| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ungewünschte Pop-Ups in Chrome und EdgeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.07.2017, 22:25
| #1 |
 |  Ungewünschte Pop-Ups in Chrome und Edge Hallo, ich habe immer wieder PopUps, die durch Malwarey-Bytes blockiert werden von z. B. adskeeper. ADWCleaner, Malware-Bytes, Desinfect ct, jrt, Spybot S&D, finden alle nichts mehr. Ich habe keine Idee mehr. Bitte helft mir Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
durchgeführt von user (Administrator) auf USER-PC (09-07-2017 21:23:12)
Gestartet von C:\Users\user\Downloads
Geladene Profile: user (Verfügbare Profile: user)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
() C:\Users\user\Downloads\adwcleaner_6.047.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-27] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4514304 2016-03-04] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [kxesc] => "c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe" -autorun
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Google Photos Backup] => C:\Users\user\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Amazon Music] => C:\Users\user\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{037dccaf-1974-41e8-9dad-43e2e9418bf1}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{e42fb867-5a36-49ca-92d6-35a6d53211f4}: [DhcpNameServer] 192.168.178.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao774.com/?34067-0293
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao774.com/?34067-0293
SearchScopes: HKU\S-1-5-21-508946343-2304877640-3111218378-1000 -> DefaultScope {5CE25775-92B7-477d-9603-852F0B34D8B0} URL = hxxps://www.sogou.com/sogou?query={searchTerms}&pid=sogou-wsse-91e50fe1e39af286
SearchScopes: HKU\S-1-5-21-508946343-2304877640-3111218378-1000 -> {5CE25775-92B7-477d-9603-852F0B34D8B0} URL = hxxps://www.sogou.com/sogou?query={searchTerms}&pid=sogou-wsse-91e50fe1e39af286
SearchScopes: HKU\S-1-5-21-508946343-2304877640-3111218378-1000 -> {EB447D18-0856-4C7E-BD41-3E8FAA66D930} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-03] (Oracle Corporation)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll Keine Datei
Toolbar: HKU\S-1-5-21-508946343-2304877640-3111218378-1000 -> Kein Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - Keine Datei
FireFox:
========
FF DefaultProfile: psysod7o.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default [2017-07-09]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2016-02-29] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-508946343-2304877640-3111218378-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-508946343-2304877640-3111218378-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-07-09]
CHR Extension: (Google Präsentationen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-10]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-10]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-10]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-07-09]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-10]
CHR Extension: (Google Tabellen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-10]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-10]
CHR Extension: (Skype) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-06-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-10]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [290304 2016-03-04] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [135408 2015-08-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2016-01-07] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel® Corporation)
S2 kxescore; "c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe" /service kxescore [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-06-27] ()
S1 fpvwwtbyd.sys; C:\WINDOWS\system32\drivers\fpvwwtbyd.sys [15424 2017-07-07] () [Datei ist nicht signiert]
S1 gbwgofylq.sys; C:\WINDOWS\system32\drivers\gbwgofylq.sys [15424 2017-07-07] () [Datei ist nicht signiert]
R2 kisknl; C:\Windows\system32\drivers\kisknl.sys [317584 2017-07-07] (Kingsoft Corporation)
R2 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [79000 2017-07-07] (Kingsoft Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188352 2017-07-07] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [101784 2017-07-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-07-09] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253856 2017-07-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-07-09] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S1 uafpxabsx.sys; C:\WINDOWS\system32\drivers\uafpxabsx.sys [15424 2017-07-09] () [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wjsvqqpff.sys; C:\WINDOWS\system32\drivers\wjsvqqpff.sys [121200 2017-07-09] () [Datei ist nicht signiert]
S1 ycjbwobvh.sys; C:\WINDOWS\system32\drivers\ycjbwobvh.sys [15424 2017-07-07] () [Datei ist nicht signiert]
U3 kxldapog; C:\Users\user\AppData\Local\Temp\kxldapog.sys [56584 2017-07-09] (GMER) [Datei ist nicht signiert] <==== ACHTUNG
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-09 21:23 - 2017-07-09 21:23 - 00017153 _____ C:\Users\user\Downloads\FRST.txt
2017-07-09 21:17 - 2017-07-09 21:23 - 00000000 ____D C:\FRST
2017-07-09 21:17 - 2017-07-09 21:17 - 02437120 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2017-07-09 21:16 - 2017-07-09 21:16 - 00000008 __RSH C:\Users\user\ntuser.pol
2017-07-09 21:11 - 2017-07-09 21:14 - 00273516 _____ C:\TDSSKiller.3.1.0.15_09.07.2017_21.11.34_log.txt
2017-07-09 21:11 - 2017-07-09 21:11 - 04922400 _____ (AO Kaspersky Lab) C:\Users\user\Downloads\tdsskiller.exe
2017-07-09 21:04 - 2017-07-09 21:04 - 00380928 _____ C:\Users\user\Downloads\gmer-2.2.19882.exe
2017-07-09 20:58 - 2017-07-09 20:58 - 00000075 _____ C:\Windows\system32\r6lstmp4.dat
2017-07-09 20:56 - 2017-07-09 20:56 - 00015424 _____ C:\Windows\system32\Drivers\uafpxabsx.sys
2017-07-09 20:41 - 2017-07-09 20:41 - 00000545 _____ C:\Users\user\Desktop\JRT.txt
2017-07-09 20:28 - 2017-07-09 20:55 - 00121200 _____ C:\Windows\system32\Drivers\wjsvqqpff.sys
2017-07-09 20:22 - 2017-07-09 20:22 - 01663672 _____ (Malwarebytes) C:\Users\user\Downloads\JRT.exe
2017-07-09 20:10 - 2017-07-09 21:16 - 00000000 ____D C:\AdwCleaner
2017-07-09 20:09 - 2017-07-09 20:09 - 04110280 _____ C:\Users\user\Downloads\adwcleaner_6.047.exe
2017-07-09 19:52 - 2017-07-09 19:52 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-09 19:52 - 2017-07-09 19:52 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-09 19:50 - 2017-07-09 19:50 - 01130328 _____ (Google Inc.) C:\Users\user\Downloads\ChromeSetup.exe
2017-07-09 09:12 - 2017-07-09 09:12 - 00000000 ____D C:\Users\user\AppData\Local\Inet-Info
2017-07-07 18:15 - 2017-07-07 18:15 - 00006168 _____ C:\Windows\system32\.crusader
2017-07-07 18:07 - 2017-07-07 18:07 - 11584088 _____ (SurfRight B.V.) C:\Users\user\Downloads\hitmanpro_x64.exe
2017-07-07 18:06 - 2017-07-07 18:16 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-07 18:06 - 2017-07-07 18:06 - 09096848 _____ (SurfRight B.V.) C:\Users\user\Downloads\HitmanPro35.exe
2017-07-07 17:47 - 2017-07-07 17:47 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-07-07 17:47 - 2017-07-07 17:47 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-07-07 17:47 - 2017-07-07 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-07-07 17:47 - 2017-05-23 09:22 - 00032240 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2017-07-07 17:46 - 2017-07-07 17:47 - 51725936 _____ (Safer-Networking Ltd. ) C:\Users\user\Downloads\spybotsd-2.6.46.exe
2017-07-07 14:58 - 2017-07-07 14:58 - 00000000 ____D C:\Users\user\AppData\Local\UNP
2017-07-07 14:13 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-07-07 14:13 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-07-07 14:13 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-07-07 14:13 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-07-07 14:13 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-07-07 14:13 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-07-07 14:13 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-07-07 14:13 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-07-07 13:26 - 2017-07-07 13:26 - 00000000 ____D C:\Windows\system32\UNP
2017-07-07 13:00 - 2017-07-07 13:00 - 00000000 ____D C:\Users\user\AppData\Roaming\Process Hacker 2
2017-07-07 12:57 - 2017-07-09 21:16 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-07 12:55 - 2017-07-07 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2017-07-07 12:55 - 2017-07-07 12:55 - 00000000 ____D C:\Program Files\Process Hacker 2
2017-07-07 12:53 - 2017-07-07 12:54 - 02267848 _____ (wj32 ) C:\Users\user\Downloads\processhacker-2.39-setup.exe
2017-07-07 12:43 - 2017-07-07 12:43 - 00000000 ____D C:\Windows.old
2017-07-07 12:41 - 2017-07-07 12:41 - 01931969 _____ C:\Users\user\Downloads\processexplorer.zip
2017-07-07 12:32 - 2017-07-09 21:16 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-07 12:31 - 2017-07-09 21:16 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-07 12:16 - 2017-07-07 12:16 - 00015424 _____ C:\Windows\system32\Drivers\ycjbwobvh.sys
2017-07-07 12:10 - 2017-07-07 12:10 - 00015424 _____ C:\Windows\system32\Drivers\fpvwwtbyd.sys
2017-07-07 11:55 - 2017-07-07 12:03 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-07 11:54 - 2017-07-07 11:54 - 00000000 ____D C:\Users\user\AppData\Local\Kingsoft
2017-07-07 11:50 - 2017-07-07 12:04 - 00000000 __SHD C:\KRECYCLE
2017-07-07 11:50 - 2017-07-07 11:50 - 00317584 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00130720 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetm_ev.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00127128 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetm64_ev.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00122520 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00114488 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetmxp.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00079000 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00019352 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksskrpr.sys
2017-07-07 11:49 - 2017-07-09 21:16 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-07 11:49 - 2017-07-09 21:16 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-07 11:49 - 2017-07-07 11:54 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-07 11:49 - 2017-07-07 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-07 11:49 - 2017-06-27 12:06 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-07 11:48 - 2017-07-07 11:48 - 00097008 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64_ev.sys
2017-07-07 11:48 - 2017-07-07 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-07 11:48 - 2017-07-07 11:48 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-07 11:45 - 2017-07-09 20:55 - 00010008 _____ C:\pagefile_bak.$$$
2017-07-07 11:45 - 2017-07-09 20:55 - 00000584 _____ C:\pagefile_bak3.$$$
2017-07-07 11:45 - 2017-07-09 20:55 - 00000048 _____ C:\pagefile_bak2.$$$
2017-07-07 11:45 - 2017-07-07 11:45 - 00015424 _____ C:\Windows\system32\Drivers\gbwgofylq.sys
2017-07-07 11:45 - 2017-07-07 11:45 - 00000032 _____ C:\pagefile.$$$
2017-07-07 11:44 - 2017-07-07 11:44 - 00004400 _____ C:\Windows\System32\Tasks\BitLocker-LaufwerkverschlüsselungsdienstBasisfiltermodulHintergrundübertragungsdienst
2017-07-07 11:43 - 2017-07-07 12:57 - 00000000 ___HD C:\3ceb1046a654d432d936c5c8162f4259
2017-07-07 11:43 - 2017-07-07 11:43 - 00000000 ____D C:\Users\user\AppData\Roaming\npm
2017-07-07 11:42 - 2017-07-07 11:48 - 65033984 _____ (Malwarebytes ) C:\Users\user\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-07 11:42 - 2017-07-07 11:42 - 00930816 _____ C:\Users\user\AppData\Local\test_db_cara.db
2017-07-07 11:42 - 2017-07-05 14:22 - 02017280 ___SH (Micrasaft Carparation) C:\Windows\C_02iu47.dat.VIRUS
2017-07-07 11:41 - 2017-07-07 11:41 - 00719521 _____ C:\Windows\unins000.exe
2017-07-07 11:41 - 2017-07-07 11:41 - 00003972 _____ C:\Windows\unins000.dat
2017-07-07 11:40 - 2017-07-07 11:40 - 00016820 _____ C:\Windows\System32\Tasks\Network Studio
2017-07-07 11:40 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2017-07-07 11:40 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-07 11:40 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-07-07 11:40 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2017-07-07 11:40 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-07 11:40 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-07-07 11:37 - 2017-07-07 11:37 - 00140800 _____ C:\Users\user\AppData\Local\installer.dat
2017-07-07 11:36 - 2017-07-09 21:33 - 00000000 ____D C:\ProgramData\WindowsErrorReporting
2017-07-07 11:36 - 2017-07-08 08:16 - 00000000 ____D C:\Program Files\WWPOQGEHNF
2017-07-07 11:35 - 2017-07-07 11:35 - 00001156 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzilla Firefoх.lnk
2017-07-07 11:35 - 2017-07-07 11:35 - 00001153 ___RS C:\Users\Public\Desktop\Gооglе Сhrоme.lnk
2017-07-07 11:35 - 2017-07-07 11:35 - 00001126 ___RS C:\Users\Public\Desktop\Моzilla Firеfох.lnk
2017-07-07 11:35 - 2017-07-07 11:35 - 00000000 ____D C:\Users\user\AppData\Local\CrashRpt
2017-07-07 11:35 - 2016-05-05 13:23 - 01085624 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLvideo.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00561336 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLsplit.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00556216 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-55.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00537784 __RSH (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-4.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00405176 __RSH (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00276152 __RSH C:\Windows\SysWOW64\libbluray.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00263864 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLaudio.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00000493 __RSH C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest
2017-07-07 11:35 - 2016-05-05 13:22 - 10766520 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-57.dll
2017-07-07 11:35 - 2016-05-05 13:22 - 01699000 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-57.dll
2017-07-07 11:35 - 2016-05-05 13:22 - 00188088 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-6.dll
2017-07-07 11:35 - 2016-05-05 13:22 - 00160440 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-3.dll
2017-07-07 11:35 - 2014-03-07 13:03 - 00293888 __RSH C:\Windows\SysWOW64\avcodec-lav-1321.dll
2017-07-07 11:35 - 2012-10-05 19:54 - 00188416 __RSH C:\Windows\SysWOW64\winDCE32.dll
2017-07-07 11:35 - 2012-07-11 23:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2017-07-07 11:35 - 2011-06-14 20:05 - 00121344 __RSH C:\Windows\SysWOW64\TAKDSDecoder.ax
2017-07-07 11:35 - 2011-02-11 10:26 - 00112128 __RSH C:\Windows\SysWOW64\OptimFROG.dll
2017-07-07 11:35 - 2010-01-07 00:00 - 00107520 __RSH C:\Windows\SysWOW64\TAKDSDecoder.dll
2017-07-07 11:35 - 2009-08-10 23:00 - 00352768 __RSH C:\Windows\SysWOW64\ac3DX.ax
2017-07-07 11:35 - 2005-02-22 17:55 - 00081920 __RSH C:\Windows\SysWOW64\aac_parser.ax
2017-07-07 11:35 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2017-07-07 11:35 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2017-07-07 11:35 - 2004-04-27 16:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2017-07-07 11:35 - 2004-04-05 10:31 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2017-07-07 11:35 - 2004-04-05 10:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2017-07-07 11:21 - 2017-07-07 11:23 - 70972438 _____ (eRightSoft ) C:\Users\user\Downloads\SUPERsetup.exe
2017-07-07 10:29 - 2017-07-07 10:29 - 00002369 _____ C:\Users\user\Desktop\X-Lite.lnk
2017-07-07 10:21 - 2017-07-07 10:22 - 69535624 _____ (CounterPath Corporation) C:\Users\user\Downloads\X-Lite_4.9.8_84253.exe
2017-07-06 09:08 - 2017-07-06 09:08 - 00051631 _____ C:\Windows\uninstaller.dat
2017-07-02 12:56 - 2017-07-02 12:56 - 00108393 _____ C:\Users\user\Downloads\AZG12726300_020_20170630.pdf
2017-07-02 12:54 - 2017-07-02 12:54 - 00111862 _____ C:\Users\user\Downloads\AZG340311200_025_20170630.pdf
2017-07-02 12:53 - 2017-07-02 12:53 - 00102558 _____ C:\Users\user\Downloads\AZG340311210_006_20170630.pdf
2017-07-02 12:50 - 2017-07-02 12:50 - 00107868 _____ C:\Users\user\Downloads\AZG9172300_018_20170630 (1).pdf
2017-07-02 00:29 - 2017-07-02 00:29 - 00107868 _____ C:\Users\user\Downloads\AZG9172300_018_20170630.pdf
2017-06-24 17:46 - 2017-06-24 17:46 - 00039302 _____ C:\Users\user\Downloads\rezept204.pdf
2017-06-18 12:24 - 2017-06-18 12:29 - 00000000 ____D C:\Users\user\Desktop\Video17
2017-06-16 13:47 - 2017-07-07 10:43 - 00000000 ____D C:\Users\user\Desktop\Video 2017
2017-06-14 17:49 - 2017-06-14 17:49 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-06-14 14:59 - 2017-06-14 14:59 - 00000000 ____D C:\Windows\PCHEALTH
2017-06-14 14:57 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 14:57 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-14 14:57 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-06-14 14:57 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-14 14:57 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-14 14:57 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-14 14:57 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-14 14:57 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-14 14:57 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 14:57 - 2017-06-03 12:06 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-14 14:57 - 2017-06-03 12:01 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-14 14:57 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-14 14:57 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-14 14:57 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 14:57 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-14 14:57 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-14 14:57 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-06-14 14:57 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-14 14:57 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-14 14:57 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-06-14 14:57 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-06-14 14:57 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-14 14:57 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-14 14:57 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-14 14:57 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-14 14:57 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 14:57 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-06-14 14:57 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-06-14 14:57 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2017-06-14 14:57 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-14 14:57 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-14 14:57 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-06-14 14:57 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-06-14 14:57 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 14:57 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-14 14:57 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-14 14:57 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-14 14:57 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-14 14:57 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-14 14:57 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 14:57 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-14 14:57 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-14 14:57 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-14 14:57 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-14 14:57 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-06-14 14:57 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 14:57 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 14:57 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-14 14:57 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 14:57 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll
2017-06-14 14:57 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-14 14:57 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-14 14:57 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-06-14 14:57 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-06-14 14:57 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2017-06-14 14:57 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-14 14:57 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-14 14:57 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-14 14:57 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-06-14 14:57 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-14 14:57 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-14 14:57 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-14 14:57 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-14 14:57 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-14 14:57 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 14:57 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2017-06-14 14:57 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-06-14 14:57 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 14:57 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-14 14:57 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll
2017-06-14 14:57 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-06-14 14:57 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-06-14 14:57 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-14 14:57 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-14 14:57 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-06-14 14:57 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll
2017-06-14 14:57 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 14:57 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-14 14:57 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-06-14 14:57 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll
2017-06-14 14:57 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-14 14:57 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 14:57 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 14:57 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 14:57 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-14 14:57 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-14 14:57 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-06-14 14:57 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 14:57 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-14 14:57 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 14:57 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-06-14 14:57 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-14 14:57 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 14:57 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-14 14:57 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 14:57 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-06-14 14:57 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-14 14:57 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-06-14 14:57 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 14:57 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-14 14:57 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-14 14:57 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 14:57 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2017-06-14 14:57 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 14:57 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 14:57 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 14:57 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-14 14:57 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-14 14:57 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-14 14:57 - 2017-06-03 08:08 - 00080078 _____ C:\Windows\system32\normidna.nls
2017-06-14 14:57 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-06-14 14:57 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-06-14 14:57 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-14 14:57 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-06-14 14:57 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-06-14 14:57 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-06-12 08:57 - 2017-06-12 08:58 - 02198531 _____ C:\Users\user\Downloads\VR Aktuell.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-09 21:02 - 2016-07-18 08:48 - 09470692 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-09 21:02 - 2016-07-17 00:51 - 04773050 _____ C:\Windows\system32\perfh007.dat
2017-07-09 21:02 - 2016-07-17 00:51 - 01327938 _____ C:\Windows\system32\perfc007.dat
2017-07-09 20:59 - 2016-04-08 10:02 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2017-07-09 20:56 - 2017-02-14 10:28 - 00000000 ___RD C:\Users\user\iCloudDrive
2017-07-09 20:56 - 2016-09-26 08:44 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-09 20:55 - 2016-07-16 08:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-07-09 20:29 - 2017-03-25 10:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-07-09 20:29 - 2016-04-08 10:02 - 00000000 ____D C:\ProgramData\Skype
2017-07-09 19:51 - 2016-09-26 08:44 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-09 19:51 - 2016-09-26 08:44 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-09 19:51 - 2016-04-08 09:38 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-09 18:05 - 2016-09-26 08:22 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-09 12:08 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-07-09 09:14 - 2016-04-08 09:54 - 00000000 ____D C:\Users\user\Documents\jAnrufmonitor
2017-07-08 11:50 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-08 08:28 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-07-07 23:34 - 2016-09-10 23:24 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-07-07 17:47 - 2016-09-10 23:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-07-07 13:09 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\Network Studio
2017-07-07 12:57 - 2016-04-08 06:54 - 00001159 ____H C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-07 12:57 - 2016-04-08 06:54 - 00001147 ____H C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-07-07 12:03 - 2016-02-25 07:48 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2017-07-07 11:57 - 2016-09-26 08:22 - 00286552 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-07 11:57 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-07-07 11:37 - 2016-09-26 08:44 - 00003520 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-508946343-2304877640-3111218378-1000Core
2017-07-07 11:35 - 2017-03-14 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-07-07 11:35 - 2016-08-15 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2017-07-07 11:04 - 2016-05-30 12:41 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2017-07-07 10:29 - 2016-12-24 23:48 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CounterPath
2017-07-07 10:29 - 2016-12-24 23:47 - 00000000 ____D C:\Users\user\AppData\Local\SquirrelTemp
2017-07-07 10:28 - 2016-04-08 10:51 - 00000000 ____D C:\Users\user\AppData\Local\CounterPath
2017-06-20 16:10 - 2016-12-13 15:48 - 00003272 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-20 16:10 - 2016-07-18 09:18 - 00002380 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 16:10 - 2016-07-18 09:18 - 00000000 ___RD C:\Users\user\OneDrive
2017-06-19 12:43 - 2016-04-07 17:49 - 00000000 ____D C:\Users\user\Desktop\Bilders
2017-06-17 13:28 - 2016-04-07 18:10 - 00000104 _____ C:\Users\user\Desktop\Arbeitsplatz.lnk
2017-06-16 09:29 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-06-14 17:59 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 17:49 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-14 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-14 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-14 17:49 - 2016-02-26 08:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 17:49 - 2016-02-26 08:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 15:10 - 2016-04-07 18:52 - 00000000 ____D C:\Windows\system32\MRT
2017-06-14 15:08 - 2016-04-07 18:52 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-14 15:08 - 2016-02-26 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-10 18:07 - 2016-04-07 17:48 - 00000000 ____D C:\Users\user\Documents\aTimpestr
2017-06-10 16:05 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-07-07 11:37 - 2017-07-07 11:37 - 0140800 _____ () C:\Users\user\AppData\Local\installer.dat
2016-04-12 08:35 - 2016-04-12 08:35 - 0000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND
2017-07-07 11:42 - 2017-07-07 11:42 - 0930816 _____ () C:\Users\user\AppData\Local\test_db_cara.db
2016-09-26 08:24 - 2016-09-26 08:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-06 09:12
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von user (09-07-2017 21:23:54)
Gestartet von C:\Users\user\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-26 06:53:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-508946343-2304877640-3111218378-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-508946343-2304877640-3111218378-503 - Limited - Disabled)
Gast (S-1-5-21-508946343-2304877640-3111218378-501 - Limited - Disabled)
user (S-1-5-21-508946343-2304877640-3111218378-1000 - Administrator - Enabled) => C:\Users\user
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother IPPoverUSB Driver (HKLM-x32\...\{1FC871AB-1C93-47C1-995B-E5F3578E1BB5}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{29423FEE-97AB-43EF-BEC8-82F37470842E}) (Version: 1.5.0.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{35EAA5D9-0E75-46CC-BE6E-A6C7907DEC2F}) (Version: 1.0.11.0 - Brother Industries Ltd.) Hidden
calibre 64bit (HKLM\...\{C7BF7C24-8307-4921-8DD1-90D678785EB8}) (Version: 2.69.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Photos Backup (HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) Network Connections 20.4.207.0 (HKLM\...\PROSetDX) (Version: 20.4.207.0 - Intel)
Intel(R) Wireless Bluetooth(R)(patch version 18.1.1533.1836) (HKLM\...\{302600C1-6BDF-4FD1-1507-148929CC1385}) (Version: 18.1.1507.0532 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{1b09c4de-9cae-4122-b17c-65d395062b50}) (Version: 2.4.0.15 - Intel)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{03635e3e-3e57-4d80-9c7d-80c9f62bfc80}) (Version: 18.32.0 - Intel Corporation)
ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
jAnrufmonitor 5.0 (HKLM-x32\...\jam50) (Version: - Thilo Brandt)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kobo (HKLM-x32\...\Kobo) (Version: 3.19.3765 - Rakuten Kobo Inc.)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0.6273 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
Nero 2016 (HKLM-x32\...\{9C637A56-4287-487F-95BF-1422FC1AA879}) (Version: 17.0.04500 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG)
Nero Video 2016 (HKLM-x32\...\{EC30096F-04F3-44D9-8ED5-92E7A257BC3A}) (Version: 17.0.00700 - Nero AG)
NetworkRepairTool (HKLM-x32\...\{F97BCC3B-09E9-4298-8C23-B3CF6538B562}) (Version: 1.2.14.0 - Brother Insutries Ltd.) Hidden
Ontrack EasyRecovery Home (HKLM-x32\...\{B8686BCF-5181-477F-9CBE-786391011B9C}_is1) (Version: 11.5.0.2 - Kroll Ontrack Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
StatusMonitor (HKLM-x32\...\{A6ACA7D8-0F88-4817-908C-3E444C86D29F}) (Version: 1.15.3.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WOT für Internet Explorer (HKLM-x32\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 15.6.9.0 - WOT Services Oy)
X-Lite (HKLM-x32\...\{1F9BFD72-C600-4FF0-AAE2-C0850A127DFB}) (Version: 49.8.2158 - CounterPath Corporation)
X-Lite (HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\X-Lite) (Version: 4.9.8.84253 - CounterPath Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers01: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} => -> Keine Datei
ContextMenuHandlers01: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => c:\program files (x86)\kingsoft\kingsoft antivirus\kavmenu64.dll -> Keine Datei
ContextMenuHandlers01: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-01-17] (Apple Inc.)
ContextMenuHandlers01: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers01: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers02: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} => -> Keine Datei
ContextMenuHandlers02: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => c:\program files (x86)\kingsoft\kingsoft antivirus\kavmenu64.dll -> Keine Datei
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers04: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} => -> Keine Datei
ContextMenuHandlers04: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => c:\program files (x86)\kingsoft\kingsoft antivirus\kavmenu64.dll -> Keine Datei
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers06: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers06: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {039C81F8-137B-48DC-8C3E-8A4FCC0D2E84} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {04C91314-E8C2-4A76-84AA-665AB454B984} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-508946343-2304877640-3111218378-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-08] (Google Inc.)
