-87F73ECA058F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{BBA1B2B2-21ED-49CF-92FF-D2DC20359C66}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{3D210D07-9D27-40EE-87CF-9594869764E9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{98B7060E-8C5B-4082-94B7-2D45335D9F48}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B58A47C5-B9EC-4D04-9F3C-00F5F4041113}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{F0226214-72F3-4793-ABE0-C1B9A1A22CB5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{1BC83989-0069-45D9-84E0-90D91721646F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [TCP Query User{79AEF083-0C85-484F-B074-056CF8EC7A19}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [UDP Query User{72C0C118-6D78-4742-A974-60AA12810129}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{57302029-5538-4FEF-839D-F80C8F5C1862}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{D0377A42-2018-425E-ACAE-7A0C038BF4F2}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{87589F37-408D-495A-8089-1D8C094026E5}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{6C78C0A7-1F14-4797-88FA-B72C1EADCCCD}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{C48D38E2-2A41-44BA-BCA0-42946E775322}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{38635752-3029-44E9-AE0C-D3D55F32B7DC}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [TCP Query User{B602313F-5169-4A26-9BBD-561393F6689D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{96AF43C9-96C5-4B32-BA5C-FAA8B068688F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7A0847FC-FEA1-432B-8BFC-AB20ECFA7576}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E0DBB789-3A15-492D-8B85-625F50575877}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B44E32F2-9A7D-4DFD-877C-8698EA6D0E73}C:\users\vera\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\vera\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3CBBCD8E-1B68-4D78-AE4A-4AE88E72D45A}C:\users\vera\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\vera\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{56B9702D-145B-41E4-BF03-456E9FAD4C54}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{23E563C7-A7F1-4675-92CE-FB66EA5DF961}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{60F9E8D2-4D59-43C8-A01F-B7D637B7ECD5}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{DFF96C53-0C9E-4646-A57D-6D5875B826C4}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{AC297AC9-5F33-4519-B52B-C3A0617CFD8D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{9A51A890-1A62-4786-845D-A83FFE873F1F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [TCP Query User{274B6FDC-0868-49C4-819E-20BE2B0708EF}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8038CF78-DD98-4889-9861-B9D4CE174D05}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{0A2277FB-2C4F-4A94-A5C4-F2B69D9BCFFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04B24D0B-EDFA-4A01-B92F-D305A37FA9A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E3DDE46-5A35-4B99-9A5F-CD345E305107}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5C1221A3-1EA7-4ACE-A6E6-97E0DC251EF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C429BF7-C815-449D-9EB1-DA395C172958}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F0432ACB-D720-4AC6-8F92-A4D0FC9532FD}C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe] => (Allow) C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [UDP Query User{DC956E12-076B-4F89-BFD0-751BEB95625C}C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe] => (Allow) C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [{14703AC8-061F-40D1-8730-EBC5A3D2EB89}] => (Allow) C:\Users\Vera\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{ABECCAC8-12FA-4E97-903B-EC2368B534E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2477C121-1E85-4DED-8F8E-A593CAA5FF08}] => (Allow) LPort=2869
FirewallRules: [{324CB72E-D18D-4F12-8EB2-ECAC2413CDA0}] => (Allow) LPort=1900
FirewallRules: [{726E4AFF-EB8E-4CCB-9279-C3F070A1DBAC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{58141989-8739-4F57-AD9D-448C3086F8C1}C:\program files (x86)\ibm\spss\statistics\24\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [UDP Query User{AE00DB7C-F24A-42AE-9C42-3A66C3E8D1C7}C:\program files (x86)\ibm\spss\statistics\24\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{2BB771B0-48DA-4041-8A11-34FB0A6E8836}] => (Block) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{31BFAC32-D47D-49F9-BA77-1A5546C18EC2}] => (Block) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{04CF2B76-CB79-47FE-8185-C9711F8CD11F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{70B4498B-A1D6-4D41-8E5D-AB16AA0C2372}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{45578DE2-FF52-42CA-93F9-0144005B6088}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
==================== Wiederherstellungspunkte =========================
03-06-2016 16:49:35 Installed IBM SPSS Statistics 24.
12-06-2016 12:33:05 Geplanter Prüfpunkt
20-06-2016 18:58:44 Geplanter Prüfpunkt
23-06-2016 11:49:07 Restore Point Created by FRST
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/23/2016 01:59:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Name des fehlerhaften Moduls: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001af76
ID des fehlerhaften Prozesses: 0xdf4
Startzeit der fehlerhaften Anwendung: 0xACDaemon.exe0
Pfad der fehlerhaften Anwendung: ACDaemon.exe1
Pfad des fehlerhaften Moduls: ACDaemon.exe2
Berichtskennung: ACDaemon.exe3
Vollständiger Name des fehlerhaften Pakets: ACDaemon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ACDaemon.exe5
Error: (06/23/2016 12:57:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4718
Error: (06/23/2016 12:57:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4718
Error: (06/23/2016 12:57:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/23/2016 12:57:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3359
Error: (06/23/2016 12:57:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3359
Error: (06/23/2016 12:57:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/23/2016 12:57:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1328
Error: (06/23/2016 12:57:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1328
Error: (06/23/2016 12:57:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (06/23/2016 11:49:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "UI Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dritek RF Button Command Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-06-18 22:12:10.901
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 21:59:20.509
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 21:59:20.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 21:59:20.416
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 12:24:13.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 09:35:03.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 08:52:48.344
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 08:35:19.403
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 08:27:42.372
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-06-18 08:11:18.359
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3909.28 MB
Verfügbarer physikalischer RAM: 2009.9 MB
Summe virtueller Speicher: 6213.28 MB
Verfügbarer virtueller Speicher: 3870.76 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:445.41 GB) (Free:70.69 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4FB6F86F)
Partition: GPT.
==================== Ende von Addition.txt ============================
Fragen zu meinem Handy kannst du mir vermutlich nicht beantworten, oder? Die zip-Datei hat nämlich auch dort versucht sich zu entpacken, erfolgreich geöffnet hat sie sich aber nicht. Und überträgt sich der Mist auch auf Wechselmedien, sprich USB-Sticks, SD-Karten, externe Festplatten, etc.? |
|
23.06.2016, 13:24
| #11 |
| | Phishing-Zip-Anhang auf PC und Handy geöffnet --- |
|
| Themen zu Phishing-Zip-Anhang auf PC und Handy geöffnet |
| anhang, anhang ausgeführt, anhänge, brauche, daten, direkt, e-mail, eingestellt, frage, fragen, geändert, hallo zusammen, handy, handy und pc, krieg, kumpel, leer, nichts, papierkorb, phishing, potentielle, schei, schnelle, verloren, verschoben, windows, windows 8, überprüfen, zusammen, öffnet |
dann auf 
und dann auf 
.
Linear-Darstellung