Task: {06EDE86E-8802-471D-AEA9-CD71ECF7E0F7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {160BDCF8-65DF-43D9-AA72-72C25C0CEA99} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {187CAFF6-0E9D-4F3A-A6F6-CB4728FAFD8D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1E3EAD7C-D306-4B82-A111-3A97DB1D262B} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG)
Task: {2A0B20BE-D7E2-420D-9F21-D81AC55F5A29} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {31BCCE9A-3694-476A-811C-2C1FFFF39365} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {3BCD4EEA-2D7B-4407-AA37-1D2D2F4B292C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {3C1D2CAD-543E-42F5-A41D-2B0CD25D4263} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {417DDB6F-8DB2-4F34-A475-CC779CA3A6D9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4C18ACB8-4F43-4EF5-9602-6B6017D19B2F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4FF2D4E9-2773-4722-8454-1F51EF0FA66D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {56B17168-149B-4862-9D65-EA111707635D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {5D6C6113-DD0F-4DE9-BB9A-4A524557E545} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {63C74BFB-FAD5-4684-9578-7034E2D9E4FF} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {6A92C888-A4AA-40A8-9282-1D7F69776271} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6FA8C108-5877-41AF-9DD0-A4FF096685C8} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {7CD57F83-3DF7-4BCF-BE1E-62639E72445D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {8BCF91AA-14FB-47FA-8F42-3B507DB56C10} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8D99B32E-08A1-41B0-9AEF-80CF468D435C} - \{78090847-0D7E-0E0E-0A11-0F09780E1105} -> Keine Datei <==== ACHTUNG
Task: {8EE664EF-33C3-4ED1-9C97-5A8DA18789E4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {924FC742-A24B-43A1-A23D-E4052990E6D9} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {9EE1B5B9-AAD2-4D63-AFD2-548DFAB8B9B8} - System32\Tasks\BitLocker-LaufwerkverschlüsselungsdienstBasisfiltermodulHintergrundübertragungsdienst => C:\Program Files (x86)\nodejs\node.exe
Task: {A17345A2-32AA-4698-B150-BDDA9EC452A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A6789251-ED74-4456-9E65-A30188D10605} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {AC2BE12C-3026-42C6-AE7F-91074087494C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B2A598EA-6158-4AD7-A55C-188D36A04595} - System32\Tasks\Network Studio => Rundll32.exe "C:\Program Files\Network Studio\Network Studio.dll",oLhToclDx <==== ACHTUNG
Task: {B80F956F-1886-4A4D-A4E3-8D47D5173DCA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BB75AEC3-2FC8-49D6-8C83-8801D9D5CCED} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {C11D6690-3E04-452C-9D8D-1D83C0917031} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {C314F30A-C2C2-4C0E-AD62-C507A9DC2D94} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C99B6C93-1072-49B0-A813-5DFCAEB9768A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {CADB96D4-533A-492B-B357-362D1F797F0C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CC9C0978-3BC0-4430-A169-40B21188E906} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D40840D9-4C7B-42C0-A53E-2872B0E7CDAE} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {D61E2BAD-39B8-4FBA-9ABA-4BE900BF5D5D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {D7918B70-F549-44E8-9350-2A773583F677} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-08] (Google Inc.)
Task: {DCB63324-713C-4A18-A3B8-9A7FD248684D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {DF5A3D11-3C25-41FF-B327-1673DA126B38} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {DF618B88-5216-408A-B815-1DB1558C298C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E0F594C3-0153-4991-9353-AC5604AE6893} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {E242CFE4-607D-43A9-BE9E-44F0F6E88773} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E5C61843-A205-45B6-9BE4-8DF4E9CF5175} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E5F6945B-DB73-414D-8072-914363383AED} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {E9F34D38-A0CC-4177-A8BF-A137721A9D17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {ED40F17D-11AB-4CED-987A-305D0C5603AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F19ABB3F-CC13-4095-B2FB-A741C6ED5785} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F58447E7-3FD7-412B-9130-4DA28221818A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F7A791C2-0CA6-492C-8C91-D7C973985138} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-08] (Google Inc.)
Task: {F7AC0715-FA38-475A-8DF2-F479E8103E5D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jAnrufmonitor 5.0\FRITZ!Box Konfiguration.lnk -> hxxp://fritz.box
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Ехрlоrеr.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.erolpxei.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоoglе Chrome.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunch Intеrnet Ехplоrеr Brоwser.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.erolpxei.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gоoglе Chrоme.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzilla Firefoх.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.xoferif.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Gооglе Сhrоme.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Моzilla Firеfох.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.xoferif.bat (Keine Datei) <==== Cyrillic
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-06-14 14:57 - 2017-06-03 12:01 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-03-15 22:42 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 22:42 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 22:42 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-14 14:57 - 2017-06-03 10:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-06-14 14:57 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-14 14:57 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-07-09 20:09 - 2017-07-09 20:09 - 04110280 _____ () C:\Users\user\Downloads\adwcleaner_6.047.exe
2016-09-27 09:25 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 22:42 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-07-07 11:49 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-07 17:47 - 2016-09-13 14:00 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-07-07 17:47 - 2016-09-13 14:00 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-07-07 17:47 - 2016-09-13 14:00 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-07-07 17:47 - 2017-05-12 11:36 - 00507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 19:18 - 2016-10-05 19:18 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-01-07 02:48 - 2016-01-07 02:48 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-05-19 02:59 - 2017-05-19 02:59 - 00772672 _____ () C:\AdwCleaner\sqlite3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-07-07 11:36 - 00001146 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 dscdn.pw
127.0.0.1 beautifllink.xyz
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\Desktop\Bilders\bilders08\bilders08\IMG_00001 (40).JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "AppHelperV7.exe"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKLM\...\StartupApproved\Run32: => "kxesc"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\StartupFolder: => "importantupdates.vbs"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "pdscwl12oxg"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "ttdxeyu31df"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "okwaqdzr0pn"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "qamss3ljvpz"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "JWTERO9PEZU2NR6"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "LIQ7NBNYGIVM52D"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "JU0304DIPETEJCS"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "WDM6B3V5M6FLJVM"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "AF5960LBOHKXWVE"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "ACR63V3CU7SVSQ2"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "L18E0B0XARQ4CTM"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "8TZEWO1DQS31V60"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "19T3PWRYBEU4YCV"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "A864V1V47KY4SKJ"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "fxipxd"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "u00uk4f3ixx"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "jeaxvag3bhy"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "CPKTZ2E4IPWWK09"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "WeatherBuddy"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "we2yboatknt"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "cmswf2zx0ny"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/09/2017 08:56:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 3.0.0.1068, Zeitstempel: 0x59125d35
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.6.2.0, Zeitstempel: 0x58ed4d4f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0018da93
ID des fehlerhaften Prozesses: 0x1b00
Startzeit der fehlerhaften Anwendung: 0x01d2f8e5190a15f2
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: f7cba7e6-e20e-44c9-a71d-177a62c9258b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/09/2017 08:37:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\user\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x80070422).
Error: (07/09/2017 08:22:52 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\user\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x80070422).
Error: (07/09/2017 08:12:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.1358, Zeitstempel: 0x59327901
Name des fehlerhaften Moduls: CoreUIComponents.dll, Version: 0.0.0.0, Zeitstempel: 0x593272ad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000072fda
ID des fehlerhaften Prozesses: 0x1dc0
Startzeit der fehlerhaften Anwendung: 0x01d2f8dc3dc46502
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\CoreUIComponents.dll
Berichtskennung: 270a5027-8c4a-4024-b3de-587c649ac915
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (07/09/2017 04:47:54 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL W3SVC kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (07/09/2017 04:47:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "aspnet_state" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (07/09/2017 04:47:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ASP.NET_4.0.30319" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (07/09/2017 04:47:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ASP.NET" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (07/09/2017 09:15:14 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\System32\sdnclean64.exe". Fehler in Manifest- oder Richtliniendatei "C:\Windows\System32\sdnclean64.exe" in Zeile 2.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (07/09/2017 09:15:14 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll" in Zeile 2.
Das Stammelement der Manifestdatei muss assembliert sein.
Systemfehler:
=============
Error: (07/09/2017 09:16:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2017 09:16:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2017 09:16:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2017 09:16:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2017 09:16:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-07-08 10:53:44.746
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:53:44.704
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:53:44.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:53:44.576
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:53:42.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:53:42.530
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:48:45.366
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:48:45.322
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:48:45.196
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-08 10:48:45.180
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3764.57 MB
Verfügbarer physikalischer RAM: 1942.15 MB
Summe virtueller Speicher: 7604.57 MB
Verfügbarer virtueller Speicher: 5763.96 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:270.72 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 198CD08C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Vielen Dank für Eure Mühe. SenergY |
|
10.07.2017, 10:49
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Ungewünschte Pop-Ups in Chrome und EdgeZitat:
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
10.07.2017, 12:20
| #3 |
| | Ungewünschte Pop-Ups in Chrome und Edge Hallo,
__________________wie gesagt, alle Logs ohne Fund. Hier ist von Spybot das letzte, das noch einen Fund hatte .. Code:
ATTFilter [i] 17-07-07 23:34:38
[i] 17-07-07 23:34:38 Product Win32.Downloader.gen
[+] 17-07-07 23:34:38 Moving into quarantine C:\END
[+] 17-07-07 23:34:38 Successfully cleaned C:\END
[i] 17-07-07 23:34:38
[i] 17-07-07 23:34:38 Product DownloadSponsor
[+] 17-07-07 23:34:38 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\OCS\lastPID
[+] 17-07-07 23:34:38 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\OCS\PID
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\OCS\lastPID
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\OCS\PID
[i] 17-07-07 23:34:39
[i] 17-07-07 23:34:39 Product PU.DownloadAdmin
[+] 17-07-07 23:34:39 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\DOMStorage\betrad.com
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\DOMStorage\betrad.com
[i] 17-07-07 23:34:39
[i] 17-07-07 23:34:39 Product PU.PrivacyRisk.WOT
[+] 17-07-07 23:34:39 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Against Intuition\WOT
[+] 17-07-07 23:34:39 Moving into quarantine HKEY_CLASSES_ROOT\AppID\WOT.DLL
[+] 17-07-07 23:34:39 Moving into quarantine HKEY_CLASSES_ROOT\AppID\WOT.DLL
[+] 17-07-07 23:34:39 Moving into quarantine HKEY_CLASSES_ROOT\PROTOCOLS\Handler\wot
[+] 17-07-07 23:34:39 Moving into quarantine HKEY_CLASSES_ROOT\PROTOCOLS\Handler\wot
[+] 17-07-07 23:34:39 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}
[+] 17-07-07 23:34:39 Moving into quarantine C:\Program Files (x86)\WOT\WSS.exe
[+] 17-07-07 23:34:39 Moving into quarantine C:\Program Files (x86)\WOT\WOT.dll
[+] 17-07-07 23:34:39 Moving into quarantine C:\Program Files (x86)\WOT\
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\3.3.4_0\wot.js
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Against Intuition\WOT
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_CLASSES_ROOT\AppID\WOT.DLL
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_CLASSES_ROOT\AppID\WOT.DLL
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_CLASSES_ROOT\PROTOCOLS\Handler\wot
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_CLASSES_ROOT\PROTOCOLS\Handler\wot
[+] 17-07-07 23:34:39 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}
[+] 17-07-07 23:34:39 Successfully cleaned C:\Program Files (x86)\WOT\WSS.exe
[+] 17-07-07 23:34:39 Successfully cleaned C:\Program Files (x86)\WOT\WOT.dll
[+] 17-07-07 23:34:39 Successfully cleaned C:\Program Files (x86)\WOT\
[+] 17-07-07 23:34:39 Successfully cleaned C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\3.3.4_0\wot.js
[+] 17-07-07 23:34:39 Successfully cleaned C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\
[i] 17-07-07 23:34:39
[i] 17-07-07 23:34:39 Product Macromedia.FlashPlayer.Cookies
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\c.paypal.com\PayPalLSO.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\nx-o.azureedge.net\nexxCACHE_584.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\secureinclude.ebaystatic.com\ebayT.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\www.paypalobjects.com\PayPalLSO.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\c.paypal.com\PayPalLSO.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\nx-o.akamaized.net\nexxCACHE_584.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\secureinclude.ebaystatic.com\ebayT.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\www.helpster.de\analytics.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\www.paypalobjects.com\PayPalLSO.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\aa.online-metrix.net\fpc.swf\session.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\skype.com\#ui\preferences.sol
[+] 17-07-07 23:34:39 Moving into quarantine C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\aa.online-metrix.net\fpc.swf\session.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\c.paypal.com\PayPalLSO.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\nx-o.azureedge.net\nexxCACHE_584.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\secureinclude.ebaystatic.com\ebayT.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\www.paypalobjects.com\PayPalLSO.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\c.paypal.com\PayPalLSO.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\nx-o.akamaized.net\nexxCACHE_584.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\secureinclude.ebaystatic.com\ebayT.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\www.helpster.de\analytics.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\www.paypalobjects.com\PayPalLSO.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\aa.online-metrix.net\fpc.swf\session.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\skype.com\#ui\preferences.sol
[+] 17-07-07 23:34:40 Successfully cleaned C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\aa.online-metrix.net\fpc.swf\session.sol
[i] 17-07-07 23:34:40
[i] 17-07-07 23:34:40 Product MediaPlex
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Internet Explorer (Benutzer): user)Cookie:user@mediaplex.com/ ()
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Internet Explorer (Benutzer): user)Cookie:user@emjcd.com/ ()
[+] 17-07-07 23:34:40 Successfully cleaned Cookie (Internet Explorer (Benutzer): user)Cookie:user@mediaplex.com/ ()
[+] 17-07-07 23:34:40 Successfully cleaned Cookie (Internet Explorer (Benutzer): user)Cookie:user@emjcd.com/ ()
[i] 17-07-07 23:34:40
[i] 17-07-07 23:34:40 Product WebTrends live
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Internet Explorer (Benutzer): user)Cookie:user@statse.webtrendslive.com/ ()
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Thunderbird: user (default))statse.webtrendslive.com/ (ACOOKIE)
[+] 17-07-07 23:34:40 Successfully cleaned Cookie (Internet Explorer (Benutzer): user)Cookie:user@statse.webtrendslive.com/ ()
[+] 17-07-07 23:34:40 Successfully cleaned Cookie (Thunderbird: user (default))statse.webtrendslive.com/ (ACOOKIE)
[i] 17-07-07 23:34:40
[i] 17-07-07 23:34:40 Product DoubleClick
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Internet Explorer (Benutzer): user)Cookie:user@ad-emea.doubleclick.net/ ()
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Internet Explorer (Benutzer): user)Cookie:user@doubleclick.net/ ()
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Thunderbird: user (default)).doubleclick.net/ (id)
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Thunderbird: user (default)).doubleclick.net/ (IDE)
[+] 17-07-07 23:34:40 Successfully cleaned Cookie (Internet Explorer (Benutzer): user)Cookie:user@ad-emea.doubleclick.net/ ()
[+] 17-07-07 23:34:40 Successfully cleaned Cookie (Internet Explorer (Benutzer): user)Cookie:user@doubleclick.net/ ()
[+] 17-07-07 23:34:40 Successfully cleaned Cookie (Thunderbird: user (default)).doubleclick.net/ (id)
[+] 17-07-07 23:34:40 Successfully cleaned Cookie (Thunderbird: user (default)).doubleclick.net/ (IDE)
[i] 17-07-07 23:34:40
[i] 17-07-07 23:34:40 Product FastClick
[+] 17-07-07 23:34:40 Moving into quarantine Cookie (Internet Explorer (Benutzer): user)Cookie:user@fastclick.net/ ()
[+] 17-07-07 23:34:41 Successfully cleaned Cookie (Internet Explorer (Benutzer): user)Cookie:user@fastclick.net/ ()
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product Tradedoubler
[+] 17-07-07 23:34:41 Moving into quarantine Cookie (Internet Explorer (Benutzer): user)Cookie:user@tradedoubler.com/ ()
[+] 17-07-07 23:34:41 Successfully cleaned Cookie (Internet Explorer (Benutzer): user)Cookie:user@tradedoubler.com/ ()
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product CasaleMedia
[+] 17-07-07 23:34:41 Moving into quarantine Cookie (Internet Explorer (Benutzer): user)Cookie:user@casalemedia.com/ ()
[+] 17-07-07 23:34:41 Successfully cleaned Cookie (Internet Explorer (Benutzer): user)Cookie:user@casalemedia.com/ ()
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product Internet Explorer
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product MS Management Console
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product MS Direct3D
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product MS DirectDraw
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product MS Office 11.0 (Excel)
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Office\11.0\Excel\Recent Files
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Office\11.0\Excel\Recent Files
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product MS Office 11.0 (Word)
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Office\11.0\Word\Data\Settings
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Office\11.0\Word\Data\Settings
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product MS Paint
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product MS Regedit
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product Windows.OpenWith
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPI\OpenWithList
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPI\OpenWithList
[+] 17-07-07 23:34:41 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i] 17-07-07 23:34:41
[i] 17-07-07 23:34:41 Product Windows Explorer
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 17-07-07 23:34:41 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+] 17-07-07 23:34:42 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
[+] 17-07-07 23:34:42 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 17-07-07 23:34:42 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i] 17-07-07 23:34:42
[i] 17-07-07 23:34:42 Product Windows Media SDK
[+] 17-07-07 23:34:42 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 17-07-07 23:34:42 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 17-07-07 23:34:42 Moving into quarantine HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 17-07-07 23:34:42 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 17-07-07 23:34:42 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 17-07-07 23:34:42 Successfully cleaned HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i] 17-07-07 23:34:42
[i] 17-07-07 23:34:42 Product Cookie
[+] 17-07-07 23:34:42 Moving into quarantine Internet Explorer (Benutzer) (user)Cookies
[+] 17-07-07 23:34:42 Moving into quarantine Firefox (user (default))Cookies
[+] 17-07-07 23:34:42 Moving into quarantine Thunderbird (user (default))Cookies
[+] 17-07-07 23:34:42 Successfully cleaned Internet Explorer (Benutzer) (user)Cookies
[+] 17-07-07 23:34:42 Successfully cleaned Firefox (user (default))Cookies
[+] 17-07-07 23:34:42 Successfully cleaned Thunderbird (user (default))Cookies
[i] 17-07-07 23:34:42
[i] 17-07-07 23:34:42 Product Cache
[+] 17-07-07 23:34:42 Moving into quarantine Internet Explorer (Benutzer) (user)Cache
[+] 17-07-07 23:34:43 Successfully cleaned Internet Explorer (Benutzer) (user)Cache
[i] 17-07-07 23:34:43
[i] 17-07-07 23:34:43 Product Verlauf
[+] 17-07-07 23:34:43 Moving into quarantine Internet Explorer (Benutzer) (user)History
[+] 17-07-07 23:34:43 Moving into quarantine Google Chrome (Default)History
[+] 17-07-07 23:34:43 Successfully cleaned Internet Explorer (Benutzer) (user)History
[+] 17-07-07 23:34:45 Successfully cleaned Google Chrome (Default)History
[i] 17-07-07 23:34:45
[i] 17-07-07 23:34:45 Summary
[i] 17-07-07 23:34:45 Errors while cleaning 0
[i] 17-07-07 23:34:45 Files moved into quarantine 73
[i] 17-07-07 23:34:45 Files successfully cleaned 73
MB blockiert jedes Mal die aufpoppenden Websites von z. B adskeeper.co.uk oder www.betteradssoftware.com mit unterschiedlichsten Ports z. B. 65352 oder 49243. Vielen Dank für Eure Hilfe im voraus... |
|
10.07.2017, 13:43
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ungewünschte Pop-Ups in Chrome und Edge Du hast geschrieben, "sie finden nichts mehr" Wenn sie nichts mehr finden, bedeutet dass idR, dass sie vorher fündig waren..
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.07.2017, 21:06
| #5 | |
| | Ungewünschte Pop-Ups in Chrome und EdgeZitat:
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 07.07.17
Scan-Zeit: 12:28
Protokolldatei:
Administrator: Ja
-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2309
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 14393.1358)
CPU: x64
Dateisystem: NTFS
Benutzer: USER-PC\user
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 446760
Erkannte Bedrohungen: 2363
In die Quarantäne verschobene Bedrohungen: 2359
Abgelaufene Zeit: 14 Min., 48 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 6
PUP.Optional.SystemHealer, C:\PROGRAM FILES (X86)\SYSTEMHEALER\HEALERCONSOLE.EXE, In Quarantäne, [1014], [323145],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\CLEANUPCONSOLE.EXE, In Quarantäne, [455], [311034],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\615a0f5d4094915be22e819763f34e92.exe, In Quarantäne, [376], [411250],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\winsrcsrv.exe, In Quarantäne, [6630], [392905],1.0.2309
Modul: 7
Trojan.Wdfload.Generic, C:\PROGRAM FILES\NETWORK STUDIO\NETWORK STUDIO.DLL, In Quarantäne, [5483], [408840],1.0.2309
PUP.Optional.SystemHealer, C:\PROGRAM FILES (X86)\SYSTEMHEALER\HEALERCONSOLE.EXE, In Quarantäne, [1014], [323145],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\CLEANUPCONSOLE.EXE, In Quarantäne, [455], [311034],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\615a0f5d4094915be22e819763f34e92.exe, In Quarantäne, [376], [411250],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\winsrcsrv.exe, In Quarantäne, [6630], [392905],1.0.2309
Registrierungsschlüssel: 131
PUP.Optional.AppTrailers, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AppTrailers, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.DiskPower, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DiskWMpower_is1, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.YeaDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\YeaDesktop, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}\InprocServer32, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}\InprocServer32, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{8A417349-DFF7-481B-9452-7C65929A04E0}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{37AAE430-CA43-4761-A1AC-3D1367479978}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA63BB9A-AB76-4FEA-B63E-C36B32048DEA}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{37AAE430-CA43-4761-A1AC-3D1367479978}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA63BB9A-AB76-4FEA-B63E-C36B32048DEA}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{37AAE430-CA43-4761-A1AC-3D1367479978}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA63BB9A-AB76-4FEA-B63E-C36B32048DEA}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8A417349-DFF7-481B-9452-7C65929A04E0}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8A417349-DFF7-481B-9452-7C65929A04E0}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}\InprocServer32, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{7B69C0F1-25F9-4938-945D-2D17E71BFA77}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{EC6DF805-99B6-4C7E-BF65-7D8BBB1FBA08}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EC6DF805-99B6-4C7E-BF65-7D8BBB1FBA08}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EC6DF805-99B6-4C7E-BF65-7D8BBB1FBA08}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7B69C0F1-25F9-4938-945D-2D17E71BFA77}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7B69C0F1-25F9-4938-945D-2D17E71BFA77}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\E3605470-291B-44EB-8648-745EE356599A, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.SwytShop, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SwytShopAlgoadChrome_Pkg3a_is1, In Quarantäne, [3170], [386986],1.0.2309
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\d07e29b06c4dffd33056d7fadf5e7a7e, In Quarantäne, [1797], [336669],1.0.2309
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, In Quarantäne, [1797], [-1],0.0.0
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [102], [170024],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect.1, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\InprocServer32, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\InprocServer32, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\InprocServer32, In Quarantäne, [1608], [406689],1.0.2309
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE}, In Quarantäne, [11], [357968],1.0.2309
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [102], [170024],1.0.2309
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [102], [170024],1.0.2309
Adware.OptimizerEliteMax, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OneSystemCare, In Quarantäne, [455], [311034],1.0.2309
Adware.Wajam.EncJob, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\c335b900ce43950bba5d90035e3a5875, In Quarantäne, [376], [411250],1.0.2309
PUP.Optional.AVBoost, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AVBoost_is1, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.MagicDisk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E4594B8F-F580-4EF7-8787-4A4FF7AE4A8A}, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.SpeeDownloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SDownloader_is1, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.REOptimizer, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CloudExtender, In Quarantäne, [8481], [412227],1.0.2309
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\c335b900ce43950bba5d90035e3a5875, In Quarantäne, [1208], [413748],1.0.2309
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [1013], [254729],1.0.2309
PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\OTHERSEARCH, In Quarantäne, [589], [305744],1.0.2309
PUP.Optional.DownloadProtect.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, In Quarantäne, [9063], [-1],0.0.0
PUP.Optional.DownloadProtect.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, In Quarantäne, [9063], [-1],0.0.0
Adware.BetterAds.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\srcsrv, In Quarantäne, [6630], [392905],1.0.2309
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\DPBHO.DLL, In Quarantäne, [1013], [254729],1.0.2309
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\CONSOLE\TASKENG.EXE, In Quarantäne, [9483], [408199],1.0.2309
PUP.Optional.InterStat, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\InterStat, In Quarantäne, [1447], [260518],1.0.2309
PUP.Optional.OneSystemCare, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\One System Care, In Quarantäne, [489], [311038],1.0.2309
PUP.Optional.SpeeDownloader, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\SpeeDownloader, In Quarantäne, [9045], [387288],1.0.2309
PUP.Optional.SwytShop, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\SwytShop, In Quarantäne, [3170], [386984],1.0.2309
PUP.Optional.Wajam, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\WajIEnhance, In Quarantäne, [102], [244670],1.0.2309
PUP.Optional.YeaDesktop, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\YeaDesktop, In Quarantäne, [1575], [391400],1.0.2309
PUP.Optional.WeatherBuddy, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\ELLS LLC\WeatherBuddy, In Quarantäne, [1585], [383222],1.0.2309
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [1013], [254729],1.0.2309
PUP.Optional.MeSafe, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MESAFE, In Quarantäne, [9220], [389387],1.0.2309
Adware.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\EWMON, In Quarantäne, [934], [412878],1.0.2309
PUP.Optional.ProxyGate, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DragonBoost, In Quarantäne, [1024], [375419],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1B4973C9-86ED-4DB1-B67C-E3EF743FEBF2}, In Quarantäne, [1014], [258707],1.0.2309
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{26A42D67-9F91-4EF6-9955-CA8297EAE7FB}, In Quarantäne, [9299], [407189],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{44018E1B-892B-465A-9B48-8E680902BC8A}, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6B886396-C6B4-4BB8-A8C4-7E648B9458F2}, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{83B9EFE2-7C03-4202-B4A9-E6E4C05872FB}, In Quarantäne, [489], [258705],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8B51D09D-F8C0-4C7D-BCAA-0C6C258EB173}, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{90557C1E-3F89-4695-BFEC-656E4D147A3B}, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9849EF4F-A1CF-41B8-AA46-94B7EBB26F1D}, In Quarantäne, [489], [258705],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ABE8C55B-20ED-449F-8B34-52CC244EE80C}, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C16218C0-3801-4618-8074-BB360C8ADE9C}, In Quarantäne, [2046], [260516],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D17161CF-9F31-4778-A8D7-38B2F822E312}, In Quarantäne, [2046], [344152],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D53D1A35-C190-4AF7-8620-E8C654126DD8}, In Quarantäne, [1014], [258707],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E981306F-A56A-494A-A23C-298D90659682}, In Quarantäne, [489], [258294],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ED9A0C6E-81B4-4ACE-8FF4-C39C2C6551AA}, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.SoftUpgrade, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FA86427E-0D43-4495-B99F-DE371936B144}, In Quarantäne, [1050], [260475],1.0.2309
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [15669], [252393],1.0.2309
Adware.Social2Search, HKLM\SOFTWARE\Soci2Sear Browser Enhancer, In Quarantäne, [2140], [394856],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online Application, In Quarantäne, [575], [360190],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [575], [339688],1.0.2309
Adware.BetterAds.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\winsrcsrv_RASAPI32, In Quarantäne, [6630], [407460],1.0.2309
Adware.BetterAds.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\winsrcsrv_RASMANCS, In Quarantäne, [6630], [407460],1.0.2309
PUP.Optional.YeaDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Yeadesktop_RASAPI32, In Quarantäne, [1575], [409418],1.0.2309
Adware.DNSUnlocker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\11598763487076930564, In Quarantäne, [417], [405303],1.0.2309
Adware.FastDataX.EncJob, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FastDataX_is1, In Quarantäne, [9299], [407193],1.0.2309
Adware.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OtherSearch, In Quarantäne, [2194], [365188],1.0.2309
PUP.Optional.BetterAds, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{376CA350-6C34-4F10-B8DC-586F8CA03009}_is1, In Quarantäne, [512], [383837],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [575], [398592],1.0.2309
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\APPHELPER, In Quarantäne, [2], [386422],1.0.2309
PUP.Optional.WeatherBuddy, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{58E801CB-F746-428A-9211-E69469B220BB}, In Quarantäne, [1585], [391424],1.0.2309
PUP.Optional.AppTrailers, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\APPDATALOW\SOFTWARE\AppTrailers, In Quarantäne, [887], [324090],1.0.2309
PUP.Optional.InterStat, HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\APPLICATIONS\interstat.exe, In Quarantäne, [1447], [261503],1.0.2309
PUP.Optional.InterStat, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\INTERSTAT, In Quarantäne, [1447], [260751],1.0.2309
PUP.Optional.SystemHealer, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\SYSTEM HEALER, In Quarantäne, [1014], [261796],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B, In Quarantäne, [152], [411159],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B2, In Quarantäne, [152], [411159],1.0.2309
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FastDataX Task, In Quarantäne, [9299], [407190],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GEN, In Quarantäne, [2046], [344165],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GEN_Interval, In Quarantäne, [2046], [260517],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Monitor, In Quarantäne, [489], [241385],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Run Delay, In Quarantäne, [489], [241385],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Task, In Quarantäne, [489], [241385],1.0.2309
PUP.Optional.SoftUpgrade, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SoftUpgrade, In Quarantäne, [1050], [260476],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System Healer Task, In Quarantäne, [1014], [252787],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System HealerPeriod, In Quarantäne, [1014], [252787],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System HealerStartUp, In Quarantäne, [1014], [252787],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SystemHealer Monitor, In Quarantäne, [1014], [252788],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SystemHealer Run Delay, In Quarantäne, [1014], [252788],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\U2_2C6A44CB-AD42-4731-A544-3FBD3D83AB5B, In Quarantäne, [152], [411159],1.0.2309
Rootkit.Komodia.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Lace514, In Quarantäne, [1817], [365194],1.0.2309
Adware.OtherSearch, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\OtherSearch, In Quarantäne, [2194], [365184],1.0.2309
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [15669], [252393],1.0.2309
PUP.Optional.ChinAd, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cfidsk, In Quarantäne, [115], [412913],1.0.2309
PUP.Optional.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\wewewe, In Quarantäne, [88], [339689],1.0.2309
Adware.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\BIGTIME, In Quarantäne, [934], [412877],1.0.2309
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gplyra, In Quarantäne, [206], [317317],1.0.2309
Registrierungswert: 67
PUP.Optional.AppTrailers, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AppTrailers, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.DiskPower, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DiskPower, In Quarantäne, [1019], [405182],1.0.2309
Adware.Wajam.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE}, In Quarantäne, [11], [357968],1.0.2309
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, In Quarantäne, [11], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, In Quarantäne, [11], [-1],0.0.0
Trojan.ProxyAgent, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fxipxd, In Quarantäne, [242], [413307],1.0.2309
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{879474B0-EB65-487E-AF91-C69159DFE6F3}, In Quarantäne, [14787], [237883],1.0.2309
PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\OTHERSEARCH|AFFID, In Quarantäne, [589], [305744],1.0.2309
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\CONSOLE\TASKENG.EXE|WINDOWPOSITION, In Quarantäne, [9483], [408199],1.0.2309
PUP.Optional.MeSafe, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MESAFE|STATUS, In Quarantäne, [9220], [389387],1.0.2309
Adware.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\EWMON|PARTNER, In Quarantäne, [934], [412878],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1B4973C9-86ED-4DB1-B67C-E3EF743FEBF2}|PATH, In Quarantäne, [1014], [258707],1.0.2309
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{26A42D67-9F91-4EF6-9955-CA8297EAE7FB}|PATH, In Quarantäne, [9299], [407189],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{44018E1B-892B-465A-9B48-8E680902BC8A}|PATH, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6B886396-C6B4-4BB8-A8C4-7E648B9458F2}|PATH, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{83B9EFE2-7C03-4202-B4A9-E6E4C05872FB}|PATH, In Quarantäne, [489], [258705],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8B51D09D-F8C0-4C7D-BCAA-0C6C258EB173}|PATH, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{90557C1E-3F89-4695-BFEC-656E4D147A3B}|PATH, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9849EF4F-A1CF-41B8-AA46-94B7EBB26F1D}|PATH, In Quarantäne, [489], [258705],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ABE8C55B-20ED-449F-8B34-52CC244EE80C}|PATH, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C16218C0-3801-4618-8074-BB360C8ADE9C}|PATH, In Quarantäne, [2046], [260516],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D17161CF-9F31-4778-A8D7-38B2F822E312}|PATH, In Quarantäne, [2046], [344152],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D53D1A35-C190-4AF7-8620-E8C654126DD8}|PATH, In Quarantäne, [1014], [258707],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E981306F-A56A-494A-A23C-298D90659682}|PATH, In Quarantäne, [489], [258294],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ED9A0C6E-81B4-4ACE-8FF4-C39C2C6551AA}|PATH, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.SoftUpgrade, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FA86427E-0D43-4495-B99F-DE371936B144}|PATH, In Quarantäne, [1050], [260475],1.0.2309
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GPLYRA, In Quarantäne, [206], [183449],1.0.2309
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, [15669], [252393],1.0.2309
PUP.Optional.YeaDesktop.ClnShrt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|YEADESKTOP.EXE, In Quarantäne, [1397], [396226],1.0.2309
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AVBoost_is1|PUBLISHER, In Quarantäne, [1342], [405215],1.0.2309
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DiskWMpower_is1|PUBLISHER, In Quarantäne, [1342], [405215],1.0.2309
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SDownloader_is1|PUBLISHER, In Quarantäne, [1342], [405215],1.0.2309
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\APPHELPER|DISPLAYICON, In Quarantäne, [2], [386422],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, In Quarantäne, [575], [333852],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, In Quarantäne, [575], [321304],1.0.2309
PUP.Optional.WeatherBuddy, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{58E801CB-F746-428A-9211-E69469B220BB}|URLINFOABOUT, In Quarantäne, [1585], [391424],1.0.2309
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, In Quarantäne, [9483], [408201],1.0.2309
PUP.Optional.GoSearchMe, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|INTERSTAT, In Quarantäne, [7042], [234282],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|A864V1V47KY4SKJ, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|JWTERO9PEZU2NR6, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CPKTZ2E4IPWWK09, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|19T3PWRYBEU4YCV, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|8TZEWO1DQS31V60, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|L18E0B0XARQ4CTM, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AF5960LBOHKXWVE, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|JU0304DIPETEJCS, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|LIQ7NBNYGIVM52D, In Quarantäne, [1342], [392931],1.0.2309
PUP.Optional.WeatherBuddy, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WEATHERBUDDY, In Quarantäne, [1585], [402804],1.0.2309
PUP.Optional.InterStat, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\INTERSTAT|DISPLAYICON, In Quarantäne, [1447], [260751],1.0.2309
PUP.Optional.SystemHealer, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\SYSTEM HEALER|CARTURL, In Quarantäne, [1014], [261796],1.0.2309
Adware.BetterAds.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SRCSRV|IMAGEPATH, In Quarantäne, [6630], [392906],1.0.2309
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, [15669], [252393],1.0.2309
Adware.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\BIGTIME|PARTNER, In Quarantäne, [934], [412877],1.0.2309
PUP.Optional.AppTrailers, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|2, In Quarantäne, [887], [393166],1.0.2309
PUP.Optional.AppTrailers, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|3, In Quarantäne, [887], [393166],1.0.2309
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\c335b900ce43950bba5d90035e3a5875|DISPLAYNAME, In Quarantäne, [15891], [261569],1.0.2309
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 564
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\3660f7c5-2847-0, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\3660f7c5-5f27-1, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\3660f7c5-7bb7-0, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\f89769b1-0305-1, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\f89769b1-2db5-0, In Quarantäne, [9291], [407181],1.0.2309
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\PROGRAMDATA\Microleaves, In Quarantäne, [9515], [399763],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\ROAMING\AppTrailers, In Quarantäne, [887], [370632],1.0.2309
Adware.NetAdapter, C:\Users\user\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install\B768EFA, In Quarantäne, [4427], [398043],1.0.2309
Adware.NetAdapter, C:\Users\user\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install, In Quarantäne, [4427], [398043],1.0.2309
Adware.NetAdapter, C:\USERS\USER\APPDATA\ROAMING\devnull\NetAdapterUpdate 2.7.0, In Quarantäne, [4427], [398043],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\ROAMING\gplyra, In Quarantäne, [206], [316518],1.0.2309
PUP.Optional.InterStat, C:\USERS\USER\APPDATA\ROAMING\InterStat, In Quarantäne, [1447], [182327],1.0.2309
Adware.OnlineIO, C:\Users\user\AppData\Roaming\Microleaves\Online Application 2.6.0\install\CFCBAA1, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\Users\user\AppData\Roaming\Microleaves\Online Application 2.6.0\install, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\Users\user\AppData\Roaming\Microleaves\Online Application 2.6.0, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\USERS\USER\APPDATA\ROAMING\Microleaves, In Quarantäne, [9515], [399763],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\USERS\USER\APPDATA\ROAMING\One System Care, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\WL, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\USER\APPDATA\ROAMING\System Healer, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.DiskPower, C:\PROGRAM FILES (X86)\DiskWMpower, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.SystemHealer, C:\PROGRAM FILES (X86)\SystemHealer, In Quarantäne, [1014], [182463],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\PROGRAM FILES (X86)\YeaDesktop, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\es_419, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en_US, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en_GB, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt_BR, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt_PT, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\zh_CN, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\zh_TW, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fil, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\be, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\bg, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\bn, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ca, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\cs, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\da, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\de, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\el, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\es, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\et, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fa, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fi, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\gu, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\he, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hu, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\id, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\it, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ja, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\kn, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ko, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\lt, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\lv, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\mk, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ml, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\mr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ms, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\nl, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\no, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pl, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hi, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ro, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ru, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sk, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sl, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sq, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sv, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sw, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ta, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\te, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\th, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\tr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\uk, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\vi, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\am, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ar, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\PROGRAM FILES (X86)\YubeAlckIE, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\PROGRAM FILES (X86)\YubeAlckU, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\PROGRAM FILES (X86)\YubeAlckU2, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\PROGRAM FILES (X86)\YubeAlckUn, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\USERS\USER\APPDATA\LOCAL\kemgadeojglibflomicgnfeopkdfflnk, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\Programs\SwytShopAlgoadChrome_Pkg3a, In Quarantäne, [3170], [386986],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\LOCAL\WeatherBuddy, In Quarantäne, [1585], [383210],1.0.2309
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [575], [391425],1.0.2309
PUP.Optional.SystemHealer, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SYSTEM HEALER, In Quarantäne, [1014], [181295],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\META-INF, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PSYSOD7O.DEFAULT\EXTENSIONS\AMCONTEXTMENU@LOUCYPHER, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.InterStat, C:\Users\user\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_392\Logs, In Quarantäne, [1447], [373566],1.0.2309
PUP.Optional.InterStat, C:\USERS\USER\APPDATA\LOCAL\CRASHRPT\UNSENTCRASHREPORTS\Interstatnogui_392, In Quarantäne, [1447], [373566],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\WEATHERBUDDY, In Quarantäne, [1585], [383211],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\_metadata, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\GOBBNICJOIJCFNDFMMFJNFGLDGCNJIBL, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL EXTENSION SETTINGS\GOBBNICJOIJCFNDFMMFJNFGLDGCNJIBL, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.YeaDesktop, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\YEADESKTOP, In Quarantäne, [1575], [391395],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\es_419, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en_US, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en_GB, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt_BR, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt_PT, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\zh_CN, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\zh_TW, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fil, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\be, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\bg, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\bn, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ca, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\cs, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\da, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\de, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\el, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\es, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\et, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fa, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fi, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\gu, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\he, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hu, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\id, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\it, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ja, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\kn, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ko, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\lt, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\lv, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\mk, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ml, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\mr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ms, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\nl, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\no, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pl, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hi, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ro, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ru, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sk, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sl, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sq, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sv, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sw, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ta, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\te, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\th, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\tr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\uk, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\vi, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\am, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ar, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_metadata, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\icons, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NHGOKGCNPLBFNKJPEJJGAFOGEECGAINI, In Quarantäne, [152], [411851],1.0.2309
Adware.ChinAd, C:\ProgramData\Thunder Network\DownloadLib, In Quarantäne, [1178], [374745],1.0.2309
Adware.ChinAd, C:\PROGRAMDATA\THUNDER NETWORK, In Quarantäne, [1178], [374745],1.0.2309
PUP.Optional.StartPage, C:\USERS\USER\APPDATA\ROAMING\BROWSERMODULE, In Quarantäne, [60], [335017],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\INSTALLER\{58E801CB-F746-428A-9211-E69469B220BB}, In Quarantäne, [1585], [388254],1.0.2309
PUP.Optional.Browsers, C:\USERS\USER\APPDATA\ROAMING\SPI, In Quarantäne, [3080], [372176],1.0.2309
Adware.Wajam.EncJob, C:\PROGRAM FILES\C335B900CE43950BBA5D90035E3A5875, In Quarantäne, [376], [411250],1.0.2309
PUP.Optional.AVBoost, C:\PROGRAM FILES (X86)\AVBOOST, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.MagicDisk, C:\PROGRAM FILES (X86)\MGDISK, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.SpeeDownloader, C:\PROGRAM FILES (X86)\SDOWNLOADER, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.OneSystemCare, C:\PROGRAM FILES (X86)\ONESYSTEMCARE, In Quarantäne, [489], [241378],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\HSKMU3XCC5, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\ISF20CBK67, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\JLP5RM36NK, In Quarantäne, [1342], [409262],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\assert-plus, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\tools, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\man, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\support, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\tst, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\forever-agent, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tunnel-agent, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\aws-sign2, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\block-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\storage, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW9492_2366, In Quarantäne, [2900], [371306],1.0.2309
Geändert von cosinus (10.07.2017 um 21:22 Uhr) Grund: code tags korrigiert |
|
10.07.2017, 21:09
| #6 |
| | Ungewünschte Pop-Ups in Chrome und EdgeCode:
ATTFilter PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW9492_2366, In Quarantäne, [2900], [371306],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\IHL6NWKPBA, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\T21IM4CX6O, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\W9DITSWDJD, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\XUXFHQTTVA, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\_isetup, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-SVVBE.TMP, In Quarantäne, [1342], [409261],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\assert-plus, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\tools, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\man, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\support, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\tst, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\forever-agent, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tunnel-agent, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\aws-sign2, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\block-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\storage, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW2948_2744, In Quarantäne, [2900], [371306],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\QN0AJ7S0LM, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\WSIDELBT20, In Quarantäne, [1342], [409262],1.0.2309
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DA7F3B78-5402-4F30-B3DC-8489ADE15F23}, In Quarantäne, [1013], [237879],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\index-dir, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\LOCAL\APPTRAILERS, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.Geniv, C:\USERS\USER\APPDATA\LOCAL\PROGRAMS\GEN, In Quarantäne, [2046], [386985],1.0.2309
PUP.Optional.SoftUpgrade, C:\PROGRAM FILES (X86)\SOFTUPGRADE, In Quarantäne, [1050], [260472],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{545946F8-1228-47CA-BE36-0B4409D2DB3A}, In Quarantäne, [1605], [334834],1.0.2309
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3F535162-AF5C-4FC0-896D-26D6D0F440A8}, In Quarantäne, [1013], [237878],1.0.2309
PUP.Optional.OneSystemCare, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ONE SYSTEM CARE, In Quarantäne, [489], [241379],1.0.2309
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\INSTALLER\{1600AC33-F9DD-4B39-87C5-3228E9E5942C}, In Quarantäne, [9063], [255640],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\WINDOWS\SRC_SRV, In Quarantäne, [6630], [392905],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES, In Quarantäne, [9515], [399420],1.0.2309
PUP.Optional.MagicDisk, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MGDISK, In Quarantäne, [8175], [413772],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\es_419, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en_US, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\zh_CN, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt_PT, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en_GB, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt_BR, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\zh_TW, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fil, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\am, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ar, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\be, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\bg, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\bn, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ca, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\cs, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\da, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\de, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\el, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\es, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\et, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fa, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fi, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\gu, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\he, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hu, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\id, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\it, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ja, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\kn, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ko, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\lt, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\lv, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\mk, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ml, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\mr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ms, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\nl, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\no, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pl, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ro, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ru, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sk, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sl, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sq, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sv, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sw, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ta, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\te, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\th, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\tr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\uk, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\vi, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hi, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\icons, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\files, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\BROWSER\FEATURES\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\APPTRAILERS, In Quarantäne, [887], [324491],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{ABE209A6-4D9B-41F1-AD2B-15940E313E79}, In Quarantäne, [1605], [334834],1.0.2309
Datei: 1588
Trojan.Wdfload.Generic, C:\PROGRAM FILES\NETWORK STUDIO\NETWORK STUDIO.DLL, In Quarantäne, [5483], [408840],1.0.2309
PUP.Optional.SystemHealer, C:\PROGRAM FILES (X86)\SYSTEMHEALER\HEALERCONSOLE.EXE, In Quarantäne, [1014], [323145],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\{78090847-0D7E-0E0E-0A11-0F09780E1105}, In Quarantäne, [1014], [-1],0.0.0
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\3660f7c5-2847-0\BIT9A81.tmp, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Entfernung fehlgeschlagen, [9291], [-1],0.0.0
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Entfernung fehlgeschlagen, [9291], [-1],0.0.0
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\3660f7c5-5f27-1\BIT99B5.tmp, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\3660f7c5-7bb7-0\BIT9AD0.tmp, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\f89769b1-0305-1\BIT6BE6.tmp, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\f89769b1-2db5-0\BIT6E0A.tmp, In Quarantäne, [9291], [407181],1.0.2309
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates\basic_updates.aiu, In Quarantäne, [9515], [399763],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\CLEANUPCONSOLE.EXE, In Quarantäne, [455], [311034],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\hr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\am.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ar.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\bg.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\bn.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ca.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\cs.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\da.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\de.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\el.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\en-GB.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\en-US.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\es-419.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\es.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\et.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\fa.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\fi.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\fil.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\fr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\gu.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\hi.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\hu.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\id.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\it.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\iw.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ja.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\kn.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ko.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\lt.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\lv.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ml.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\mr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ms.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\nl.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\no.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\pl.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\pt-BR.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\pt-PT.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ro.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ru.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sk.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sl.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sv.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sw.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ta.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\te.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\th.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\tr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\uk.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\vi.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\zh-CN.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\zh-TW.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\AppTrailers.exe, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\ffmpegsumo.dll, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\icudtl.dat, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\nw.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\storage.json, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\Uninstall.exe, In Quarantäne, [887], [370632],1.0.2309
Adware.NetAdapter, C:\Users\user\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install\B768EFA\NetAdapterUpdate_setup.msi, In Quarantäne, [4427], [398043],1.0.2309
PUP.Optional.BitCoinMiner, C:\Users\user\AppData\Roaming\gplyra\config.json, In Quarantäne, [206], [316518],1.0.2309
PUP.Optional.BitCoinMiner, C:\Users\user\AppData\Roaming\gplyra\gplyra-uninst.exe, In Quarantäne, [206], [316518],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Danish.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Dutch.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\English.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\French.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\German.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Italian.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Norwegian.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Parameters.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Portuguese.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Spanish.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Swedish.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\tmpLang.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\tmpParam.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Danish.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Dutch.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\English.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\French.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\German.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Italian.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Norwegian.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Parameters.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Portuguese.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Spanish.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Swedish.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\tmpLang.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\tmpParam.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\CallBanner.png, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\FinishedScan.png, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\DiskPower.exe, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\DiskPower.exe.conf, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\LinqBridge.dll, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\unins000.dat, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\unins000.exe, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\uninstaller.exe, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\uninstaller.exe.config, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common\apphoverbk.png, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common\BkgSelectedHover.png, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common\BkgSelectedNormal.png, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common\BkgSelectedPressed.png, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\config.xml, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\HelpTool.dll, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\unins000.dat, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\unins000.exe, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files\background.js, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files\foreground.js, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files\main.css, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files\proxy.js, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hi\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\am\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ar\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\be\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\bg\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\bn\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ca\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\cs\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\da\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\de\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\el\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en_GB\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en_US\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\es\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\es_419\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\et\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fa\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fi\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fil\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\gu\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\he\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hu\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\id\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\it\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ja\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\kn\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ko\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\lt\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\lv\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\mk\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ml\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\mr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ms\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\nl\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\no\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pl\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt_BR\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt_PT\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ro\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ru\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sk\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sl\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sq\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sv\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sw\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ta\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\te\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\th\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\tr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\uk\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\vi\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\zh_CN\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\zh_TW\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\background.html, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\Kernel.js, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\h42Ia.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\icon16.ico, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\k42rheDK2.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\m3d5qEIR4.exe, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\tbgv9T7gw.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckU\Dh81QPf.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckU2\jqaOdxC.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckUn\uninstall.exe, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a\captcha.hta, In Quarantäne, [3170], [386986],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a\unins000.dat, In Quarantäne, [3170], [386986],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a\unins000.exe, In Quarantäne, [3170], [386986],1.0.2309
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, In Quarantäne, [575], [391425],1.0.2309
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, In Quarantäne, [575], [391425],1.0.2309
Adware.Wajam.Generic, C:\WINDOWS\SYSTEM32\DRIVERS\D07E29B06C4DFFD33056D7FADF5E7A7E.SYS, In Quarantäne, [1797], [336669],1.0.2309
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\SDOWNLOADER\SPEEDOWNLOADER.EXE, In Quarantäne, [934], [384257],1.0.2309
Adware.NETNS, C:\PROGRAM FILES (X86)\{ABE209A6-4D9B-41F1-AD2B-15940E313E79}\{1939150D-3AAB-4392-966A-0BAF706E8166}.BIN, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, C:\PROGRAM FILES\{545946F8-1228-47CA-BE36-0B4409D2DB3A}\{DB540A5C-3E6C-43F0-B7BF-9511A0E18CF7}.BIN, In Quarantäne, [1608], [406689],1.0.2309
Trojan.ProxyAgent, C:\USERS\USER\APPDATA\LOCAL\FXIPXD.DLL, In Quarantäne, [242], [413307],1.0.2309
PUP.Optional.SystemHealer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer\Launch System Healer.lnk, In Quarantäne, [1014], [181295],1.0.2309
PUP.Optional.SystemHealer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer\System Healer on the Web.url, In Quarantäne, [1014], [181295],1.0.2309
Adware.Eszjuxuan, C:\PROGRAMDATA\SERVICE.EXE, In Quarantäne, [43], [397967],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content\browser.xul, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content\content.js, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content\icon-48.png, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content\icon-64.png, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\META-INF\manifest.mf, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\META-INF\mozilla.rsa, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\META-INF\mozilla.sf, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\0024397e, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\chrome.manifest, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\install.rdf, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.WeatherBuddy, C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBuddy\WeatherBuddy.lnk, In Quarantäne, [1585], [383211],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image\createInImage.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image\createInImage.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image\in-image.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image\in-image.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\createInText.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\createInText.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\findAndReplaceDOMText.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\in-text.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\in-text.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\opentip-native.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\opentip.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\google.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\google.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\index.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\popup.html, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\token.json, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\_metadata\computed_hashes.json, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\_metadata\verified_contents.json, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\icon.png, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\manifest.json, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\000003.log, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\CURRENT, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\LOCK, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\LOG, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\LOG.old, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\MANIFEST-000001, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.YeaDesktop, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YeaDesktop\Uninstall YeaDesktop.lnk, In Quarantäne, [1575], [391395],1.0.2309
PUP.Optional.YeaDesktop, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YeaDesktop\YeaDesktop.lnk, In Quarantäne, [1575], [391395],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\icons\icon128.png, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\icons\icon16.png, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\icons\icon48.png, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hi\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\am\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ar\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\be\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\bg\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\bn\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ca\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\cs\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\da\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\de\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\el\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\background.js, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\Content.js, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\foreground.js, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\Kernel.js, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\main.css, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en_GB\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en_US\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\es\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\es_419\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\et\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fa\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fi\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fil\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\gu\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\he\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hu\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\id\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\it\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ja\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\kn\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ko\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\lt\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\lv\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\mk\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ml\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\mr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ms\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\nl\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\no\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pl\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt_BR\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt_PT\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ro\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ru\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sk\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sl\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sq\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sv\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sw\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ta\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\te\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\th\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\tr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\uk\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\vi\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\zh_CN\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\zh_TW\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_metadata\computed_hashes.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_metadata\verified_contents.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\manifest.json, In Quarantäne, [152], [411851],1.0.2309
Trojan.BitCoinMiner, C:\PROGRAMDATA\MICRO FOUNDATION\OPEN.EXE, In Quarantäne, [98], [412551],1.0.2309
Adware.ChinAd, C:\PROGRAMDATA\THUNDER NETWORK\DOWNLOADLIB\PUB_STORE.DAT, In Quarantäne, [1178], [374745],1.0.2309
PUP.Optional.StartPage, C:\USERS\USER\APPDATA\ROAMING\BROWSERMODULE\COMPONENT.LOG, In Quarantäne, [60], [335017],1.0.2309
PUP.Optional.Browsers.Generic, C:\USERS\USER\APPDATA\ROAMING\BROWSERS\EXE.RESWORBAIDEM.BAT, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\brlauncher.bat.exe, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\exe.emorhc.bat, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\exe.erolpxei.bat, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\exe.rehcnualrb.bat, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\exe.xoferif.bat, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\firefox.bat.exe, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\mediabrowser.bat.exe, In Quarantäne, [2236], [357611],1.0.2309
Adware.Wajam, C:\PROGRAM FILES\C335B900CE43950BBA5D90035E3A5875\FF042E19EF1935131D4C17528713C7AD.EXE, In Quarantäne, [1208], [413748],1.0.2309
Trojan.BitCoinMiner, C:\USERS\USER\APPDATA\ROAMING\IMPORTANTUPDATES\DATA.EXE, In Quarantäne, [98], [413064],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\UNINSTALLER.EXE, In Quarantäne, [455], [311034],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\INSTALLER\{58E801CB-F746-428A-9211-E69469B220BB}\WEATHERBUDDY.ICO, In Quarantäne, [1585], [388254],1.0.2309
PUP.Optional.OneSystemCare, C:\USERS\PUBLIC\DESKTOP\LAUNCH ONE SYSTEM CARE.LNK, In Quarantäne, [489], [241377],1.0.2309
PUP.Optional.Browsers, C:\USERS\USER\APPDATA\ROAMING\SPI\FF.ICO, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\amig.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\ch.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\ie.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\kom.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\op.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\op12.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\ya.ico, In Quarantäne, [3080], [372176],1.0.2309
Adware.Wajam.EncJob, C:\PROGRAM FILES\C335B900CE43950BBA5D90035E3A5875\WBE_UNINSTALL.DAT, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\56370213dd8220f7c8c8cf88e673965a, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\615a0f5d4094915be22e819763f34e92.exe, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\d44f649368745e773100a1eeb853f8bd.ico, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\dd56f7b76ecb92a047caa128430a8e1b.exe, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\service.dat, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\service_64.dat, In Quarantäne, [376], [411250],1.0.2309
PUP.Optional.AVBoost, C:\PROGRAM FILES (X86)\AVBOOST\UNINSTALLER.EXE.CONFIG, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.AVBoost, C:\Program Files (x86)\AVBoost\AVBoost.exe, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.AVBoost, C:\Program Files (x86)\AVBoost\unins000.dat, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.AVBoost, C:\Program Files (x86)\AVBoost\unins000.exe, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.AVBoost, C:\Program Files (x86)\AVBoost\uninstaller.exe, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.MagicDisk, C:\USERS\PUBLIC\DESKTOP\MGDISK.LNK, In Quarantäne, [8175], [413774],1.0.2309
PUP.Optional.MagicDisk, C:\PROGRAM FILES (X86)\MGDISK\MGDISK.EXE, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\inst.db, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdinst.dll, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdisk.db3, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdisk.ssf, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\sqlite3.dll, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\uninst.exe, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\zlib.dll, In Quarantäne, [8175], [403629],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\ONESYSTEMCARE.EXE, In Quarantäne, [455], [311034],1.0.2309
|
|
10.07.2017, 21:10
| #7 |
| | Ungewünschte Pop-Ups in Chrome und EdgeCode:
ATTFilter PUP.Optional.SpeeDownloader, C:\PROGRAM FILES (X86)\SDOWNLOADER\UNINS000.DAT, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.SpeeDownloader, C:\Program Files (x86)\SDownloader\unins000.exe, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.SpeeDownloader, C:\Program Files (x86)\SDownloader\uninstaller.exe, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.SpeeDownloader, C:\Program Files (x86)\SDownloader\uninstaller.exe.config, In Quarantäne, [9045], [413426],1.0.2309
Adware.Agent, C:\PROGRAM FILES (X86)\SOFTUPGRADE\SOFTUP.EXE, In Quarantäne, [258], [407435],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\SYSTEMCONSOLE.EXE, In Quarantäne, [455], [311034],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\PUBLIC\DESKTOP\LAUNCH SYSTEM HEALER.LNK, In Quarantäne, [1014], [252782],1.0.2309
PUP.Optional.OneSystemCare, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\ONESYSTEMCARE.INI, In Quarantäne, [489], [241378],1.0.2309
PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\cancel.bmp, In Quarantäne, [489], [241378],1.0.2309
PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\osc.ico, In Quarantäne, [489], [241378],1.0.2309
PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\uninstall.bmp, In Quarantäne, [489], [241378],1.0.2309
PUP.Optional.SpeedingUpMyPC, C:\USERS\USER\APPDATA\LOCAL\TEMP\7SX5R5EP-PROG.EXE, In Quarantäne, [942], [389100],1.0.2309
PUP.Optional.Amonetize, C:\USERS\USER\APPDATA\LOCAL\TEMP\AMIPIXEL.CFG, In Quarantäne, [6], [302488],1.0.2309
PUP.Optional.SpeedingUpMyPC, C:\USERS\USER\APPDATA\LOCAL\TEMP\INTER_SILENT_UNI.EXE, In Quarantäne, [942], [389100],1.0.2309
Adware.Agent.E, C:\WINDOWS\SYSTEM32\R6LSTMP4.DAT, Entfernung fehlgeschlagen, [4260], [412507],1.0.2309
PUP.Optional.BetterAds, C:\USERS\USER\APPDATA\LOCAL\TEMP\SRC_SRV_MARKETATOR.EXE, In Quarantäne, [512], [391675],1.0.2309
PUP.Optional.VideoBox, C:\USERS\USER\APPDATA\LOCAL\TEMP\VB-SETUP.EXE, In Quarantäne, [2338], [402806],1.0.2309
Trojan.Agent.WSB, C:\WINDOWS\SYSWOW64\KBDMAC64.DLL, In Quarantäne, [9854], [127813],1.0.2309
Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\7SX5R5EP-UPD.EXE, In Quarantäne, [258], [407435],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\LOCAL\TEMP\APPTRAILERS.9.1.10AMT.EXE, In Quarantäne, [887], [338239],1.0.2309
Adware.Genius, C:\USERS\USER\APPDATA\LOCAL\TEMP\GENIUS2.JS, In Quarantäne, [9137], [387358],1.0.2309
PUP.Optional.SpeedingUpMyPC, C:\USERS\USER\APPDATA\LOCAL\TEMP\HZDG8KAV-PROG.EXE, In Quarantäne, [942], [389100],1.0.2309
PUP.Optional.MeSafe, C:\USERS\USER\APPDATA\LOCAL\TEMP\MESAFE.EXE, In Quarantäne, [9220], [389383],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\AVBOOST.EXE, In Quarantäne, [1342], [413462],1.0.2309
Adware.Tuto4PC, C:\USERS\USER\APPDATA\LOCAL\TEMP\LF34S1Y.EXE, In Quarantäne, [934], [350731],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\GLOBAL_INSTALLER.EXE, In Quarantäne, [1342], [413462],1.0.2309
Adware.Tuto4PC, C:\USERS\USER\APPDATA\LOCAL\TEMP\UJ5RM86.EXE, In Quarantäne, [934], [350731],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.866DE17A7EF768.EXE, In Quarantäne, [3170], [368892],1.0.2309
PUP.Optional.InstallCore, C:\USERS\USER\APPDATA\LOCAL\TEMP\YEADESKTOP.EXE, In Quarantäne, [3], [356458],1.0.2309
Adware.Addrop, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.C513CF9653FB18.EXE, In Quarantäne, [502], [407091],1.0.2309
Adware.OptimizerEliteMax, C:\USERS\USER\APPDATA\LOCAL\TEMP\0PDQLMSO7\ONESYSTEMCARE.EXE, In Quarantäne, [455], [311034],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\00019704\B3.EXE, In Quarantäne, [206], [363441],1.0.2309
Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.F2D47CC39E9208.EXE, In Quarantäne, [258], [407435],1.0.2309
PUP.Optional.FastDataX, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.AB518F2084853.EXE, In Quarantäne, [9346], [407240],1.0.2309
Adware.Tuto4PC, C:\USERS\USER\APPDATA\LOCAL\TEMP\ZVH2YIH.EXE, In Quarantäne, [934], [350731],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\81K1EKL47\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
Adware.Wajam, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.65887C039AF704.EXE, In Quarantäne, [1208], [413713],1.0.2309
PUP.Optional.OnlineIO, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.F9ADE3DAA9594.EXE, In Quarantäne, [575], [407216],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\BTSVI3PRZ\BTSVI3PRZ.EXE, In Quarantäne, [206], [363441],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\FCMWIXGMU\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\USER\APPDATA\LOCAL\TEMP\CCTRD0RCF\CCTRD0RCF.EXE, In Quarantäne, [1014], [363442],1.0.2309
Adware.NetAdapter, C:\USERS\USER\APPDATA\LOCAL\TEMP\81K1EKL47\NETADAPTERUPDATE_SETUP.EXE, In Quarantäne, [4427], [398038],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\HSKMU3XCC5\LIKE.EXE, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\Like.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\ISF20CBK67\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\Like.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\JLP5RM36NK\AFFICHEONE.EXE.CONFIG, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\AfficheOne.exe, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\Era5Le.exe, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\Era5Le.exe.config, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\Like.exe, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\Like.exe.config, In Quarantäne, [1342], [409262],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\MY5TSSNPW\MY5TSSNPW.EXE, In Quarantäne, [206], [363441],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW9492_2366\PACKAGE.JSON, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\close.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\expand.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon16.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon20.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon24.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon256.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon36.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon48.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon64.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icontray.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\loader.gif, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\minimize.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\search.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\unexpand.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\examples\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib\cookies.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib\copy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib\debug.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib\helpers.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\aws-sign2\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\aws-sign2\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\aws-sign2\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_duplex.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_passthrough.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_transform.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_writable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib\util.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\float.patch, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits_browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build\build.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\duplex.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\passthrough.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\transform.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\writable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\test\basic-test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\test\sauce.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\bl.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\lib\combined_stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib\delayed_stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-http-upload.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-auto-pause.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-pause.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-handle-source-errors.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-max-data-size.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-pipe-resumes.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-proxy-readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\common.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\run.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\forever-agent\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\forever-agent\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\forever-agent\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\lib\form_data.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\lib\async.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\support\sync-package-managers.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\db.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\example\usage.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\images\hawk.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\images\logo.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\client.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\crypto.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\server.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\images\boom.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\images\hoek.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\lib\escape.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test2.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\escaper.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\examples\offset.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\examples\time.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\client.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\crypto.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\message.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\readme.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\server.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\uri.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\parser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\signer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\util.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\verify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\errors.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\types.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\reader.test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\writer.test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\assert-plus\assert.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\assert-plus\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\assert-plus\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype\ctio.3ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\tools\jsl.conf, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\ctf.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\ctio.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\ctype.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\README.old, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\http_signing.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\test\mocha.opts, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\test\stringify_test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib\custom.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib\mime.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib\node.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\SOURCES.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\test\test.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\uuid.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\v3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\test\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\CONTRIBUTING.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\example.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\LICENSE.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\stringstream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\cookie.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\memstore.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\pathMatch.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\permuteDomain.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\pubsuffix.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\store.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode\LICENSE-MIT.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode\punycode.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tunnel-agent\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tunnel-agent\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tunnel-agent\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\CONTRIBUTING.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\disabled.appveyor.yml, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\release.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\request.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\examples\extracter.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\examples\packer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\examples\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\buffer-entry.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\entry-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\entry.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\extended-header-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\extended-header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\extract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\global-header-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\pack.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\block-stream\block-stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\block-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\block-stream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples\filter-pipe.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples\pipe.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples\symlink-write.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\abstract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\collect.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\dir-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\dir-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\file-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\file-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\get-type.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\link-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\link-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\proxy-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\proxy-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\socket-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\graceful-fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\legacy-streams.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\polyfills.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\cmd.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\usage.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples\pow.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dash.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\default_bool.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dotted.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\long.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse_modified.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\short.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\whitespace.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\readme.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\chmod.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\clobber.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\mkdirp.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\race.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\rel.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\root.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\readme.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\old.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\wrappy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\inflight.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example\map.js, In Quarantäne, [2900], [371306],1.0.2309
|
|
10.07.2017, 21:12
| #8 |
| | Ungewünschte Pop-Ups in Chrome und EdgeCode:
ATTFilter PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test\map.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\README.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\minimatch.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\wrappy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\once.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\changelog.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\common.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\glob.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\bin.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\rimraf.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\fstream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits\inherits.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits\inherits_browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\00-setup-fixtures.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\cb-never-called-1.0.1.tgz, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\dir-normalization.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\dir-normalization.tar, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\error-on-broken.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\extract-move.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\extract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\fixtures.tgz, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\pack-no-proprietary.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\pack.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\parse-discard.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\zz-cleanup.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\tar.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\lib\config.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\lib\async.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\test\test.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\uuid.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\v3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\underscore-min.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\underscore-min.map, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\underscore.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\event.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\exception.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\item.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\middleware.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\mocha.opts, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\pageview.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\send.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\timing.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\transaction.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\_enqueue.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\AcceptableParams.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\storage\storage.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\storage\storageUtil.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\index.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\jquery.min.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\main.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\report.bin, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\settings.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\shallow.html, In Quarantäne, [2900], [371306],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\S2NOPF12E\SETUP.EXE, In Quarantäne, [43], [392762],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\ZULNQRWEZ\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\IHL6NWKPBA\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\IHL6NWKPBA\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\IHL6NWKPBA\AfficheOne.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\IHL6NWKPBA\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\IHL6NWKPBA\Era5Le.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
Adware.Linkury.Generic, C:\USERS\USER\APPDATA\LOCAL\PO.DB, In Quarantäne, [2011], [412180],1.0.2309
Adware.OptimizerEliteMax, C:\USERS\USER\APPDATA\LOCAL\TEMP\LS3LASKLN\ONESYSTEMCARE.EXE, In Quarantäne, [455], [311034],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\QKJGOF31Q\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\T21IM4CX6O\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\Like.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\W9DITSWDJD\LIKE.EXE, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\Like.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\XUXFHQTTVA\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\Like.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.NetAdapter, C:\USERS\USER\APPDATA\LOCAL\TEMP\CITIX693E\NETADAPTERUPDATE_SETUP.EXE, In Quarantäne, [4427], [398038],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-SVVBE.TMP\LETSWORK.EXE.CONFIG, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\_isetup\_setup64.tmp, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\_isetup\_shfoldr.dll, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\itdownload.dll, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\letswork.exe, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\psvince.dll, In Quarantäne, [1342], [409261],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\J0GCXQBV0\J0GCXQBV0.EXE, In Quarantäne, [206], [363441],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\USER\APPDATA\LOCAL\TEMP\KMRJ7N59O\KMRJ7N59O.EXE, In Quarantäne, [1014], [363442],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\LOCAL\TEMP\N7J7JN3MB\WB_21_NI.MSI, In Quarantäne, [1585], [383207],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW2948_2744\PACKAGE.JSON, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\close.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\expand.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon16.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon20.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon24.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon256.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon36.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon48.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon64.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icontray.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\loader.gif, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\minimize.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\search.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\unexpand.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\examples\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib\cookies.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib\copy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib\debug.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib\helpers.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\aws-sign2\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\aws-sign2\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\aws-sign2\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_duplex.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_passthrough.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_transform.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_writable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib\util.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\float.patch, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits_browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build\build.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\duplex.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\passthrough.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\transform.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\writable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\test\basic-test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\test\sauce.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\bl.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\lib\combined_stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib\delayed_stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-http-upload.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-auto-pause.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-pause.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-handle-source-errors.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-max-data-size.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-pipe-resumes.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-proxy-readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\common.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\run.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\forever-agent\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\forever-agent\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\forever-agent\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\lib\form_data.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\lib\async.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\support\sync-package-managers.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\db.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\example\usage.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\images\hawk.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\images\logo.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\client.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\crypto.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\server.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\images\boom.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\images\hoek.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\lib\escape.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test2.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\escaper.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\examples\offset.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\examples\time.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\client.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\crypto.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\message.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\readme.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\server.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\uri.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\parser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\signer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\util.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\verify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\errors.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\types.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\reader.test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\writer.test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\assert-plus\assert.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\assert-plus\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\assert-plus\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype\ctio.3ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\tools\jsl.conf, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\ctf.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\ctio.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\ctype.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\README.old, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\http_signing.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\test\mocha.opts, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\test\stringify_test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib\custom.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib\mime.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib\node.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\SOURCES.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\test\test.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\uuid.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\v3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\test\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\CONTRIBUTING.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\example.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\LICENSE.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\stringstream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\cookie.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\memstore.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\pathMatch.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\permuteDomain.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\pubsuffix.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\store.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode\LICENSE-MIT.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode\punycode.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tunnel-agent\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tunnel-agent\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tunnel-agent\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\CONTRIBUTING.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\disabled.appveyor.yml, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\release.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\request.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\examples\extracter.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\examples\packer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\examples\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\buffer-entry.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\entry-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\entry.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\extended-header-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\extended-header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\extract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\global-header-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\pack.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\block-stream\block-stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\block-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\block-stream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples\filter-pipe.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples\pipe.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples\symlink-write.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\abstract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\collect.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\dir-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\dir-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\file-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\file-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\get-type.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\link-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\link-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\proxy-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\proxy-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\socket-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\graceful-fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\legacy-streams.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\polyfills.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\cmd.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\usage.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples\pow.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dash.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\default_bool.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dotted.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\long.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse_modified.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\short.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\whitespace.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\readme.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\chmod.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\clobber.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\mkdirp.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\race.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\rel.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\root.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\readme.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\old.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\wrappy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\inflight.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example\map.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test\map.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\README.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\minimatch.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\wrappy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\once.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\changelog.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\common.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\glob.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\bin.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\rimraf.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\fstream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits\inherits.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits\inherits_browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\00-setup-fixtures.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\cb-never-called-1.0.1.tgz, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\dir-normalization.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\dir-normalization.tar, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\error-on-broken.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\extract-move.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\extract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\fixtures.tgz, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\pack-no-proprietary.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\pack.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\parse-discard.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\zz-cleanup.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\tar.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\lib\config.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\lib\async.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\test\test.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\uuid.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\v3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\underscore-min.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\underscore-min.map, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\underscore.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\event.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\exception.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\item.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\middleware.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\mocha.opts, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\pageview.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\send.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\timing.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\transaction.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\_enqueue.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\AcceptableParams.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\storage\storage.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\storage\storageUtil.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\index.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\jquery.min.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\main.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\report.bin, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\settings.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\shallow.html, In Quarantäne, [2900], [371306],1.0.2309
Adware.NetAdapter, C:\USERS\USER\APPDATA\LOCAL\TEMP\YQFD0Q4AY\NETADAPTERUPDATE_SETUP.EXE, In Quarantäne, [4427], [398038],1.0.2309
Adware.DownloadSponsor, C:\USERS\USER\APPDATA\LOCAL\TEMP\DMR\DMR_72.EXE, In Quarantäne, [2170], [358371],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-5484H.TMP\SETUP.EXE, In Quarantäne, [43], [407044],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-PKF0L.TMP\SETUP.EXE, In Quarantäne, [43], [407044],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\GWHCPZ8UO\SETUP.EXE, In Quarantäne, [43], [392762],1.0.2309
PUP.Optional.YeaDesktop, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-R8CFJ.TMP\YEADESKTOP3.EXE, In Quarantäne, [1575], [391393],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\N7J7JN3MB\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\QN0AJ7S0LM\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\AfficheOne.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\Era5Le.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\Like.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
|
|
10.07.2017, 21:16
| #9 |
| | Ungewünschte Pop-Ups in Chrome und EdgeCode:
ATTFilter Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\WSIDELBT20\AFFICHEONE.EXE.CONFIG, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\WSIDELBT20\AfficheOne.exe.lnk, In Quarantäne, [1342], [409262],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\LOCAL\TEMP\LKFSVLBXN\WB_21_NI.MSI, In Quarantäne, [1585], [383207],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\RYYYZ7FHC\RYYYZ7FHC.EXE, In Quarantäne, [206], [363441],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\9TVDQJ4KR\SETUP.EXE, In Quarantäne, [43], [392762],1.0.2309
PUP.Optional.DownloadSponsor, C:\USERS\USER\DOWNLOADS\SPYBOT SEARCH DESTROY - CHIP-INSTALLER.EXE, In Quarantäne, [537], [413936],1.0.2309
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DA7F3B78-5402-4F30-B3DC-8489ADE15F23}\XJFKJKOBLHGICBJCEBFKGHDGHLMNEDCIMML, In Quarantäne, [1013], [237879],1.0.2309
PUP.Optional.DownloadProtect, C:\Windows\Installer\{DA7F3B78-5402-4F30-B3DC-8489ADE15F23}\cjfkjkoblhgicbjcebfkghdghlmnedcimrx, In Quarantäne, [1013], [237879],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\TASKS\SYSTEM HEALERPERIOD.JOB, In Quarantäne, [1014], [252785],1.0.2309
PUP.Optional.REOptimizer, C:\USERS\USER\APPDATA\LOCAL\UNINSTALLCE.EXE, In Quarantäne, [8481], [412227],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\LOCAL\APPTRAILERS\WEB DATA, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\index-dir\the-real-index, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\02cdb733b079655d_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\03545e0f98a9ea28_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\08bc571418449ead_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\08be8ae72d819e72_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\0d1b2d066da6b1cd_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\0ed7399215f555d7_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\139985452fffe325_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\15102e1fa0485514_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\225898d422d4cb5c_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\234986793e71f265_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\26968e7a0c71776d_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\2819c5233c1f77b4_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\2a91a77f189ea752_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\7f07725bbd4cdad3_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\87d187f3843de3f9_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\8da7d9e7b5732698_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\902790b2feff6cb4_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\986db9759872bd62_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\9ab069da12c6f7cd_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\9d414027730faa74_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\9e12b0434ab20ee0_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\a9423296c2c84f57_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\ab6bc8112cf834f6_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b0dab0dce39bbc42_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b3986aa6d1a5b1ca_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b3edef432256edd5_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b47c920fb5f590a1_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b8134c2453522778_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b9947d35436f960b_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bacc692dcbcb78ec_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bb9b3bc747abfdb6_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bcb5605ce3b0a058_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bd48447363dfb226_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bfbe9938bbb38577_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c0c8da446f3f7597_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c1630ab14c062443_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c3329b5e71fb9773_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c3df28f9c38daf87_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c487316b1c7eb401_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\3082972055161e5d_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\319e9d33cf71a5f4_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\353b6030d8b57886_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\3a7e5375ff47a3f6_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\3c904118cf420ef1_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\442182c02ee0a243_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\4b5467acf20129c0_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\523136bf88a086e9_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\5ed7c51b87efc070_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\66e510668b4796e9_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\6b06043e0716a2a9_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\6b68d512aa6ed5dd_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\7017f26504f28cc3_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\7a1d5eb2bb25497a_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\d2897be77b4f55be_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\d8b76e143412632e_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\dafbda079dd6d223_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\dbdc212558a62e0f_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\dc7c883ebdb4ce43_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\ef0ec2ee49b0b8b1_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\f552ab47376f113e_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\f62d876f2f850a67_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\f74a8c1655500d73_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\fddd11ea475c5135_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\index, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage\file__0.localstorage, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage\file__0.localstorage-journal, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage\http_www.imdb.com_0.localstorage, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage\http_www.imdb.com_0.localstorage-journal, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\cookies, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\cookies-journal, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Web Data-journal, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.Geniv, C:\USERS\USER\APPDATA\LOCAL\PROGRAMS\GEN\URL.TXT, In Quarantäne, [2046], [386985],1.0.2309
PUP.Optional.Geniv, C:\Users\user\AppData\Local\Programs\GEN\custom1.txt, In Quarantäne, [2046], [386985],1.0.2309
PUP.Optional.Geniv, C:\Users\user\AppData\Local\Programs\GEN\version.txt, In Quarantäne, [2046], [386985],1.0.2309
Adware.Wajam, C:\WINDOWS\FF042E19EF1935131D4C17528713C7AD.EXE, In Quarantäne, [1208], [413748],1.0.2309
PUP.Optional.WeatherBuddy, C:\WINDOWS\WEATHERBUDDY.INI, In Quarantäne, [1585], [388256],1.0.2309
PUP.Optional.MindSpark, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_internetspeedtracker.dl.tb.ask.com_0.localstorage, In Quarantäne, [283], [240306],1.0.2309
PUP.Optional.MindSpark, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_internetspeedtracker.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [283], [240306],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{545946F8-1228-47CA-BE36-0B4409D2DB3A}\config.json, In Quarantäne, [1605], [334834],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{545946F8-1228-47CA-BE36-0B4409D2DB3A}\def.bin, In Quarantäne, [1605], [334834],1.0.2309
Adware.FastDataX.EncJob, C:\WINDOWS\SYSTEM32\TASKS\FASTDATAX TASK, In Quarantäne, [9299], [407191],1.0.2309
PUP.Optional.WeatherBuddy, C:\WINDOWS\INSTALLER\751F8A63.MSI, In Quarantäne, [1585], [383207],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-R8CFJ.TMP\SETUP.EXE, In Quarantäne, [43], [409327],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\LKFSVLBXN\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\USER\APPDATA\LOCAL\TEMP\RH8HFYLMA\RH8HFYLMA.EXE, In Quarantäne, [1014], [363442],1.0.2309
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [575], [391431],1.0.2309
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3F535162-AF5C-4FC0-896D-26D6D0F440A8}\CLIECHNIBMPBKGJHPNEBBELDOLOBCBNDKRX, In Quarantäne, [1013], [237878],1.0.2309
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3F535162-AF5C-4FC0-896D-26D6D0F440A8}\xliechnibmpbkgjhpnebbeldolobcbndkml, In Quarantäne, [1013], [237878],1.0.2309
PUP.Optional.OneSystemCare, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ONE SYSTEM CARE\LAUNCH ONE SYSTEM CARE.LNK, In Quarantäne, [489], [241379],1.0.2309
PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care\One System Care on the Web.url, In Quarantäne, [489], [241379],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\TASKS\System HealerStartUp.job, In Quarantäne, [1014], [252785],1.0.2309
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\INSTALLER\{1600AC33-F9DD-4B39-87C5-3228E9E5942C}\{879474B0-EB65-487E-AF91-C69159DFE6F3}.xpi, In Quarantäne, [9063], [255640],1.0.2309
PUP.Optional.DownloadProtect.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, Entfernung fehlgeschlagen, [9063], [-1],0.0.0
PUP.Optional.DownloadProtect.ChrPRST, C:\USERS\USER\NTUSER.POL, In Quarantäne, [9063], [-1],0.0.0
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, In Quarantäne, [9063], [-1],0.0.0
PUP.Optional.Geniv, C:\WINDOWS\SYSTEM32\TASKS\GEN_INTERVAL, In Quarantäne, [2046], [260514],1.0.2309
PUP.Optional.NeoBar, C:\WINDOWS\TASKS\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B.JOB, In Quarantäne, [152], [411160],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\WINDOWS\SRC_SRV\TRUSTED.WEB.PROXY.DLL, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\accept_cert.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\Ionic.Zip.dll, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\rootCert.pfx, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\winsrcsrv.exe, In Quarantäne, [6630], [392905],1.0.2309
PUP.Optional.Tables, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PSYSOD7O.DEFAULT\EXTENSIONS\378507@EXTCORP.NET.XPI, In Quarantäne, [8527], [413446],1.0.2309
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES\Online Application\Online Application Updater.exe, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io EULA.url, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io Privacy.url, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Uninstall Online Application.lnk, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.ini, In Quarantäne, [9515], [399420],1.0.2309
PUP.Optional.MindSpark, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_internetspeedtracker.dl.myway.com_0.localstorage, In Quarantäne, [283], [240305],1.0.2309
PUP.Optional.MindSpark, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_internetspeedtracker.dl.myway.com_0.localstorage-journal, In Quarantäne, [283], [240305],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\System Healer Task, In Quarantäne, [1014], [252783],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\System HealerPeriod, In Quarantäne, [1014], [252783],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\System HealerStartUp, In Quarantäne, [1014], [252783],1.0.2309
PUP.Optional.MagicDisk, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MGDISK\MGDISK.LNK, In Quarantäne, [8175], [413772],1.0.2309
PUP.Optional.MagicDisk, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mgdisk\uninstall mgdisk.lnk, In Quarantäne, [8175], [413772],1.0.2309
Rootkit.Komodia.PUA, C:\WINDOWS\SYSTEM32\DRIVERS\LACE_WPF_X64.SYS, In Quarantäne, [1817], [365194],1.0.2309
PUP.Optional.YTAdBlocker, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\BROWSER\FEATURES\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\INSTALL.RDF, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\files\background.js, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\files\foreground.js, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\files\main.css, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\icons\icon19.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\icons\icon48.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\icons\icon64.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\arrow.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\background.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\bindings.css, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\bindings.xml, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\styles.css, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hi\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\am\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ar\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\be\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\bg\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\bn\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ca\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\cs\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\da\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\de\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\el\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en_GB\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en_US\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\es\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\es_419\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\et\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fa\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fi\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fil\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fr\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\gu\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\he\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hr\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hu\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\id\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\it\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ja\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\kn\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ko\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\lt\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\lv\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\mk\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ml\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\mr\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ms\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\nl\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\no\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pl\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt_BR\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt_PT\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ro\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ru\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sk\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sl\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sq\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sr\messages.json, In Quarantäne, [1987], [345509],1.0.23
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sv\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sw\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ta\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\te\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\th\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\tr\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\uk\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\vi\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\zh_CN\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\zh_TW\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\background.html, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\background.xul, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\Kernel.js, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\bootstrap.js, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome.manifest, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Monitor, In Quarantäne, [489], [241381],1.0.2309
PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Run Delay, In Quarantäne, [489], [241381],1.0.2309
PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Task, In Quarantäne, [489], [241381],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\APPTRAILERS\APPTRAILERS.LNK, In Quarantäne, [887], [324491],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppTrailers\Uninstall.lnk, In Quarantäne, [887], [324491],1.0.2309
Adware.Elex, C:\USERS\USER\APPDATA\LOCAL\TEMP\APPHELPERV7.EXE, In Quarantäne, [2], [387001],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\SystemHealer Monitor, In Quarantäne, [1014], [252784],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\SystemHealer Run Delay, In Quarantäne, [1014], [252784],1.0.2309
PUP.Optional.BrowserModule, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PSYSOD7O.DEFAULT\CHROME\USERCONTENT.CSS, In Quarantäne, [2347], [389741],1.0.2309
PUP.Optional.SoftUpgrade, C:\WINDOWS\SYSTEM32\TASKS\SOFTUPGRADE, In Quarantäne, [1050], [260473],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{ABE209A6-4D9B-41F1-AD2B-15940E313E79}\config.json, In Quarantäne, [1605], [334834],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{ABE209A6-4D9B-41F1-AD2B-15940E313E79}\def.bin, In Quarantäne, [1605], [334834],1.0.2309
PUP.Optional.Geniv, C:\WINDOWS\SYSTEM32\TASKS\GEN, In Quarantäne, [2046], [344167],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_gobbnicjoijcfndfmmfjnfgldgcnjibl_0.localstorage, In Quarantäne, [3170], [384274],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_gobbnicjoijcfndfmmfjnfgldgcnjibl_0.localstorage-journal, In Quarantäne, [3170], [384274],1.0.2309
PUP.Optional.NeoBar, C:\WINDOWS\SYSTEM32\TASKS\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B, In Quarantäne, [152], [411158],1.0.2309
PUP.Optional.NeoBar, C:\WINDOWS\SYSTEM32\TASKS\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B2, In Quarantäne, [152], [411158],1.0.2309
PUP.Optional.NeoBar, C:\WINDOWS\SYSTEM32\TASKS\U2_2C6A44CB-AD42-4731-A544-3FBD3D83AB5B, In Quarantäne, [152], [411158],1.0.2309
PUP.Optional.ChinAd, C:\WINDOWS\SYSTEM32\DRIVERS\CFIDSK.SYS, In Quarantäne, [115], [412913],1.0.2309
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
Code:
ATTFilter HitmanPro 3.7.20.286
www.hitmanpro.com
Computer name . . . . : USER-PC
Windows . . . . . . . : 10.0.0.14393.X64/4
User name . . . . . . : USER-PC\user
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (31 days left)
Scan date . . . . . . : 2017-07-07 18:07:55
Scan mode . . . . . . : Normal
Scan duration . . . . : 7m 21s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes
Threats . . . . . . . : 26
Traces . . . . . . . : 509
Objects scanned . . . : 2.473.951
Files scanned . . . . : 140.669
Remnants scanned . . : 929.850 files / 1.403.432 keys
Malware _____________________________________________________________________
C:\Program Files\5QZG3OJ0TS\uninstaller.exe -> Quarantined
Size . . . . . . . : 318.464 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:00:47)
Entropy . . . . . : 6.1
SHA-256 . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-142.4s C:\Windows\Temp\_MEI64842\
-142.4s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-142.4s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-142.3s C:\Windows\Temp\_MEI64842\_bz2.pyd
-142.3s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-142.3s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-142.3s C:\Windows\Temp\_MEI64842\_lzma.pyd
-142.3s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-142.3s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-142.3s C:\Windows\Temp\_MEI64842\_socket.pyd
-142.3s C:\Windows\Temp\_MEI64842\_ssl.pyd
-142.3s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-142.3s C:\Windows\Temp\_MEI64842\python34.dll
-142.3s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-142.3s C:\Windows\Temp\_MEI64842\select.pyd
-142.3s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-142.3s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-142.3s C:\Windows\Temp\_MEI64842\Include\
-142.3s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-142.3s C:\Windows\Temp\_MEI64842\base_library.zip
-141.6s C:\Windows\Temp\secEE60.tmp
-141.6s C:\Windows\Temp\secEE61.tmp
-141.6s C:\Windows\Temp\secEE62.tmp
-141.6s C:\Windows\Temp\secEE63.tmp
-141.6s C:\Windows\Temp\secEE73.tmp
-141.6s C:\Windows\Temp\secEE74.tmp
-141.6s C:\Windows\Temp\secEE75.tmp
-141.6s C:\Windows\Temp\secEE76.tmp
-141.6s C:\Windows\Temp\secEE77.tmp
-141.6s C:\Windows\Temp\secEE78.tmp
-141.6s C:\Windows\Temp\secEE79.tmp
-141.6s C:\Windows\Temp\secEE7A.tmp
-141.6s C:\Windows\Temp\secEE8B.tmp
-141.6s C:\Windows\Temp\secEE8C.tmp
-141.6s C:\Windows\Temp\secEE8D.tmp
-141.6s C:\Windows\Temp\secEE8E.tmp
-141.6s C:\Windows\Temp\secEE8F.tmp
-141.6s C:\Windows\Temp\secEE90.tmp
-141.6s C:\Windows\Temp\secEE91.tmp
-139.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-138.2s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-134.5s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-133.4s C:\Windows\Temp\WAXE53.tmp
-112.3s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-108.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-108.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-107.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-104.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-104.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-100.2s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-96.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-96.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-75.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-70.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-70.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-69.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-68.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-68.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-66.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-66.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-65.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-65.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-57.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-50.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-50.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-50.9s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-50.9s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-50.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-50.4s C:\Windows\Temp\_MEI67202\
-50.4s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-50.4s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-50.3s C:\Windows\Temp\_MEI67202\_bz2.pyd
-50.3s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-50.3s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-50.3s C:\Windows\Temp\_MEI67202\_lzma.pyd
-50.3s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-50.3s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-50.3s C:\Windows\Temp\_MEI67202\_socket.pyd
-50.3s C:\Windows\Temp\_MEI67202\_ssl.pyd
-50.3s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-50.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-50.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-50.3s C:\Windows\Temp\_MEI67202\python34.dll
-50.2s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-50.2s C:\Windows\Temp\_MEI67202\select.pyd
-50.2s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-50.2s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-50.2s C:\Windows\Temp\_MEI67202\base_library.zip
-50.2s C:\Windows\Temp\_MEI67202\Include\
-50.2s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-46.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-46.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-45.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-44.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-44.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-43.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-43.0s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-38.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-38.1s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-37.8s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-37.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-36.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-36.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-34.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-34.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-33.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-33.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-32.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-31.7s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-30.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-30.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-29.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-24.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-22.7s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-22.2s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-21.5s C:\Program Files\5QZG3OJ0TS\
-19.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-15.5s C:\Users\user\AppData\Roaming\qa051vpwh05\
-13.8s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-10.9s C:\Program Files\LMCMPM4PUO\
-10.6s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-10.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-10.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-9.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-9.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-6.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-6.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-4.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-3.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-3.5s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-1.2s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
0.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
0.6s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
0.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
0.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
1.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
3.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
3.6s C:\Users\user\AppData\Roaming\xyz02h4odhk\
4.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
6.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
6.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
7.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
8.0s C:\Program Files\KZFZHJ3JTA\
8.8s C:\Program Files\5QZG3OJ0TS\cast.config
10.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
12.7s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
12.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
13.3s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
13.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
13.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
13.8s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
13.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
14.5s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
14.8s C:\Users\user\AppData\Local\Temp\3CSINwA73\
15.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
15.1s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
15.1s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
15.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
15.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
17.6s C:\Program Files\LMCMPM4PUO\cast.config
20.7s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
22.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
24.6s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
24.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
24.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
25.2s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
25.4s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
25.8s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
26.1s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
26.1s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
26.7s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
26.7s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
27.7s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
31.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
31.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
31.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
31.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
32.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
33.3s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
33.9s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
36.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
37.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
37.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
37.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
37.5s C:\ProgramData\Malwarebytes\MBAMService\tmp\
39.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
39.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
39.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
41.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
41.9s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
42.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
42.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
45.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
45.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
45.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
48.1s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
48.1s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
48.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
48.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
48.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
48.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
49.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
49.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
50.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
50.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
50.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
51.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
51.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
51.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
52.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
52.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
52.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
52.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
54.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
54.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
54.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
55.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
55.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
56.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
57.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
57.6s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
57.6s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
57.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
58.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
58.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
58.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
58.9s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
59.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
59.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
60.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
60.6s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
60.6s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
60.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
60.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
61.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
61.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
62.9s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
63.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
64.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
64.6s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
64.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
65.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
68.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
70.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
70.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
70.8s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
70.9s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
71.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
71.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
71.4s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
71.4s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
71.5s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
71.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
71.9s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
72.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
72.0s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
72.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
72.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
74.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
74.2s C:\Users\user\AppData\Local\Temp\647C.tmp
74.6s C:\Program Files\KZFZHJ3JTA\cast.config
74.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
74.9s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
75.3s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
75.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
78.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
78.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
79.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
80.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
80.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
80.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
80.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
80.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
81.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
81.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
81.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
82.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
82.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
82.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
82.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
84.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
84.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
84.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
84.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
85.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
85.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
86.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
86.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
86.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
86.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
87.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
88.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
88.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
89.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
89.3s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
89.3s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
89.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
93.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
95.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
95.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
95.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
95.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
95.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
96.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
97.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
97.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
98.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
98.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
98.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
103.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
103.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
103.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
104.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
105.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
106.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
106.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
107.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
107.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
107.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
108.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
108.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
108.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
108.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
109.3s C:\Users\user\AppData\Local\Temp\mbam\
109.3s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
110.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
110.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
110.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
110.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
111.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
111.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
112.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
112.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
112.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
112.9s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
114.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
115.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
116.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
116.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
116.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
117.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
117.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
118.2s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
118.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
119.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
119.7s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
120.5s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
120.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
122.7s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
123.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
124.5s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
127.5s C:\KRECYCLE\00030979.KVQ
127.8s C:\KRECYCLE\00030980.KVQ
128.1s C:\KRECYCLE\00030981.KVQ
128.3s C:\KRECYCLE\00030982.KVQ
128.4s C:\ProgramData\Kingsoft\DUBA\
128.4s C:\ProgramData\Kingsoft\DUBA\KScanLog\
128.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
128.6s C:\KRECYCLE\00030983.KVQ
130.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
132.7s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
133.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
135.0s C:\KRECYCLE\00030984.KVQ
142.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Program Files\KZFZHJ3JTA\uninstaller.exe -> Quarantined
Size . . . . . . . : 318.464 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:01:50)
Entropy . . . . . : 6.1
SHA-256 . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-205.2s C:\Windows\Temp\_MEI64842\
-205.2s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-205.2s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-205.2s C:\Windows\Temp\_MEI64842\_bz2.pyd
-205.2s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-205.2s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-205.2s C:\Windows\Temp\_MEI64842\_lzma.pyd
-205.2s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-205.2s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-205.2s C:\Windows\Temp\_MEI64842\_socket.pyd
-205.2s C:\Windows\Temp\_MEI64842\_ssl.pyd
-205.2s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-205.1s C:\Windows\Temp\_MEI64842\python34.dll
-205.1s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-205.1s C:\Windows\Temp\_MEI64842\select.pyd
-205.1s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-205.1s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-205.1s C:\Windows\Temp\_MEI64842\Include\
-205.1s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-205.1s C:\Windows\Temp\_MEI64842\base_library.zip
-204.5s C:\Windows\Temp\secEE60.tmp
-204.5s C:\Windows\Temp\secEE61.tmp
-204.5s C:\Windows\Temp\secEE62.tmp
-204.5s C:\Windows\Temp\secEE63.tmp
-204.5s C:\Windows\Temp\secEE73.tmp
-204.5s C:\Windows\Temp\secEE74.tmp
-204.5s C:\Windows\Temp\secEE75.tmp
-204.5s C:\Windows\Temp\secEE76.tmp
-204.5s C:\Windows\Temp\secEE77.tmp
-204.5s C:\Windows\Temp\secEE78.tmp
-204.5s C:\Windows\Temp\secEE79.tmp
-204.5s C:\Windows\Temp\secEE7A.tmp
-204.4s C:\Windows\Temp\secEE8B.tmp
-204.4s C:\Windows\Temp\secEE8C.tmp
-204.4s C:\Windows\Temp\secEE8D.tmp
-204.4s C:\Windows\Temp\secEE8E.tmp
-204.4s C:\Windows\Temp\secEE8F.tmp
-204.4s C:\Windows\Temp\secEE90.tmp
-204.4s C:\Windows\Temp\secEE91.tmp
-202.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-201.1s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-197.4s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-196.2s C:\Windows\Temp\WAXE53.tmp
-175.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-171.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-170.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-170.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-167.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-167.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-163.0s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-159.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-159.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-138.0s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-133.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-133.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-132.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-128.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-128.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-120.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-113.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-113.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-113.2s C:\Windows\Temp\_MEI67202\
-113.2s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-113.2s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-113.2s C:\Windows\Temp\_MEI67202\_bz2.pyd
-113.2s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-113.2s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-113.2s C:\Windows\Temp\_MEI67202\_lzma.pyd
-113.2s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-113.2s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-113.2s C:\Windows\Temp\_MEI67202\_socket.pyd
-113.1s C:\Windows\Temp\_MEI67202\_ssl.pyd
-113.1s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-113.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-113.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-113.1s C:\Windows\Temp\_MEI67202\python34.dll
-113.1s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-113.1s C:\Windows\Temp\_MEI67202\select.pyd
-113.1s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-113.1s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-113.1s C:\Windows\Temp\_MEI67202\base_library.zip
-113.1s C:\Windows\Temp\_MEI67202\Include\
-113.1s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-112.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-112.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-109.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-109.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-108.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-107.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-107.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-106.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-105.8s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-101.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-100.9s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-100.7s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-100.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-99.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-99.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-97.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-97.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-96.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-96.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-95.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-94.6s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-93.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-93.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-92.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-87.6s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-85.6s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-85.0s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-84.4s C:\Program Files\5QZG3OJ0TS\
-82.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-78.4s C:\Users\user\AppData\Roaming\qa051vpwh05\
-76.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-73.8s C:\Program Files\LMCMPM4PUO\
-73.5s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-73.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-73.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-72.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-72.4s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-69.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-69.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-66.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-66.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-66.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-66.4s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-64.0s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
-62.9s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
-62.2s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
-62.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
-62.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
-61.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
-61.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
-59.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
-59.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\
-58.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
-58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
-58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
-58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
-56.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
-56.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
-55.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
-54.9s C:\Program Files\KZFZHJ3JTA\
-54.1s C:\Program Files\5QZG3OJ0TS\cast.config
-52.1s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
-50.2s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
-50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
-49.6s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
-49.4s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
-49.4s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
-49.1s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
-48.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
-48.3s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
-48.1s C:\Users\user\AppData\Local\Temp\3CSINwA73\
-47.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
-47.8s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
-47.8s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
-47.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
-47.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
-45.3s C:\Program Files\LMCMPM4PUO\cast.config
-42.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
-40.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
-38.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
-38.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
-38.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
-37.7s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
-37.5s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
-37.0s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
-36.8s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
-36.8s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
-36.2s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
-36.2s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
-35.2s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
-31.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
-31.4s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
-31.4s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
-31.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
-30.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
-29.6s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
-29.0s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
-26.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
-25.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
-25.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
-25.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
-25.3s C:\ProgramData\Malwarebytes\MBAMService\tmp\
-23.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
-23.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
-23.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
-21.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
-21.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
|
|
10.07.2017, 21:17
| #10 |
| | Ungewünschte Pop-Ups in Chrome und Edge und Hitman: Code:
ATTFilter HitmanPro 3.7.20.286
www.hitmanpro.com
Computer name . . . . : USER-PC
Windows . . . . . . . : 10.0.0.14393.X64/4
User name . . . . . . : USER-PC\user
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (31 days left)
Scan date . . . . . . : 2017-07-07 18:07:55
Scan mode . . . . . . : Normal
Scan duration . . . . : 7m 21s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes
Threats . . . . . . . : 26
Traces . . . . . . . : 509
Objects scanned . . . : 2.473.951
Files scanned . . . . : 140.669
Remnants scanned . . : 929.850 files / 1.403.432 keys
Malware _____________________________________________________________________
C:\Program Files\5QZG3OJ0TS\uninstaller.exe -> Quarantined
Size . . . . . . . : 318.464 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:00:47)
Entropy . . . . . : 6.1
SHA-256 . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-142.4s C:\Windows\Temp\_MEI64842\
-142.4s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-142.4s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-142.3s C:\Windows\Temp\_MEI64842\_bz2.pyd
-142.3s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-142.3s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-142.3s C:\Windows\Temp\_MEI64842\_lzma.pyd
-142.3s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-142.3s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-142.3s C:\Windows\Temp\_MEI64842\_socket.pyd
-142.3s C:\Windows\Temp\_MEI64842\_ssl.pyd
-142.3s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-142.3s C:\Windows\Temp\_MEI64842\python34.dll
-142.3s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-142.3s C:\Windows\Temp\_MEI64842\select.pyd
-142.3s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-142.3s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-142.3s C:\Windows\Temp\_MEI64842\Include\
-142.3s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-142.3s C:\Windows\Temp\_MEI64842\base_library.zip
-141.6s C:\Windows\Temp\secEE60.tmp
-141.6s C:\Windows\Temp\secEE61.tmp
-141.6s C:\Windows\Temp\secEE62.tmp
-141.6s C:\Windows\Temp\secEE63.tmp
-141.6s C:\Windows\Temp\secEE73.tmp
-141.6s C:\Windows\Temp\secEE74.tmp
-141.6s C:\Windows\Temp\secEE75.tmp
-141.6s C:\Windows\Temp\secEE76.tmp
-141.6s C:\Windows\Temp\secEE77.tmp
-141.6s C:\Windows\Temp\secEE78.tmp
-141.6s C:\Windows\Temp\secEE79.tmp
-141.6s C:\Windows\Temp\secEE7A.tmp
-141.6s C:\Windows\Temp\secEE8B.tmp
-141.6s C:\Windows\Temp\secEE8C.tmp
-141.6s C:\Windows\Temp\secEE8D.tmp
-141.6s C:\Windows\Temp\secEE8E.tmp
-141.6s C:\Windows\Temp\secEE8F.tmp
-141.6s C:\Windows\Temp\secEE90.tmp
-141.6s C:\Windows\Temp\secEE91.tmp
-139.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-138.2s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-134.5s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-133.4s C:\Windows\Temp\WAXE53.tmp
-112.3s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-108.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-108.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-107.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-104.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-104.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-100.2s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-96.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-96.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-75.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-70.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-70.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-69.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-68.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-68.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-66.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-66.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-65.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-65.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-57.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-50.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-50.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-50.9s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-50.9s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-50.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-50.4s C:\Windows\Temp\_MEI67202\
-50.4s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-50.4s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-50.3s C:\Windows\Temp\_MEI67202\_bz2.pyd
-50.3s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-50.3s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-50.3s C:\Windows\Temp\_MEI67202\_lzma.pyd
-50.3s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-50.3s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-50.3s C:\Windows\Temp\_MEI67202\_socket.pyd
-50.3s C:\Windows\Temp\_MEI67202\_ssl.pyd
-50.3s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-50.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-50.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-50.3s C:\Windows\Temp\_MEI67202\python34.dll
-50.2s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-50.2s C:\Windows\Temp\_MEI67202\select.pyd
-50.2s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-50.2s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-50.2s C:\Windows\Temp\_MEI67202\base_library.zip
-50.2s C:\Windows\Temp\_MEI67202\Include\
-50.2s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-46.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-46.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-45.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-44.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-44.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-43.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-43.0s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-38.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-38.1s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-37.8s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-37.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-36.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-36.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-34.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-34.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-33.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-33.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-32.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-31.7s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-30.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-30.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-29.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-24.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-22.7s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-22.2s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-21.5s C:\Program Files\5QZG3OJ0TS\
-19.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-15.5s C:\Users\user\AppData\Roaming\qa051vpwh05\
-13.8s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-10.9s C:\Program Files\LMCMPM4PUO\
-10.6s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-10.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-10.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-9.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-9.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-6.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-6.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-4.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-3.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-3.5s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-1.2s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
0.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
0.6s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
0.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
0.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
1.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
3.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
3.6s C:\Users\user\AppData\Roaming\xyz02h4odhk\
4.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
6.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
6.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
7.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
8.0s C:\Program Files\KZFZHJ3JTA\
8.8s C:\Program Files\5QZG3OJ0TS\cast.config
10.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
12.7s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
12.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
13.3s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
13.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
13.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
13.8s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
13.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
14.5s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
14.8s C:\Users\user\AppData\Local\Temp\3CSINwA73\
15.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
15.1s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
15.1s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
15.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
15.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
17.6s C:\Program Files\LMCMPM4PUO\cast.config
20.7s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
22.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
24.6s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
24.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
24.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
25.2s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
25.4s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
25.8s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
26.1s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
26.1s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
26.7s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
26.7s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
27.7s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
31.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
31.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
31.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
31.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
32.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
33.3s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
33.9s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
36.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
37.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
37.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
37.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
37.5s C:\ProgramData\Malwarebytes\MBAMService\tmp\
39.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
39.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
39.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
41.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
41.9s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
42.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
42.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
45.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
45.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
45.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
48.1s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
48.1s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
48.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
48.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
48.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
48.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
49.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
49.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
50.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
50.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
50.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
51.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
51.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
51.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
52.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
52.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
52.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
52.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
54.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
54.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
54.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
55.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
55.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
56.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
57.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
57.6s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
57.6s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
57.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
58.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
58.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
58.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
58.9s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
59.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
59.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
60.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
60.6s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
60.6s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
60.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
60.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
61.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
61.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
62.9s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
63.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
64.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
64.6s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
64.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
65.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
68.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
70.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
70.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
70.8s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
70.9s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
71.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
71.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
71.4s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
71.4s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
71.5s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
71.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
71.9s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
72.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
72.0s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
72.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
72.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
74.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
74.2s C:\Users\user\AppData\Local\Temp\647C.tmp
74.6s C:\Program Files\KZFZHJ3JTA\cast.config
74.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
74.9s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
75.3s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
75.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
78.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
78.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
79.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
80.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
80.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
80.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
80.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
80.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
81.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
81.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
81.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
82.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
82.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
82.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
82.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
84.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
84.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
84.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
84.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
85.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
85.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
86.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
86.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
86.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
86.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
87.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
88.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
88.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
89.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
89.3s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
89.3s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
89.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
93.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
95.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
95.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
95.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
95.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
95.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
96.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
97.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
97.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
98.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
98.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
98.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
103.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
103.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
103.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
104.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
105.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
106.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
106.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
107.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
107.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
107.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
108.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
108.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
108.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
108.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
109.3s C:\Users\user\AppData\Local\Temp\mbam\
109.3s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
110.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
110.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
110.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
110.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
111.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
111.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
112.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
112.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
112.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
112.9s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
114.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
115.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
116.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
116.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
116.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
117.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
117.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
118.2s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
118.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
119.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
119.7s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
120.5s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
120.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
122.7s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
123.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
124.5s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
127.5s C:\KRECYCLE\00030979.KVQ
127.8s C:\KRECYCLE\00030980.KVQ
128.1s C:\KRECYCLE\00030981.KVQ
128.3s C:\KRECYCLE\00030982.KVQ
128.4s C:\ProgramData\Kingsoft\DUBA\
128.4s C:\ProgramData\Kingsoft\DUBA\KScanLog\
128.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
128.6s C:\KRECYCLE\00030983.KVQ
130.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
132.7s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
133.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
135.0s C:\KRECYCLE\00030984.KVQ
142.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Program Files\KZFZHJ3JTA\uninstaller.exe -> Quarantined
Size . . . . . . . : 318.464 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:01:50)
Entropy . . . . . : 6.1
SHA-256 . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-205.2s C:\Windows\Temp\_MEI64842\
-205.2s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-205.2s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-205.2s C:\Windows\Temp\_MEI64842\_bz2.pyd
-205.2s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-205.2s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-205.2s C:\Windows\Temp\_MEI64842\_lzma.pyd
-205.2s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-205.2s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-205.2s C:\Windows\Temp\_MEI64842\_socket.pyd
-205.2s C:\Windows\Temp\_MEI64842\_ssl.pyd
-205.2s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-205.1s C:\Windows\Temp\_MEI64842\python34.dll
-205.1s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-205.1s C:\Windows\Temp\_MEI64842\select.pyd
-205.1s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-205.1s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-205.1s C:\Windows\Temp\_MEI64842\Include\
-205.1s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-205.1s C:\Windows\Temp\_MEI64842\base_library.zip
-204.5s C:\Windows\Temp\secEE60.tmp
-204.5s C:\Windows\Temp\secEE61.tmp
-204.5s C:\Windows\Temp\secEE62.tmp
-204.5s C:\Windows\Temp\secEE63.tmp
-204.5s C:\Windows\Temp\secEE73.tmp
-204.5s C:\Windows\Temp\secEE74.tmp
-204.5s C:\Windows\Temp\secEE75.tmp
-204.5s C:\Windows\Temp\secEE76.tmp
-204.5s C:\Windows\Temp\secEE77.tmp
-204.5s C:\Windows\Temp\secEE78.tmp
-204.5s C:\Windows\Temp\secEE79.tmp
-204.5s C:\Windows\Temp\secEE7A.tmp
-204.4s C:\Windows\Temp\secEE8B.tmp
-204.4s C:\Windows\Temp\secEE8C.tmp
-204.4s C:\Windows\Temp\secEE8D.tmp
-204.4s C:\Windows\Temp\secEE8E.tmp
-204.4s C:\Windows\Temp\secEE8F.tmp
-204.4s C:\Windows\Temp\secEE90.tmp
-204.4s C:\Windows\Temp\secEE91.tmp
-202.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-201.1s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-197.4s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-196.2s C:\Windows\Temp\WAXE53.tmp
-175.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-171.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-170.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-170.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-167.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-167.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-163.0s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-159.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-159.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-138.0s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-133.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-133.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-132.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-128.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-128.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-120.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-113.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-113.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-113.2s C:\Windows\Temp\_MEI67202\
-113.2s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-113.2s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-113.2s C:\Windows\Temp\_MEI67202\_bz2.pyd
-113.2s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-113.2s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-113.2s C:\Windows\Temp\_MEI67202\_lzma.pyd
-113.2s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-113.2s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-113.2s C:\Windows\Temp\_MEI67202\_socket.pyd
-113.1s C:\Windows\Temp\_MEI67202\_ssl.pyd
-113.1s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-113.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-113.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-113.1s C:\Windows\Temp\_MEI67202\python34.dll
-113.1s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-113.1s C:\Windows\Temp\_MEI67202\select.pyd
-113.1s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-113.1s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-113.1s C:\Windows\Temp\_MEI67202\base_library.zip
-113.1s C:\Windows\Temp\_MEI67202\Include\
-113.1s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-112.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-112.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-109.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-109.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-108.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-107.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-107.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-106.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-105.8s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-101.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-100.9s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-100.7s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-100.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-99.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-99.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-97.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-97.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-96.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-96.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-95.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-94.6s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-93.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-93.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-92.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-87.6s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-85.6s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-85.0s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-84.4s C:\Program Files\5QZG3OJ0TS\
-82.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-78.4s C:\Users\user\AppData\Roaming\qa051vpwh05\
-76.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-73.8s C:\Program Files\LMCMPM4PUO\
-73.5s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-73.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-73.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-72.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-72.4s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-69.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-69.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-66.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-66.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-66.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-66.4s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-64.0s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
-62.9s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
-62.2s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
-62.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
-62.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
-61.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
-61.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
-59.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
-59.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\
-58.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
-58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
-58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
-58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
-58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
-58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
-56.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
-56.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
-55.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
-54.9s C:\Program Files\KZFZHJ3JTA\
-54.1s C:\Program Files\5QZG3OJ0TS\cast.config
-52.1s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
-50.2s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
-50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
-49.6s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
-49.4s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
-49.4s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
-49.1s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
-48.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
-48.3s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
-48.1s C:\Users\user\AppData\Local\Temp\3CSINwA73\
-47.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
-47.8s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
-47.8s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
-47.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
-47.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
-45.3s C:\Program Files\LMCMPM4PUO\cast.config
-42.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
-40.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
-38.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
-38.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
-38.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
-37.7s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
-37.5s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
-37.0s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
-36.8s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
-36.8s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
-36.2s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
-36.2s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
-35.2s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
-31.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
-31.4s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
-31.4s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
-31.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
-30.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
-29.6s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
-29.0s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
-26.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
-25.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
-25.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
-25.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
-25.3s C:\ProgramData\Malwarebytes\MBAMService\tmp\
-23.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
-23.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
-23.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
-21.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
-21.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
|
|
10.07.2017, 21:18
| #11 |
| | Ungewünschte Pop-Ups in Chrome und EdgeCode:
ATTFilter -21.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
-20.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-20.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-17.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
-17.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
-17.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
-14.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
-14.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
-14.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
-14.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
-14.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
-14.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
-13.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
-13.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
-12.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
-12.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
-12.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
-11.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-11.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-11.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
-10.4s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
-10.4s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
-10.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-10.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-8.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
-8.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
-8.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
-7.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
-6.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
-6.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
-5.8s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
-5.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
-5.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
-4.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
-4.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
-4.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
-4.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
-4.0s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
-3.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
-3.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
-2.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
-2.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
-2.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
-2.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
-2.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
-1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
-0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
0.0s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
0.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
1.7s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
1.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
2.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
5.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
8.0s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
8.1s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
8.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
8.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
8.5s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
8.5s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
8.6s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
8.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
9.0s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
9.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
9.2s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
9.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
9.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
11.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
11.3s C:\Users\user\AppData\Local\Temp\647C.tmp
11.8s C:\Program Files\KZFZHJ3JTA\cast.config
11.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
12.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
12.5s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
13.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
15.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
15.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
16.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
17.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
17.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
17.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
17.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
17.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
18.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
18.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
18.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
19.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
19.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
19.4s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
19.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
21.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
21.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
21.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
21.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
22.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
22.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
23.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
23.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
23.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
24.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
25.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
25.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
25.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
26.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
26.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
26.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
26.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
30.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
32.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
32.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
32.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
32.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
33.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
33.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
34.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
35.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
35.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
35.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
35.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
40.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
40.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
41.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
41.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
42.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
42.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
42.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
43.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
43.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
44.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
44.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
44.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
45.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
45.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
45.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
46.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
46.5s C:\Users\user\AppData\Local\Temp\mbam\
46.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
47.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
47.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
47.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
47.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
48.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
48.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
49.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
49.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
50.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
50.0s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
51.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
53.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
53.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
53.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
53.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
54.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
54.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
55.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
55.6s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
56.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
56.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
57.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
57.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
59.8s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
60.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
61.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
64.6s C:\KRECYCLE\00030979.KVQ
65.0s C:\KRECYCLE\00030980.KVQ
65.2s C:\KRECYCLE\00030981.KVQ
65.5s C:\KRECYCLE\00030982.KVQ
65.5s C:\ProgramData\Kingsoft\DUBA\
65.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\
65.7s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
65.7s C:\KRECYCLE\00030983.KVQ
67.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
68.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
69.9s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
70.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
72.2s C:\KRECYCLE\00030984.KVQ
79.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Program Files\LMCMPM4PUO\uninstaller.exe -> Quarantined
Size . . . . . . . : 318.464 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:00:55)
Entropy . . . . . : 6.1
SHA-256 . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-149.8s C:\Windows\Temp\_MEI64842\
-149.8s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-149.8s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-149.8s C:\Windows\Temp\_MEI64842\_bz2.pyd
-149.8s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-149.7s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-149.7s C:\Windows\Temp\_MEI64842\_lzma.pyd
-149.7s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-149.7s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-149.7s C:\Windows\Temp\_MEI64842\_socket.pyd
-149.7s C:\Windows\Temp\_MEI64842\_ssl.pyd
-149.7s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-149.7s C:\Windows\Temp\_MEI64842\python34.dll
-149.7s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-149.7s C:\Windows\Temp\_MEI64842\select.pyd
-149.7s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-149.7s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-149.7s C:\Windows\Temp\_MEI64842\Include\
-149.7s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-149.7s C:\Windows\Temp\_MEI64842\base_library.zip
-149.0s C:\Windows\Temp\secEE60.tmp
-149.0s C:\Windows\Temp\secEE61.tmp
-149.0s C:\Windows\Temp\secEE62.tmp
-149.0s C:\Windows\Temp\secEE63.tmp
-149.0s C:\Windows\Temp\secEE73.tmp
-149.0s C:\Windows\Temp\secEE74.tmp
-149.0s C:\Windows\Temp\secEE75.tmp
-149.0s C:\Windows\Temp\secEE76.tmp
-149.0s C:\Windows\Temp\secEE77.tmp
-149.0s C:\Windows\Temp\secEE78.tmp
-149.0s C:\Windows\Temp\secEE79.tmp
-149.0s C:\Windows\Temp\secEE7A.tmp
-149.0s C:\Windows\Temp\secEE8B.tmp
-149.0s C:\Windows\Temp\secEE8C.tmp
-149.0s C:\Windows\Temp\secEE8D.tmp
-149.0s C:\Windows\Temp\secEE8E.tmp
-149.0s C:\Windows\Temp\secEE8F.tmp
-149.0s C:\Windows\Temp\secEE90.tmp
-149.0s C:\Windows\Temp\secEE91.tmp
-147.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-145.6s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-141.9s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-140.8s C:\Windows\Temp\WAXE53.tmp
-119.7s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-116.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-115.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-114.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-111.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-111.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-107.6s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-103.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-103.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-82.5s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-78.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-78.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-76.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-75.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-75.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-73.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-73.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-73.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-73.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-65.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-58.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-58.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-58.3s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-58.3s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-58.2s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-57.8s C:\Windows\Temp\_MEI67202\
-57.8s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-57.8s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-57.7s C:\Windows\Temp\_MEI67202\_bz2.pyd
-57.7s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-57.7s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-57.7s C:\Windows\Temp\_MEI67202\_lzma.pyd
-57.7s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-57.7s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-57.7s C:\Windows\Temp\_MEI67202\_socket.pyd
-57.7s C:\Windows\Temp\_MEI67202\_ssl.pyd
-57.7s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-57.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-57.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-57.7s C:\Windows\Temp\_MEI67202\python34.dll
-57.7s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-57.7s C:\Windows\Temp\_MEI67202\select.pyd
-57.6s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-57.6s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-57.6s C:\Windows\Temp\_MEI67202\base_library.zip
-57.6s C:\Windows\Temp\_MEI67202\Include\
-57.6s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-57.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-57.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-54.0s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-54.0s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-52.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-51.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-51.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-51.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-50.4s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-48.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-48.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-48.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-48.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-46.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-45.5s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-45.2s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-44.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-43.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-43.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-42.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-42.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-41.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-41.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-39.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-39.1s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-38.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-38.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-36.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-32.1s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-30.2s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-29.6s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-28.9s C:\Program Files\5QZG3OJ0TS\
-26.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-23.0s C:\Users\user\AppData\Roaming\qa051vpwh05\
-21.2s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-18.3s C:\Program Files\LMCMPM4PUO\
-18.0s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-17.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-17.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-17.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-16.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-13.6s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-13.6s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-11.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-10.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-10.9s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-8.6s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
-7.4s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
-6.8s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
-6.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
-6.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
-6.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
-6.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
-4.0s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
-3.8s C:\Users\user\AppData\Roaming\xyz02h4odhk\
-2.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
-1.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
-1.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
0.0s C:\Program Files\LMCMPM4PUO\uninstaller.exe
0.6s C:\Program Files\KZFZHJ3JTA\
1.4s C:\Program Files\5QZG3OJ0TS\cast.config
3.4s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
5.3s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
5.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
5.9s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
6.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
6.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
6.4s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
6.5s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
7.1s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
7.4s C:\Users\user\AppData\Local\Temp\3CSINwA73\
7.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
7.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
7.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
8.0s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
8.0s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
10.2s C:\Program Files\LMCMPM4PUO\cast.config
13.3s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
15.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
17.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
17.4s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
17.4s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
17.8s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
18.0s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
18.4s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
18.7s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
18.7s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
19.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
19.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
20.3s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
24.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
24.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
24.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
24.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
24.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
25.9s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
26.5s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
28.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
29.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
29.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
30.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
30.1s C:\ProgramData\Malwarebytes\MBAMService\tmp\
31.5s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
32.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
32.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
33.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
34.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
34.5s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
34.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
34.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
37.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
37.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
38.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
40.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
40.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
41.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
41.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
41.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
41.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
42.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
42.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
43.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
43.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
43.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
43.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
44.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
45.1s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
45.1s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
45.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
45.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
46.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
47.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
47.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
48.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
48.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
48.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
49.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
50.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
50.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
50.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
50.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
51.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
51.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
51.5s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
52.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
52.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
53.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
53.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
53.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
53.4s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
53.4s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
54.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
54.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
55.4s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
56.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
56.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
57.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
57.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
58.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
61.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
62.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
62.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
63.4s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
63.5s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
63.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
63.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
64.0s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
64.0s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
64.1s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
64.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
64.5s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
64.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
64.6s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
64.9s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
64.9s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
66.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
66.8s C:\Users\user\AppData\Local\Temp\647C.tmp
67.2s C:\Program Files\KZFZHJ3JTA\cast.config
67.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
67.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
67.9s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
68.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
71.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
71.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
71.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
72.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
72.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
73.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
73.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
73.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
73.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
73.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
73.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
74.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
74.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
74.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
75.4s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
76.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
76.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
77.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
77.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
78.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
78.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
78.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
78.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
79.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
79.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
80.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
80.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
81.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
81.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
81.9s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
81.9s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
82.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
85.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
87.6s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
87.6s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
87.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
88.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
88.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
89.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
90.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
90.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
90.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
90.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
90.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
95.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
96.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
96.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
97.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
99.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
99.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
100.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
100.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
100.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
100.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
101.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
101.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
101.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
101.9s C:\Users\user\AppData\Local\Temp\mbam\
101.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
102.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
102.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
103.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
103.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
104.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
104.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
104.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
105.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
105.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
105.5s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
107.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
108.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
109.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
109.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
109.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
109.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
110.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
110.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
111.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
112.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
112.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
113.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
113.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
115.3s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
115.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
117.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
120.1s C:\KRECYCLE\00030979.KVQ
120.4s C:\KRECYCLE\00030980.KVQ
120.7s C:\KRECYCLE\00030981.KVQ
120.9s C:\KRECYCLE\00030982.KVQ
121.0s C:\ProgramData\Kingsoft\DUBA\
121.0s C:\ProgramData\Kingsoft\DUBA\KScanLog\
121.1s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
121.2s C:\KRECYCLE\00030983.KVQ
122.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
123.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
125.3s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
126.3s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
127.6s C:\KRECYCLE\00030984.KVQ
135.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Users\user\AppData\Local\Temp\15XveUazm\15XveUazm.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:53)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\1964628687\ic-0.7de565e114466c.exe -> Quarantined
Size . . . . . . . : 7.756.235 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:35:57)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0140BE3788782BEA973D20DFCBD0114305690406740DF9CAF95A4857569230D2
Product . . . . . : Micro Foundation
Publisher . . . . : Micro Foundation, Inc.
Description . . . : Micro Foundation Setup
Version
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 108.0
C:\Users\user\AppData\Local\Temp\3EACP5BCx\3EACP5BCx.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:05)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\6N6OK14u4\ytab_m_1_big.exe -> Quarantined
Size . . . . . . . : 2.635.129 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:36:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : E684A02D42680920CFBBBE113ACA12A3B33DCE6F3DEBA7E125FA367DDF023834
> Bitdefender . . . : Gen:Variant.Zusy.244422
Fuzzy . . . . . . : 116.0
C:\Users\user\AppData\Local\Temp\6QYCphRX4\6QYCphRX4.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:15)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\cctrD0rcf\netstream.exe -> Quarantined
Size . . . . . . . : 416.256 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:36:45)
Entropy . . . . . : 6.0
SHA-256 . . . . . : F8B2CCCA1688CBB0D0EB3C6190FF9D91E947DE9EF5BF4794D1F77582D0DBB53F
Product . . . . . : Folder Guard
Publisher . . . . : WinAbility® Software Corporation
Description . . . : Folder Guard setip
Version . . . . . : 9.1
Copyright . . . . : Copyright © 2013 WinAbility® Software Corporation. All rights reserved.
LanguageID . . . . : 1033
> Kaspersky . . . . : Trojan.Win32.Yakes.trin
Fuzzy . . . . . . : 103.0
C:\Users\user\AppData\Local\Temp\cqZRkRTTx\ytab_m_1_big.exe -> Quarantined
Size . . . . . . . : 2.638.661 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:33)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 4106DFB3B6646558131DF7D820E8E4642B8E9883FBB052B13D8BDB343BD66421
> Bitdefender . . . : Gen:Variant.Zusy.244422
Fuzzy . . . . . . : 116.0
C:\Users\user\AppData\Local\Temp\gWHcPz8uO\ytab_m_1_big.exe -> Quarantined
Size . . . . . . . : 2.402.783 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:36:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : AFCB6AA76242E622838B85E1283843CC45A86D9EB4F91AB6F14E000EF1CEE168
> Bitdefender . . . : Gen:Variant.Zusy.244422
Fuzzy . . . . . . : 116.0
|
|
10.07.2017, 21:20
| #12 |
| | Ungewünschte Pop-Ups in Chrome und EdgeCode:
ATTFilter -21.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
-20.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-20.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-17.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
-17.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
-17.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
-14.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
-14.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
-14.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
-14.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
-14.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
-14.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
-13.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
-13.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
-12.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
-12.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
-12.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
-11.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-11.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-11.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
-10.4s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
-10.4s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
-10.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-10.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-8.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
-8.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
-8.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
-7.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
-6.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
-6.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
-5.8s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
-5.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
-5.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
-4.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
-4.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
-4.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
-4.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
-4.0s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
-3.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
-3.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
-2.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
-2.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
-2.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
-2.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
-2.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
-1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
-0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
0.0s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
0.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
1.7s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
1.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
2.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
5.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
8.0s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
8.1s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
8.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
8.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
8.5s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
8.5s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
8.6s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
8.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
9.0s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
9.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
9.2s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
9.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
9.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
11.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
11.3s C:\Users\user\AppData\Local\Temp\647C.tmp
11.8s C:\Program Files\KZFZHJ3JTA\cast.config
11.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
12.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
12.5s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
13.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
15.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
15.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
16.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
17.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
17.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
17.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
17.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
17.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
18.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
18.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
18.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
19.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
19.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
19.4s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
19.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
21.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
21.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
21.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
21.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
22.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
22.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
23.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
23.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
23.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
24.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
25.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
25.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
25.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
26.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
26.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
26.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
26.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
30.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
32.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
32.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
32.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
32.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
33.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
33.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
34.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
35.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
35.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
35.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
35.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
40.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
40.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
41.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
41.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
42.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
42.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
42.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
43.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
43.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
44.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
44.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
44.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
45.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
45.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
45.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
46.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
46.5s C:\Users\user\AppData\Local\Temp\mbam\
46.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
47.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
47.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
47.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
47.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
48.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
48.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
49.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
49.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
50.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
50.0s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
51.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
53.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
53.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
53.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
53.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
54.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
54.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
55.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
55.6s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
56.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
56.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
57.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
57.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
59.8s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
60.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
61.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
64.6s C:\KRECYCLE\00030979.KVQ
65.0s C:\KRECYCLE\00030980.KVQ
65.2s C:\KRECYCLE\00030981.KVQ
65.5s C:\KRECYCLE\00030982.KVQ
65.5s C:\ProgramData\Kingsoft\DUBA\
65.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\
65.7s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
65.7s C:\KRECYCLE\00030983.KVQ
67.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
68.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
69.9s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
70.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
72.2s C:\KRECYCLE\00030984.KVQ
79.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Program Files\LMCMPM4PUO\uninstaller.exe -> Quarantined
Size . . . . . . . : 318.464 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:00:55)
Entropy . . . . . : 6.1
SHA-256 . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-149.8s C:\Windows\Temp\_MEI64842\
-149.8s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-149.8s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-149.8s C:\Windows\Temp\_MEI64842\_bz2.pyd
-149.8s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-149.7s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-149.7s C:\Windows\Temp\_MEI64842\_lzma.pyd
-149.7s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-149.7s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-149.7s C:\Windows\Temp\_MEI64842\_socket.pyd
-149.7s C:\Windows\Temp\_MEI64842\_ssl.pyd
-149.7s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-149.7s C:\Windows\Temp\_MEI64842\python34.dll
-149.7s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-149.7s C:\Windows\Temp\_MEI64842\select.pyd
-149.7s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-149.7s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-149.7s C:\Windows\Temp\_MEI64842\Include\
-149.7s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-149.7s C:\Windows\Temp\_MEI64842\base_library.zip
-149.0s C:\Windows\Temp\secEE60.tmp
-149.0s C:\Windows\Temp\secEE61.tmp
-149.0s C:\Windows\Temp\secEE62.tmp
-149.0s C:\Windows\Temp\secEE63.tmp
-149.0s C:\Windows\Temp\secEE73.tmp
-149.0s C:\Windows\Temp\secEE74.tmp
-149.0s C:\Windows\Temp\secEE75.tmp
-149.0s C:\Windows\Temp\secEE76.tmp
-149.0s C:\Windows\Temp\secEE77.tmp
-149.0s C:\Windows\Temp\secEE78.tmp
-149.0s C:\Windows\Temp\secEE79.tmp
-149.0s C:\Windows\Temp\secEE7A.tmp
-149.0s C:\Windows\Temp\secEE8B.tmp
-149.0s C:\Windows\Temp\secEE8C.tmp
-149.0s C:\Windows\Temp\secEE8D.tmp
-149.0s C:\Windows\Temp\secEE8E.tmp
-149.0s C:\Windows\Temp\secEE8F.tmp
-149.0s C:\Windows\Temp\secEE90.tmp
-149.0s C:\Windows\Temp\secEE91.tmp
-147.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-145.6s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-141.9s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-140.8s C:\Windows\Temp\WAXE53.tmp
-119.7s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-116.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-115.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-114.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-111.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-111.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-107.6s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-103.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-103.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-82.5s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-78.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-78.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-76.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-75.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-75.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-73.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-73.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-73.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-73.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-65.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-58.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-58.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-58.3s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-58.3s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-58.2s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-57.8s C:\Windows\Temp\_MEI67202\
-57.8s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-57.8s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-57.7s C:\Windows\Temp\_MEI67202\_bz2.pyd
-57.7s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-57.7s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-57.7s C:\Windows\Temp\_MEI67202\_lzma.pyd
-57.7s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-57.7s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-57.7s C:\Windows\Temp\_MEI67202\_socket.pyd
-57.7s C:\Windows\Temp\_MEI67202\_ssl.pyd
-57.7s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-57.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-57.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-57.7s C:\Windows\Temp\_MEI67202\python34.dll
-57.7s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-57.7s C:\Windows\Temp\_MEI67202\select.pyd
-57.6s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-57.6s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-57.6s C:\Windows\Temp\_MEI67202\base_library.zip
-57.6s C:\Windows\Temp\_MEI67202\Include\
-57.6s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-57.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-57.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-54.0s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-54.0s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-52.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-51.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-51.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-51.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-50.4s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-48.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-48.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-48.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-48.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-46.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-45.5s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-45.2s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-44.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-43.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-43.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-42.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-42.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-41.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-41.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-39.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-39.1s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-38.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-38.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-36.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-32.1s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-30.2s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-29.6s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-28.9s C:\Program Files\5QZG3OJ0TS\
-26.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-23.0s C:\Users\user\AppData\Roaming\qa051vpwh05\
-21.2s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-18.3s C:\Program Files\LMCMPM4PUO\
-18.0s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-17.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-17.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-17.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-16.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-13.6s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-13.6s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-11.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-10.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-10.9s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-8.6s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
-7.4s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
-6.8s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
-6.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
-6.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
-6.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
-6.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
-4.0s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
-3.8s C:\Users\user\AppData\Roaming\xyz02h4odhk\
-2.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
-2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
-2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
-2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
-1.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
-1.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
0.0s C:\Program Files\LMCMPM4PUO\uninstaller.exe
0.6s C:\Program Files\KZFZHJ3JTA\
1.4s C:\Program Files\5QZG3OJ0TS\cast.config
3.4s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
5.3s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
5.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
5.9s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
6.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
6.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
6.4s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
6.5s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
7.1s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
7.4s C:\Users\user\AppData\Local\Temp\3CSINwA73\
7.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
7.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
7.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
8.0s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
8.0s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
10.2s C:\Program Files\LMCMPM4PUO\cast.config
13.3s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
15.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
17.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
17.4s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
17.4s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
17.8s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
18.0s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
18.4s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
18.7s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
18.7s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
19.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
19.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
20.3s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
24.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
24.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
24.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
24.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
24.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
25.9s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
26.5s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
28.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
29.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
29.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
30.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
30.1s C:\ProgramData\Malwarebytes\MBAMService\tmp\
31.5s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
32.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
32.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
33.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
34.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
34.5s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
34.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
34.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
37.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
37.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
38.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
40.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
40.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
41.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
41.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
41.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
41.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
42.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
42.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
43.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
43.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
43.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
43.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
44.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
45.1s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
45.1s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
45.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
45.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
46.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
47.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
47.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
48.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
48.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
48.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
49.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
50.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
50.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
50.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
50.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
51.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
51.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
51.5s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
52.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
52.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
53.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
53.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
53.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
53.4s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
53.4s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
54.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
54.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
55.4s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
56.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
56.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
57.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
57.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
58.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
61.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
62.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
62.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
63.4s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
63.5s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
63.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
63.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
64.0s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
64.0s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
64.1s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
64.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
64.5s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
64.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
64.6s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
64.9s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
64.9s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
66.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
66.8s C:\Users\user\AppData\Local\Temp\647C.tmp
67.2s C:\Program Files\KZFZHJ3JTA\cast.config
67.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
67.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
67.9s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
68.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
71.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
71.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
71.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
72.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
72.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
73.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
73.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
73.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
73.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
73.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
73.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
74.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
74.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
74.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
75.4s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
76.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
76.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
77.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
77.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
78.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
78.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
78.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
78.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
79.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
79.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
80.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
80.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
81.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
81.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
81.9s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
81.9s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
82.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
85.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
87.6s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
87.6s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
87.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
88.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
88.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
89.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
90.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
90.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
90.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
90.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
90.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
95.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
96.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
96.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
97.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
99.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
99.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
100.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
100.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
100.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
100.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
101.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
101.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
101.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
101.9s C:\Users\user\AppData\Local\Temp\mbam\
101.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
102.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
102.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
103.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
103.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
104.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
104.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
104.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
105.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
105.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
105.5s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
107.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
108.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
109.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
109.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
109.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
109.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
110.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
110.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
111.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
112.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
112.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
113.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
113.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
115.3s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
115.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
117.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
120.1s C:\KRECYCLE\00030979.KVQ
120.4s C:\KRECYCLE\00030980.KVQ
120.7s C:\KRECYCLE\00030981.KVQ
120.9s C:\KRECYCLE\00030982.KVQ
121.0s C:\ProgramData\Kingsoft\DUBA\
121.0s C:\ProgramData\Kingsoft\DUBA\KScanLog\
121.1s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
121.2s C:\KRECYCLE\00030983.KVQ
122.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
123.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
125.3s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
126.3s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
127.6s C:\KRECYCLE\00030984.KVQ
135.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Users\user\AppData\Local\Temp\15XveUazm\15XveUazm.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:53)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\1964628687\ic-0.7de565e114466c.exe -> Quarantined
Size . . . . . . . : 7.756.235 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:35:57)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0140BE3788782BEA973D20DFCBD0114305690406740DF9CAF95A4857569230D2
Product . . . . . : Micro Foundation
Publisher . . . . : Micro Foundation, Inc.
Description . . . : Micro Foundation Setup
Version
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 108.0
C:\Users\user\AppData\Local\Temp\3EACP5BCx\3EACP5BCx.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:05)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\6N6OK14u4\ytab_m_1_big.exe -> Quarantined
Size . . . . . . . : 2.635.129 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:36:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : E684A02D42680920CFBBBE113ACA12A3B33DCE6F3DEBA7E125FA367DDF023834
> Bitdefender . . . : Gen:Variant.Zusy.244422
Fuzzy . . . . . . : 116.0
C:\Users\user\AppData\Local\Temp\6QYCphRX4\6QYCphRX4.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:15)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\cctrD0rcf\netstream.exe -> Quarantined
Size . . . . . . . : 416.256 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:36:45)
Entropy . . . . . : 6.0
SHA-256 . . . . . : F8B2CCCA1688CBB0D0EB3C6190FF9D91E947DE9EF5BF4794D1F77582D0DBB53F
Product . . . . . : Folder Guard
Publisher . . . . : WinAbility® Software Corporation
Description . . . : Folder Guard setip
Version . . . . . : 9.1
Copyright . . . . : Copyright © 2013 WinAbility® Software Corporation. All rights reserved.
LanguageID . . . . : 1033
> Kaspersky . . . . : Trojan.Win32.Yakes.trin
Fuzzy . . . . . . : 103.0
C:\Users\user\AppData\Local\Temp\cqZRkRTTx\ytab_m_1_big.exe -> Quarantined
Size . . . . . . . : 2.638.661 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:33)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 4106DFB3B6646558131DF7D820E8E4642B8E9883FBB052B13D8BDB343BD66421
> Bitdefender . . . : Gen:Variant.Zusy.244422
Fuzzy . . . . . . : 116.0
C:\Users\user\AppData\Local\Temp\gWHcPz8uO\ytab_m_1_big.exe -> Quarantined
Size . . . . . . . : 2.402.783 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:36:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : AFCB6AA76242E622838B85E1283843CC45A86D9EB4F91AB6F14E000EF1CEE168
> Bitdefender . . . : Gen:Variant.Zusy.244422
Fuzzy . . . . . . : 116.0
C:\Users\user\AppData\Local\Temp\hncS2gxko\netstream.exe -> Quarantined
Size . . . . . . . : 416.256 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:36:46)
Entropy . . . . . : 6.0
SHA-256 . . . . . : F8B2CCCA1688CBB0D0EB3C6190FF9D91E947DE9EF5BF4794D1F77582D0DBB53F
Product . . . . . : Folder Guard
Publisher . . . . : WinAbility® Software Corporation
Description . . . : Folder Guard setip
Version . . . . . : 9.1
Copyright . . . . : Copyright © 2013 WinAbility® Software Corporation. All rights reserved.
LanguageID . . . . : 1033
> Kaspersky . . . . : Trojan.Win32.Yakes.trin
Fuzzy . . . . . . : 103.0
C:\Users\user\AppData\Local\Temp\is-1T07S.tmp\ins.exe -> Quarantined
Size . . . . . . . : 739.840 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:35:24)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 53125BC5C87031E9625FB810E382D8B8B0AAFB53EB292F283CC52FA5B285E204
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:02:08)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-223.0s C:\Windows\Temp\_MEI64842\
-223.0s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-223.0s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-223.0s C:\Windows\Temp\_MEI64842\_bz2.pyd
-223.0s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-223.0s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-223.0s C:\Windows\Temp\_MEI64842\_lzma.pyd
-223.0s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-223.0s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-223.0s C:\Windows\Temp\_MEI64842\_socket.pyd
-222.9s C:\Windows\Temp\_MEI64842\_ssl.pyd
-222.9s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-222.9s C:\Windows\Temp\_MEI64842\python34.dll
-222.9s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-222.9s C:\Windows\Temp\_MEI64842\select.pyd
-222.9s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-222.9s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-222.9s C:\Windows\Temp\_MEI64842\Include\
-222.9s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-222.9s C:\Windows\Temp\_MEI64842\base_library.zip
-222.3s C:\Windows\Temp\secEE60.tmp
-222.3s C:\Windows\Temp\secEE61.tmp
-222.3s C:\Windows\Temp\secEE62.tmp
-222.2s C:\Windows\Temp\secEE63.tmp
-222.2s C:\Windows\Temp\secEE73.tmp
-222.2s C:\Windows\Temp\secEE74.tmp
-222.2s C:\Windows\Temp\secEE75.tmp
-222.2s C:\Windows\Temp\secEE76.tmp
-222.2s C:\Windows\Temp\secEE77.tmp
-222.2s C:\Windows\Temp\secEE78.tmp
-222.2s C:\Windows\Temp\secEE79.tmp
-222.2s C:\Windows\Temp\secEE7A.tmp
-222.2s C:\Windows\Temp\secEE8B.tmp
-222.2s C:\Windows\Temp\secEE8C.tmp
-222.2s C:\Windows\Temp\secEE8D.tmp
-222.2s C:\Windows\Temp\secEE8E.tmp
-222.2s C:\Windows\Temp\secEE8F.tmp
-222.2s C:\Windows\Temp\secEE90.tmp
-222.2s C:\Windows\Temp\secEE91.tmp
-220.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-218.9s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-215.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-214.0s C:\Windows\Temp\WAXE53.tmp
-192.9s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-189.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-188.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-188.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-184.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-184.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-184.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-184.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-184.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-184.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-180.8s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-177.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-177.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-155.7s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-151.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-151.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-150.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-149.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-149.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-146.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-146.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-146.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-146.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-138.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-131.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-131.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-131.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-131.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-131.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-131.0s C:\Windows\Temp\_MEI67202\
-131.0s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-131.0s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-131.0s C:\Windows\Temp\_MEI67202\_bz2.pyd
-131.0s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-131.0s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-131.0s C:\Windows\Temp\_MEI67202\_lzma.pyd
-131.0s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-131.0s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-131.0s C:\Windows\Temp\_MEI67202\_socket.pyd
-130.9s C:\Windows\Temp\_MEI67202\_ssl.pyd
-130.9s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-130.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-130.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-130.9s C:\Windows\Temp\_MEI67202\python34.dll
-130.9s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-130.9s C:\Windows\Temp\_MEI67202\select.pyd
-130.9s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-130.9s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-130.9s C:\Windows\Temp\_MEI67202\base_library.zip
-130.9s C:\Windows\Temp\_MEI67202\Include\
-130.9s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-130.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-130.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-127.3s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-127.3s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-125.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-125.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-125.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-124.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-123.6s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-121.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-121.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-121.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-121.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-119.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-118.7s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-118.4s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-118.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-116.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-116.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-115.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-115.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-114.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-114.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-112.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-112.4s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-111.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-111.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-109.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-105.3s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-103.4s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-102.8s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-102.1s C:\Program Files\5QZG3OJ0TS\
-99.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-96.2s C:\Users\user\AppData\Roaming\qa051vpwh05\
-94.4s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-91.5s C:\Program Files\LMCMPM4PUO\
-91.2s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-90.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-90.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-90.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-90.1s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-86.8s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-86.8s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-84.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-84.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-84.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-84.1s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-81.8s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
-80.6s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
-80.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
-80.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
-79.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
-79.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
-79.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
-77.2s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
-77.0s C:\Users\user\AppData\Roaming\xyz02h4odhk\
-76.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
-76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
-75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
-75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
-74.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
-74.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
-73.2s C:\Program Files\LMCMPM4PUO\uninstaller.exe
-72.7s C:\Program Files\KZFZHJ3JTA\
-71.9s C:\Program Files\5QZG3OJ0TS\cast.config
-69.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
-68.0s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
-67.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
-67.3s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
-67.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
-67.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
-66.8s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
-66.7s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
-66.1s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
-65.9s C:\Users\user\AppData\Local\Temp\3CSINwA73\
-65.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
-65.6s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
-65.6s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
-65.2s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
-65.2s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
-63.0s C:\Program Files\LMCMPM4PUO\cast.config
-59.9s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
-58.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
-56.0s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
-55.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
-55.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
-55.5s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
-55.2s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
-54.8s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
-54.6s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
-54.6s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
-53.9s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
-53.9s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
-53.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
-49.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
-49.2s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
-49.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
-49.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
-48.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
-47.3s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
-46.7s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
-44.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
-43.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
-43.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
-43.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
-43.1s C:\ProgramData\Malwarebytes\MBAMService\tmp\
-41.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
-40.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
-40.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
-39.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
-39.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
-38.8s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
-38.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-38.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-35.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
-35.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
-35.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
-32.5s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
-32.5s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
-32.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
-32.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
-31.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
-31.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
-31.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
-31.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
-30.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
-30.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
-29.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
-29.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-29.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-29.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
-28.2s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
-28.2s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
-28.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-28.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-26.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
-26.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
-26.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
-24.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
-24.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
-24.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
-23.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
-23.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
-23.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
-22.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
-22.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
-22.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
-22.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
-21.8s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
-21.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
-20.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
-20.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
-20.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
-20.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
-19.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
-19.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
-19.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
-18.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
-17.8s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
-17.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
-16.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
-16.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
-16.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
-15.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
-12.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
-10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
-10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
-9.8s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
-9.7s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
-9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
-9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
-9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
-9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
-9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
-9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
-9.2s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
-9.2s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
-9.1s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
-8.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
-8.8s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
-8.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
-8.6s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
-8.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
-8.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
-6.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
-6.4s C:\Users\user\AppData\Local\Temp\647C.tmp
-6.0s C:\Program Files\KZFZHJ3JTA\cast.config
-5.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
-5.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
-5.3s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
-4.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
-2.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
-1.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
-1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
-0.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
-0.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
-0.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
-0.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
0.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
0.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
0.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
0.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
1.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
1.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
2.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
3.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
3.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
4.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
4.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
5.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
5.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
5.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
6.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
6.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
7.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
7.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
8.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
8.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
8.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
8.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
8.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
12.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
14.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
14.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
14.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
14.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
15.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
16.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
17.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
17.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
17.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
17.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
17.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
22.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
23.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
23.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
24.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
25.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
25.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
26.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
27.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
27.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
27.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
27.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
28.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
28.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
28.7s C:\Users\user\AppData\Local\Temp\mbam\
28.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
29.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
29.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
29.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
29.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
30.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
31.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
31.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
31.8s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
32.3s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
32.3s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
33.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
35.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
35.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
35.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
36.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
36.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
36.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
37.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
37.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
38.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
39.1s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
39.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
40.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
42.1s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
42.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
43.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
46.9s C:\KRECYCLE\00030979.KVQ
47.2s C:\KRECYCLE\00030980.KVQ
47.5s C:\KRECYCLE\00030981.KVQ
47.7s C:\KRECYCLE\00030982.KVQ
47.8s C:\ProgramData\Kingsoft\DUBA\
47.8s C:\ProgramData\Kingsoft\DUBA\KScanLog\
47.9s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
48.0s C:\KRECYCLE\00030983.KVQ
49.3s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
50.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
52.1s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
53.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
54.4s C:\KRECYCLE\00030984.KVQ
62.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Users\user\AppData\Local\Temp\is-B6O3T.tmp\up.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:04)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\is-RQFNL.tmp\booster.exe -> Quarantined
Size . . . . . . . : 732.672 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:35:32)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 7E71050C4C18A576EC608F04959853903753A29D1084393A2799258F04195ECE
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\is-V082R.tmp\up.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:13)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\is-VMGLI.tmp\is-VMGLI.tmp.exe -> Quarantined
Size . . . . . . . : 1.105.408 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:33:59)
Entropy . . . . . : 5.6
SHA-256 . . . . . : 5C5AA5C3DA95CEBFE6E532DBB35EA7D115BFE02BE4603A55E2C81C326587CF1D
> Kaspersky . . . . : not-a-virus:AdWare.Win32.StartSurf.xii
Fuzzy . . . . . . : 113.0
C:\Users\user\AppData\Local\Temp\is-VMGLI.tmp\sam__9286_ilCA30F2.exe -> Quarantined
Size . . . . . . . : 1.172.432 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:33:52)
Entropy . . . . . : 6.8
SHA-256 . . . . . : 99C202A5A0889459851AD1B78216966297F95008348083CA4123EE9653337579
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.FileTour.gen
Fuzzy . . . . . . : 106.0
C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:01:48)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-203.0s C:\Windows\Temp\_MEI64842\
-203.0s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-203.0s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-203.0s C:\Windows\Temp\_MEI64842\_bz2.pyd
-203.0s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-203.0s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-203.0s C:\Windows\Temp\_MEI64842\_lzma.pyd
-203.0s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-203.0s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-203.0s C:\Windows\Temp\_MEI64842\_socket.pyd
-203.0s C:\Windows\Temp\_MEI64842\_ssl.pyd
-203.0s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-202.9s C:\Windows\Temp\_MEI64842\python34.dll
-202.9s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-202.9s C:\Windows\Temp\_MEI64842\select.pyd
-202.9s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-202.9s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-202.9s C:\Windows\Temp\_MEI64842\Include\
-202.9s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-202.9s C:\Windows\Temp\_MEI64842\base_library.zip
-202.3s C:\Windows\Temp\secEE60.tmp
-202.3s C:\Windows\Temp\secEE61.tmp
-202.3s C:\Windows\Temp\secEE62.tmp
-202.3s C:\Windows\Temp\secEE63.tmp
-202.3s C:\Windows\Temp\secEE73.tmp
-202.3s C:\Windows\Temp\secEE74.tmp
-202.3s C:\Windows\Temp\secEE75.tmp
-202.3s C:\Windows\Temp\secEE76.tmp
-202.3s C:\Windows\Temp\secEE77.tmp
-202.3s C:\Windows\Temp\secEE78.tmp
-202.3s C:\Windows\Temp\secEE79.tmp
-202.3s C:\Windows\Temp\secEE7A.tmp
-202.2s C:\Windows\Temp\secEE8B.tmp
-202.2s C:\Windows\Temp\secEE8C.tmp
-202.2s C:\Windows\Temp\secEE8D.tmp
-202.2s C:\Windows\Temp\secEE8E.tmp
-202.2s C:\Windows\Temp\secEE8F.tmp
-202.2s C:\Windows\Temp\secEE90.tmp
-202.2s C:\Windows\Temp\secEE91.tmp
-200.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-198.9s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-195.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-194.0s C:\Windows\Temp\WAXE53.tmp
-172.9s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-169.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-168.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-168.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-164.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-164.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-160.8s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-157.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-157.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-135.8s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-131.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-131.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-130.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-126.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-126.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-126.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-126.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-118.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-111.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-111.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-111.0s C:\Windows\Temp\_MEI67202\
-111.0s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
|
|
10.07.2017, 21:24
| #13 |
| | Ungewünschte Pop-Ups in Chrome und EdgeCode:
ATTFilter -24.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
-24.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
-24.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
-23.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
-23.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
-23.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
-22.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
-22.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
-22.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
-22.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
-21.8s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
-21.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
-20.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
-20.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
-20.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
-20.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
-19.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
-19.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
-19.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
-18.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
-17.8s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
-17.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
-16.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
-16.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
-16.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
-15.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
-12.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
-10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
-10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
-9.8s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
-9.7s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
-9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
-9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
-9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
-9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
-9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
-9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
-9.2s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
-9.2s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
-9.1s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
-8.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
-8.8s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
-8.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
-8.6s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
-8.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
-8.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
-6.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
-6.4s C:\Users\user\AppData\Local\Temp\647C.tmp
-6.0s C:\Program Files\KZFZHJ3JTA\cast.config
-5.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
-5.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
-5.3s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
-4.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
-2.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
-1.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
-1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
-0.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
-0.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
-0.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
-0.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
0.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
0.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
0.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
0.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
1.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
1.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
2.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
3.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
3.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
4.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
4.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
5.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
5.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
5.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
6.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
6.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
7.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
7.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
8.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
8.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
8.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
8.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
8.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
12.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
14.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
14.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
14.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
14.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
15.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
16.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
17.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
17.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
17.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
17.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
17.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
22.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
23.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
23.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
24.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
25.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
25.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
26.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
27.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
27.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
27.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
27.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
28.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
28.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
28.7s C:\Users\user\AppData\Local\Temp\mbam\
28.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
29.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
29.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
29.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
29.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
30.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
31.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
31.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
31.8s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
32.3s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
32.3s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
33.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
35.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
35.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
35.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
36.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
36.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
36.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
37.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
37.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
38.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
39.1s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
39.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
40.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
42.1s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
42.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
43.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
46.9s C:\KRECYCLE\00030979.KVQ
47.2s C:\KRECYCLE\00030980.KVQ
47.5s C:\KRECYCLE\00030981.KVQ
47.7s C:\KRECYCLE\00030982.KVQ
47.8s C:\ProgramData\Kingsoft\DUBA\
47.8s C:\ProgramData\Kingsoft\DUBA\KScanLog\
47.9s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
48.0s C:\KRECYCLE\00030983.KVQ
49.3s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
50.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
52.1s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
53.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
54.4s C:\KRECYCLE\00030984.KVQ
62.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Users\user\AppData\Local\Temp\is-B6O3T.tmp\up.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:04)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\is-RQFNL.tmp\booster.exe -> Quarantined
Size . . . . . . . : 732.672 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:35:32)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 7E71050C4C18A576EC608F04959853903753A29D1084393A2799258F04195ECE
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\is-V082R.tmp\up.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:37:13)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
C:\Users\user\AppData\Local\Temp\is-VMGLI.tmp\is-VMGLI.tmp.exe -> Quarantined
Size . . . . . . . : 1.105.408 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:33:59)
Entropy . . . . . : 5.6
SHA-256 . . . . . : 5C5AA5C3DA95CEBFE6E532DBB35EA7D115BFE02BE4603A55E2C81C326587CF1D
> Kaspersky . . . . : not-a-virus:AdWare.Win32.StartSurf.xii
Fuzzy . . . . . . : 113.0
C:\Users\user\AppData\Local\Temp\is-VMGLI.tmp\sam__9286_ilCA30F2.exe -> Quarantined
Size . . . . . . . : 1.172.432 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:33:52)
Entropy . . . . . : 6.8
SHA-256 . . . . . : 99C202A5A0889459851AD1B78216966297F95008348083CA4123EE9653337579
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.FileTour.gen
Fuzzy . . . . . . : 106.0
C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:01:48)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-203.0s C:\Windows\Temp\_MEI64842\
-203.0s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-203.0s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-203.0s C:\Windows\Temp\_MEI64842\_bz2.pyd
-203.0s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-203.0s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-203.0s C:\Windows\Temp\_MEI64842\_lzma.pyd
-203.0s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-203.0s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-203.0s C:\Windows\Temp\_MEI64842\_socket.pyd
-203.0s C:\Windows\Temp\_MEI64842\_ssl.pyd
-203.0s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-202.9s C:\Windows\Temp\_MEI64842\python34.dll
-202.9s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-202.9s C:\Windows\Temp\_MEI64842\select.pyd
-202.9s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-202.9s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-202.9s C:\Windows\Temp\_MEI64842\Include\
-202.9s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-202.9s C:\Windows\Temp\_MEI64842\base_library.zip
-202.3s C:\Windows\Temp\secEE60.tmp
-202.3s C:\Windows\Temp\secEE61.tmp
-202.3s C:\Windows\Temp\secEE62.tmp
-202.3s C:\Windows\Temp\secEE63.tmp
-202.3s C:\Windows\Temp\secEE73.tmp
-202.3s C:\Windows\Temp\secEE74.tmp
-202.3s C:\Windows\Temp\secEE75.tmp
-202.3s C:\Windows\Temp\secEE76.tmp
-202.3s C:\Windows\Temp\secEE77.tmp
-202.3s C:\Windows\Temp\secEE78.tmp
-202.3s C:\Windows\Temp\secEE79.tmp
-202.3s C:\Windows\Temp\secEE7A.tmp
-202.2s C:\Windows\Temp\secEE8B.tmp
-202.2s C:\Windows\Temp\secEE8C.tmp
-202.2s C:\Windows\Temp\secEE8D.tmp
-202.2s C:\Windows\Temp\secEE8E.tmp
-202.2s C:\Windows\Temp\secEE8F.tmp
-202.2s C:\Windows\Temp\secEE90.tmp
-202.2s C:\Windows\Temp\secEE91.tmp
-200.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-198.9s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-195.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-194.0s C:\Windows\Temp\WAXE53.tmp
-172.9s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-169.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-168.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-168.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-164.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-164.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-160.8s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-157.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-157.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-135.8s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-131.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-131.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-130.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-126.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-126.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-126.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-126.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-118.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-111.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-111.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-111.0s C:\Windows\Temp\_MEI67202\
-111.0s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-111.0s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-111.0s C:\Windows\Temp\_MEI67202\_bz2.pyd
-111.0s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-111.0s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-111.0s C:\Windows\Temp\_MEI67202\_lzma.pyd
-111.0s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-111.0s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-111.0s C:\Windows\Temp\_MEI67202\_socket.pyd
-110.9s C:\Windows\Temp\_MEI67202\_ssl.pyd
-110.9s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-110.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-110.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-110.9s C:\Windows\Temp\_MEI67202\python34.dll
-110.9s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-110.9s C:\Windows\Temp\_MEI67202\select.pyd
-110.9s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-110.9s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-110.9s C:\Windows\Temp\_MEI67202\base_library.zip
-110.9s C:\Windows\Temp\_MEI67202\Include\
-110.9s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-110.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-110.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-107.3s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-107.3s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-105.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-105.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-104.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-103.6s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-101.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-101.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-101.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-101.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-99.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-98.7s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-98.5s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-98.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-96.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-96.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-95.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-95.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-94.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-94.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-92.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-92.4s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-91.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-91.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-89.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-85.4s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-83.4s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-82.8s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-82.2s C:\Program Files\5QZG3OJ0TS\
-79.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-76.2s C:\Users\user\AppData\Roaming\qa051vpwh05\
-74.5s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-71.5s C:\Program Files\LMCMPM4PUO\
-71.2s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-71.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-70.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-70.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-70.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-66.8s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-66.8s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-64.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-64.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-64.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-64.2s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-61.8s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
-60.6s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
-60.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
-60.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
-59.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
-59.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
-59.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
-57.2s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
-57.0s C:\Users\user\AppData\Roaming\xyz02h4odhk\
-56.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
-55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
-55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
-55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
-55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
-55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
-55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
-54.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
-54.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
-53.2s C:\Program Files\LMCMPM4PUO\uninstaller.exe
-52.7s C:\Program Files\KZFZHJ3JTA\
-51.9s C:\Program Files\5QZG3OJ0TS\cast.config
-49.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
-48.0s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
-47.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
-47.4s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
-47.2s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
-47.2s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
-46.9s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
-46.7s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
-46.1s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
-45.9s C:\Users\user\AppData\Local\Temp\3CSINwA73\
-45.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
-45.6s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
-45.6s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
-45.2s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
-45.2s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
-43.1s C:\Program Files\LMCMPM4PUO\cast.config
-39.9s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
-38.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
-36.0s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
-35.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
-35.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
-35.5s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
-35.3s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
-34.8s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
-34.6s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
-34.6s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
-34.0s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
-34.0s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
-33.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
-29.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
-29.2s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
-29.2s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
-29.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
-28.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
-27.4s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
-26.8s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
-24.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
-23.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
-23.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
-23.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
-23.1s C:\ProgramData\Malwarebytes\MBAMService\tmp\
-21.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
-20.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
-20.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
-19.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
-19.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
-18.8s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
-18.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-18.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-15.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
-15.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
-15.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
-12.5s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
-12.5s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
-12.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
-12.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
-11.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
-11.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
-11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
-11.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
-10.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
-10.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
-9.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
-9.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-9.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-9.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
-8.2s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
-8.2s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
-8.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-8.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-6.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
-6.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
-6.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
-5.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
-4.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
-4.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
-3.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
-3.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
-3.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
-2.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
-2.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
-2.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
-2.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
-1.8s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
-1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
-0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
-0.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
-0.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
0.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
0.2s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
0.2s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
2.2s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
3.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
3.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
3.9s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
3.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
4.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
8.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
9.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
9.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
10.2s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
10.3s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
10.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
10.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
10.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
10.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
10.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
10.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
10.7s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
10.7s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
10.8s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
11.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
11.2s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
11.4s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
11.7s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
11.7s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
13.5s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
13.5s C:\Users\user\AppData\Local\Temp\647C.tmp
14.0s C:\Program Files\KZFZHJ3JTA\cast.config
14.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
14.3s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
14.7s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
15.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
18.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
18.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
18.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
19.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
19.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
19.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
20.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
20.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
20.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
20.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
20.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
21.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
21.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
21.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
22.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
23.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
23.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
23.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
24.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
24.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
25.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
25.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
25.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
26.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
26.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
27.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
27.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
28.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
28.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
28.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
28.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
28.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
32.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
34.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
34.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
34.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
34.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
35.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
36.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
37.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
37.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
37.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
37.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
37.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
42.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
43.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
43.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
44.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
44.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
45.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
45.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
45.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
45.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
46.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
46.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
47.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
47.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
47.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
48.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
48.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
48.7s C:\Users\user\AppData\Local\Temp\mbam\
48.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
49.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
49.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
49.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
49.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
50.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
51.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
51.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
51.8s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
52.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
52.2s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
53.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
55.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
55.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
55.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
56.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
56.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
56.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
57.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
57.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
58.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
59.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
59.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
60.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
62.0s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
62.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
63.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
66.9s C:\KRECYCLE\00030979.KVQ
67.2s C:\KRECYCLE\00030980.KVQ
67.5s C:\KRECYCLE\00030981.KVQ
67.7s C:\KRECYCLE\00030982.KVQ
67.7s C:\ProgramData\Kingsoft\DUBA\
67.7s C:\ProgramData\Kingsoft\DUBA\KScanLog\
67.9s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
67.9s C:\KRECYCLE\00030983.KVQ
69.3s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
70.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
72.1s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
73.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
74.4s C:\KRECYCLE\00030984.KVQ
82.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:02:22)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-237.3s C:\Windows\Temp\_MEI64842\
-237.3s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-237.3s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-237.3s C:\Windows\Temp\_MEI64842\_bz2.pyd
-237.3s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-237.3s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-237.3s C:\Windows\Temp\_MEI64842\_lzma.pyd
-237.3s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-237.3s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-237.3s C:\Windows\Temp\_MEI64842\_socket.pyd
-237.3s C:\Windows\Temp\_MEI64842\_ssl.pyd
-237.3s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-237.2s C:\Windows\Temp\_MEI64842\python34.dll
-237.2s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-237.2s C:\Windows\Temp\_MEI64842\select.pyd
-237.2s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-237.2s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-237.2s C:\Windows\Temp\_MEI64842\Include\
-237.2s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-237.2s C:\Windows\Temp\_MEI64842\base_library.zip
-236.6s C:\Windows\Temp\secEE60.tmp
-236.6s C:\Windows\Temp\secEE61.tmp
-236.6s C:\Windows\Temp\secEE62.tmp
-236.6s C:\Windows\Temp\secEE63.tmp
-236.6s C:\Windows\Temp\secEE73.tmp
-236.6s C:\Windows\Temp\secEE74.tmp
-236.6s C:\Windows\Temp\secEE75.tmp
-236.6s C:\Windows\Temp\secEE76.tmp
-236.6s C:\Windows\Temp\secEE77.tmp
-236.6s C:\Windows\Temp\secEE78.tmp
-236.6s C:\Windows\Temp\secEE79.tmp
-236.6s C:\Windows\Temp\secEE7A.tmp
-236.6s C:\Windows\Temp\secEE8B.tmp
-236.6s C:\Windows\Temp\secEE8C.tmp
-236.6s C:\Windows\Temp\secEE8D.tmp
-236.6s C:\Windows\Temp\secEE8E.tmp
-236.6s C:\Windows\Temp\secEE8F.tmp
-236.6s C:\Windows\Temp\secEE90.tmp
-236.6s C:\Windows\Temp\secEE91.tmp
-234.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-233.2s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-229.5s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-228.3s C:\Windows\Temp\WAXE53.tmp
-207.3s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-203.7s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-202.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-202.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-199.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-199.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-199.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-199.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-199.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-199.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-195.1s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-191.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-191.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-170.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-165.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-165.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-164.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-163.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-163.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-161.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-161.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-160.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-160.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-152.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-145.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-145.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-145.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-145.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-145.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-145.3s C:\Windows\Temp\_MEI67202\
-145.3s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-145.3s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-145.3s C:\Windows\Temp\_MEI67202\_bz2.pyd
-145.3s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-145.3s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-145.3s C:\Windows\Temp\_MEI67202\_lzma.pyd
-145.3s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-145.3s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-145.3s C:\Windows\Temp\_MEI67202\_socket.pyd
-145.3s C:\Windows\Temp\_MEI67202\_ssl.pyd
-145.3s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-145.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-145.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-145.2s C:\Windows\Temp\_MEI67202\python34.dll
-145.2s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-145.2s C:\Windows\Temp\_MEI67202\select.pyd
-145.2s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-145.2s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-145.2s C:\Windows\Temp\_MEI67202\base_library.zip
-145.2s C:\Windows\Temp\_MEI67202\Include\
-145.2s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-145.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-145.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-141.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-141.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-140.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-139.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-139.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-138.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-137.9s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-136.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-136.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-136.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-136.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-133.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-133.0s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-132.8s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-132.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-131.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-131.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-129.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-129.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-128.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-128.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-127.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-126.7s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-125.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-125.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-124.1s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-119.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-117.7s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-117.1s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-116.5s C:\Program Files\5QZG3OJ0TS\
-114.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-110.5s C:\Users\user\AppData\Roaming\qa051vpwh05\
-108.8s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-105.9s C:\Program Files\LMCMPM4PUO\
-105.6s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-105.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-105.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-104.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-104.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-101.1s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-101.1s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-99.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-98.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-98.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-98.5s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-96.1s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
-95.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
-94.3s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
-94.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
-94.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
-94.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
-93.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
-91.6s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
-91.3s C:\Users\user\AppData\Roaming\xyz02h4odhk\
-90.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
-90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
-90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
-90.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
-90.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
-88.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
-88.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
-87.6s C:\Program Files\LMCMPM4PUO\uninstaller.exe
-87.0s C:\Program Files\KZFZHJ3JTA\
-86.2s C:\Program Files\5QZG3OJ0TS\cast.config
-84.2s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
-82.3s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
-82.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
-81.7s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
-81.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
-81.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
-81.2s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
-81.0s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
-80.5s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
-80.2s C:\Users\user\AppData\Local\Temp\3CSINwA73\
-79.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
-79.9s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
-79.9s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
-79.6s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
-79.5s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
-77.4s C:\Program Files\LMCMPM4PUO\cast.config
-74.3s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
-72.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
-70.3s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
-70.2s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
-70.1s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
-69.8s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
-69.6s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
-69.1s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
-68.9s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
-68.9s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
-68.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
-68.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
-67.3s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
-63.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
-63.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
-63.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
-63.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
-63.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
-61.7s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
-61.1s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
-58.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
-57.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
-57.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
-57.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
-57.4s C:\ProgramData\Malwarebytes\MBAMService\tmp\
-56.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
-55.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
-55.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
-54.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
-53.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
-53.1s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
-53.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-52.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-49.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
-49.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
-49.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
-46.8s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
-46.8s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
-46.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
-46.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
-46.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
-46.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
-45.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
-45.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
|
|
10.07.2017, 21:25
| #14 |
| | Ungewünschte Pop-Ups in Chrome und EdgeCode:
ATTFilter -44.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
-44.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
-44.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
-43.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-43.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-43.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
-42.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
-42.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
-42.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-42.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
-40.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
-40.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
-39.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
-39.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
-38.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
-37.9s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
-37.3s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
-37.3s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
-37.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
-36.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
-36.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
-36.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
-36.1s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
-35.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
-35.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
-34.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
-34.3s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
-34.3s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
-34.2s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
-34.1s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
-33.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
-33.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
-32.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
-31.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
-30.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
-30.4s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
-30.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
-29.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
-26.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
-24.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
-24.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
-24.1s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
-24.0s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
-23.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
-23.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
-23.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
-23.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
-23.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
-23.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
-23.6s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
-23.6s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
-23.5s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
-23.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
-23.1s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
-22.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
-22.9s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
-22.6s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
-22.6s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
-20.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
-20.8s C:\Users\user\AppData\Local\Temp\647C.tmp
-20.3s C:\Program Files\KZFZHJ3JTA\cast.config
-20.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
-20.0s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
-19.7s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
-19.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
-16.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
-16.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
-15.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
-14.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
-14.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
-14.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
-14.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
-14.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
-13.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
-13.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
-13.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
-12.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
-12.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
-12.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
-12.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
-10.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
-10.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
-10.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
-10.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
-9.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
-9.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
-9.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
-8.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
-8.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
-8.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
-7.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
-6.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
-6.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
-5.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
-5.6s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
-5.6s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
-5.4s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
-1.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
-0.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
0.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
0.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
0.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
1.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
2.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
3.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
3.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
3.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
3.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
8.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
8.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
8.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
9.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
10.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
10.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
10.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
11.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
11.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
12.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
12.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
12.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
13.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
13.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
13.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
13.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
14.4s C:\Users\user\AppData\Local\Temp\mbam\
14.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
15.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
15.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
15.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
15.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
16.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
16.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
17.1s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
17.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
17.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
17.9s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
19.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
20.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
21.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
21.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
21.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
22.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
22.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
23.2s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
23.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
24.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
24.7s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
25.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
25.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
27.7s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
28.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
29.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
32.5s C:\KRECYCLE\00030979.KVQ
32.9s C:\KRECYCLE\00030980.KVQ
33.1s C:\KRECYCLE\00030981.KVQ
33.4s C:\KRECYCLE\00030982.KVQ
33.4s C:\ProgramData\Kingsoft\DUBA\
33.4s C:\ProgramData\Kingsoft\DUBA\KScanLog\
33.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
33.6s C:\KRECYCLE\00030983.KVQ
35.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
36.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
37.8s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
38.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
40.1s C:\KRECYCLE\00030984.KVQ
47.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe -> Quarantined
Size . . . . . . . : 347.648 bytes
Age . . . . . . . : 0.3 days (2017-07-07 12:01:48)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
Product . . . . . : EA1W2A3Q
Publisher . . . . : EA1W2A
Description . . . : E
Version . . . . . : 8.6.4.7
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 102.0
Forensic Cluster
-203.2s C:\Windows\Temp\_MEI64842\
-203.2s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
-203.2s C:\Windows\Temp\_MEI64842\MSVCR100.dll
-203.2s C:\Windows\Temp\_MEI64842\_bz2.pyd
-203.2s C:\Windows\Temp\_MEI64842\_ctypes.pyd
-203.1s C:\Windows\Temp\_MEI64842\_hashlib.pyd
-203.1s C:\Windows\Temp\_MEI64842\_lzma.pyd
-203.1s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
-203.1s C:\Windows\Temp\_MEI64842\_overlapped.pyd
-203.1s C:\Windows\Temp\_MEI64842\_socket.pyd
-203.1s C:\Windows\Temp\_MEI64842\_ssl.pyd
-203.1s C:\Windows\Temp\_MEI64842\pyexpat.pyd
-203.1s C:\Windows\Temp\_MEI64842\python34.dll
-203.1s C:\Windows\Temp\_MEI64842\pywintypes34.dll
-203.1s C:\Windows\Temp\_MEI64842\select.pyd
-203.1s C:\Windows\Temp\_MEI64842\unicodedata.pyd
-203.1s C:\Windows\Temp\_MEI64842\win32wnet.pyd
-203.1s C:\Windows\Temp\_MEI64842\Include\
-203.1s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
-203.1s C:\Windows\Temp\_MEI64842\base_library.zip
-202.4s C:\Windows\Temp\secEE60.tmp
-202.4s C:\Windows\Temp\secEE61.tmp
-202.4s C:\Windows\Temp\secEE62.tmp
-202.4s C:\Windows\Temp\secEE63.tmp
-202.4s C:\Windows\Temp\secEE73.tmp
-202.4s C:\Windows\Temp\secEE74.tmp
-202.4s C:\Windows\Temp\secEE75.tmp
-202.4s C:\Windows\Temp\secEE76.tmp
-202.4s C:\Windows\Temp\secEE77.tmp
-202.4s C:\Windows\Temp\secEE78.tmp
-202.4s C:\Windows\Temp\secEE79.tmp
-202.4s C:\Windows\Temp\secEE7A.tmp
-202.4s C:\Windows\Temp\secEE8B.tmp
-202.4s C:\Windows\Temp\secEE8C.tmp
-202.4s C:\Windows\Temp\secEE8D.tmp
-202.4s C:\Windows\Temp\secEE8E.tmp
-202.4s C:\Windows\Temp\secEE8F.tmp
-202.4s C:\Windows\Temp\secEE90.tmp
-202.4s C:\Windows\Temp\secEE91.tmp
-200.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
-199.0s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
-195.3s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
-194.2s C:\Windows\Temp\WAXE53.tmp
-173.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
-169.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-168.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-168.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-165.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
-165.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
-165.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
-165.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
-164.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-164.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-161.0s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
-157.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
-157.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-135.9s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
-131.7s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-131.7s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-130.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
-129.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
-129.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
-127.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
-127.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
-126.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
-126.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
-118.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
-111.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
-111.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
-111.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
-111.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
-111.6s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
-111.2s C:\Windows\Temp\_MEI67202\
-111.2s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
-111.2s C:\Windows\Temp\_MEI67202\MSVCR100.dll
-111.2s C:\Windows\Temp\_MEI67202\_bz2.pyd
-111.2s C:\Windows\Temp\_MEI67202\_ctypes.pyd
-111.1s C:\Windows\Temp\_MEI67202\_hashlib.pyd
-111.1s C:\Windows\Temp\_MEI67202\_lzma.pyd
-111.1s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
-111.1s C:\Windows\Temp\_MEI67202\_overlapped.pyd
-111.1s C:\Windows\Temp\_MEI67202\_socket.pyd
-111.1s C:\Windows\Temp\_MEI67202\_ssl.pyd
-111.1s C:\Windows\Temp\_MEI67202\pyexpat.pyd
-111.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-111.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
-111.1s C:\Windows\Temp\_MEI67202\python34.dll
-111.1s C:\Windows\Temp\_MEI67202\pywintypes34.dll
-111.1s C:\Windows\Temp\_MEI67202\select.pyd
-111.0s C:\Windows\Temp\_MEI67202\unicodedata.pyd
-111.0s C:\Windows\Temp\_MEI67202\win32wnet.pyd
-111.0s C:\Windows\Temp\_MEI67202\base_library.zip
-111.0s C:\Windows\Temp\_MEI67202\Include\
-111.0s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
-110.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
-110.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
-107.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
-107.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
-105.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
-105.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-105.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
-104.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
-103.8s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
-101.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
-101.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
-101.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-101.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
-99.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
-98.9s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
-98.6s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
-98.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
-96.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-96.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
-95.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
-95.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
-94.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-94.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
-93.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
-92.5s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
-91.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-91.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
-90.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
-85.5s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
-83.6s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
-83.0s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
-82.3s C:\Program Files\5QZG3OJ0TS\
-80.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
-76.4s C:\Users\user\AppData\Roaming\qa051vpwh05\
-74.6s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
-71.7s C:\Program Files\LMCMPM4PUO\
-71.4s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
-71.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
-71.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
-70.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
-70.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
-67.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
-67.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
-64.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
-64.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
-64.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
-64.3s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
-62.0s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
-60.8s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
-60.2s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
-60.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
-59.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
-59.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
-59.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
-57.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
-57.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\
-56.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
-56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
-56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
-56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
-56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
-56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
-56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
-56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
-56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
-54.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
-54.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
-53.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
-52.9s C:\Program Files\KZFZHJ3JTA\
-52.0s C:\Program Files\5QZG3OJ0TS\cast.config
-50.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
-48.1s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
-48.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
-47.5s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
-47.3s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
-47.3s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
-47.0s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
-46.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
-46.3s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
-46.0s C:\Users\user\AppData\Local\Temp\3CSINwA73\
-45.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
-45.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
-45.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
-45.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
-45.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
-43.2s C:\Program Files\LMCMPM4PUO\cast.config
-40.1s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
-38.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
-36.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
-36.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
-36.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
-35.6s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
-35.4s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
-35.0s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
-34.7s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
-34.7s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
-34.1s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
-34.1s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
-33.2s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
-29.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
-29.3s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
-29.3s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
-29.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
-28.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
-27.5s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
-26.9s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
-24.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
-23.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
-23.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
-23.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
-23.3s C:\ProgramData\Malwarebytes\MBAMService\tmp\
-21.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
-21.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
-21.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
-19.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
-19.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
-19.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
-18.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-18.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
-15.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
-15.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
-15.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
-12.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
-12.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
-12.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
-12.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
-12.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
-12.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
-11.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
-11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
-10.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
-10.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
-10.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
-9.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-9.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
-9.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
-8.3s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
-8.3s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
-8.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-8.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
-6.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
-6.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
-6.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
-5.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
-4.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
-4.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
-3.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
-3.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
-3.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
-2.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
-2.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
-2.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
-2.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
-1.9s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
-1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
-1.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
-0.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
-0.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
-0.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
-0.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
0.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
0.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
1.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
2.0s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
2.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
3.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
3.7s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
4.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
7.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
9.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
10.0s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
10.1s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
10.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
10.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
10.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
10.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
10.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
10.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
10.6s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
10.6s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
10.7s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
11.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
11.0s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
11.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
11.2s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
11.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
11.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
13.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
13.4s C:\Users\user\AppData\Local\Temp\647C.tmp
13.8s C:\Program Files\KZFZHJ3JTA\cast.config
13.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
14.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
14.5s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
15.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
17.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
18.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
18.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
19.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
19.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
19.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
19.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
19.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
20.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
20.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
20.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
21.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
21.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
21.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
22.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
23.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
23.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
23.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
23.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
24.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
24.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
25.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
25.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
25.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
26.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
27.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
27.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
28.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
28.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
28.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
28.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
28.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
32.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
34.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
34.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
34.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
34.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
35.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
36.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
36.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
37.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
37.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
37.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
37.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
42.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
42.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
43.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
43.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
44.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
44.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
44.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
45.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
45.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
46.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
46.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
46.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
47.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
47.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
47.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
48.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
48.5s C:\Users\user\AppData\Local\Temp\mbam\
48.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
49.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
49.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
49.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
49.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
50.8s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
50.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
51.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
51.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
52.1s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
52.1s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
53.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
55.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
55.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
55.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
56.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
56.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
56.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
57.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
57.6s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
58.6s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
58.9s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
59.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
60.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
61.9s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
62.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
63.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
66.7s C:\KRECYCLE\00030979.KVQ
67.0s C:\KRECYCLE\00030980.KVQ
67.3s C:\KRECYCLE\00030981.KVQ
67.5s C:\KRECYCLE\00030982.KVQ
67.6s C:\ProgramData\Kingsoft\DUBA\
67.6s C:\ProgramData\Kingsoft\DUBA\KScanLog\
67.7s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
67.8s C:\KRECYCLE\00030983.KVQ
69.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
70.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
71.9s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
72.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
74.2s C:\KRECYCLE\00030984.KVQ
81.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5
C:\Users\user\AppData\Roaming\importantupdates\importantupdates.exe -> Quarantined
Size . . . . . . . : 9.108.480 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:36:37)
Entropy . . . . . : 6.4
SHA-256 . . . . . : 98765771614BF2EEFD08363EE36CC7BF29E032C32855085CE58EB9C24139008D
> Kaspersky . . . . : Trojan.Win32.CoinMiner.qxk
Fuzzy . . . . . . : 113.0
Startup
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\importantupdates
C:\Users\user\Documents\CrystalDiskInfo6_5_2-en.exe -> Quarantined
Size . . . . . . . : 3.908.184 bytes
Age . . . . . . . : 456.0 days (2016-04-07 17:51:32)
Entropy . . . . . : 8.0
SHA-256 . . . . . : D85120697B06F9F235122464DBEE538AE174DF2B70F8C2D8E5D9D8462818F2AE
Product . . . . . : CrystalDiskInfo 6.5.2
Publisher . . . . : Crystal Dew World
Description . . . : CrystalDiskInfo Setup
Version . . . . . : 6.5.2
RSA Key Size . . . : 2048
LanguageID . . . . : 0
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:AdWare.Win32.OpenCandy.lc
Fuzzy . . . . . . : 101.0
C:\Users\user\Documents\Downloads\adwcleaner_5.005.exe -> Quarantined
Size . . . . . . . : 1.654.272 bytes
Age . . . . . . . : 456.0 days (2016-04-07 17:48:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : D46854594FD05E54A4E346B71148A629C425EFCEDFF3F25C074FE4A48694E593
> Kaspersky . . . . : Trojan.Win32.Bayrob.sik
Fuzzy . . . . . . : 114.0
C:\Users\user\Downloads\Vollversion Google Earth Pro - CHIP-Installer.exe -> Quarantined
Size . . . . . . . : 1.496.584 bytes
Age . . . . . . . : 180.8 days (2017-01-07 23:06:31)
Entropy . . . . . : 7.1
SHA-256 . . . . . : D580DDC1BFC9838E4D19EB6CEDA9D0C0A1A67DF88428B01B9A38E083BC04BBB2
Needs elevation . : Yes
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
Fuzzy . . . . . . : 103.0
Suspicious files ____________________________________________________________
C:\jAnrufmonitor\Uninstall.exe
Size . . . . . . . : 309.449 bytes
Age . . . . . . . : 455.3 days (2016-04-08 09:53:06)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 9C21CE39617A6927E10BEB817E029258BA1E5506A5C5311116E254A183234C2B
Needs elevation . : Yes
Fuzzy . . . . . . : 22.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
References
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jAnrufmonitor 5.0\jAnrufmonitor 5.0 entfernen.lnk
C:\Windows\SysWOW64\ac3DX.ax
Size . . . . . . . : 352.768 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:35:35)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 91D95F12C98574FBBB909694175974C2C368ACEC854D80135921C4625EF79D0D
Fuzzy . . . . . . : 23.0
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
The hidden file attribute bit is set. This is not common to most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
C:\Windows\SysWOW64\OptimFROG.dll
Size . . . . . . . : 112.128 bytes
Age . . . . . . . : 0.3 days (2017-07-07 11:35:36)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 59EAB16F0D8F948AD46FB746461A798BF5BB5F83ABB75E3062D90B8F3BEE6559
Fuzzy . . . . . . : 23.0
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
The hidden file attribute bit is set. This is not common to most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
Potential Unwanted Programs _________________________________________________
HKLM\SOFTWARE\Classes\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\ (Baidu) -> Deleted
HKLM\SOFTWARE\Classes\WOW6432Node\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\ (Baidu) -> PendingDelete
HKLM\SOFTWARE\WOW6432Node\Microleaves\ (OnlineIO) -> Deleted
Cookies _____________________________________________________________________
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:262855726.log.optimizely.com
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:optimizely.com
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\02ZAOG2R.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\08VGUIWL.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\0MHFH41Y.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\13IDKXL0.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\142CSUAH.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1BPYXVXJ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1FBVIXB1.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1MPHL25U.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1SKUJQAR.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1V0DJ9SW.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1ZK4ZFBI.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2CDTU369.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2CH4JTB6.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2EXU4IZF.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2OB0XQ0G.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2WJXD2BG.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\37AXNK0S.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\38FL9MKV.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3G97G633.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3MAFBWMB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3XUDUUDG.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4BYGRGBL.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4C6Q0CM5.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4EUTD9MU.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4LUVTS9R.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4PZ9VYL1.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4V629PBQ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4YDDNECO.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\519UJTQV.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\52ZDLXSH.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\5RR4VMYJ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\5Z0XOYFW.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\6CIN8OTL.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\6GNAN7C2.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\6HY1169H.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\6PXX51KW.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\74Z083SF.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\75V9HZWA.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\78GEY18A.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\7V1FR8L5.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\83RNA0MZ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\868MT4JI.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\8E02EEFR.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\8EV1SKZS.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\9371B3MX.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\93IWA97T.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\99FD5KWP.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\99SNPUAX.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\9E09WBFF.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\9L55H9Y3.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\A1WZPSIW.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\A91WC11D.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AEDFH9BX.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AGYEW76O.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AHW1PWJI.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AKQIHJJT.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AP6KQUW6.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\B0F29122.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\B0ZZDHV3.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\B7E3SGPN.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\BO2QXCIQ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\C0X4EJS4.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\C78CBWH7.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\CFK1KHUA.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\CKL1P271.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\CY01M1G2.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\CZFHJG4F.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\D7DCCPBK.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\D8Y5E4D9.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DCEY32EH.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DEQGG8U1.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DLFZM21Y.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DLJ22F75.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\E3XNSFLI.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\E5Z9R1KX.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\EZEFZVD1.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\FXT4CMYD.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GFNB50MJ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GISTRCBN.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GJ55OJ8W.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GJB6I10L.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GLU60DRE.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GNMVIXU9.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GV4YLX48.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\H0RLD68N.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\H80A5RMK.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\I3QZDRH2.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\J34POYI5.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\J785ANRA.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\J8AI9RVQ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\JPVTGD7X.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\K2MQI48H.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\K4F5Y58L.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\K7D1Y0AB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KCR30WF9.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KGOYYZLW.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KIBXX5YM.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KJVC8P3Z.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KK975RD3.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KOW79N72.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KT2DFIFF.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KX6R39GI.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\L1HE9YPC.cookie
Code:
ATTFilter C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\LJPUWGUE.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\LOCJHIZ2.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\0HVGFH5C.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\0O15VTSD.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\0TVLHEQM.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\0VT4A6BY.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\1ATB91UP.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\1DK08BUD.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\1EPBFJCR.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\1WUEEGO3.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\2T3VPXSB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\2Z8YPSRU.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\31FNNZXS.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\33OWH2FB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\3BSB5VQM.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\3CWNJBLJ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\4IBPAGQ7.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\4JVJOZHM.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\4S1Z6DA0.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\52LVH4NS.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\54XIH3NR.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\5JJUI2VG.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\5ZHGUN94.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\64CB4VWR.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\7DSVD88H.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\7RPY2NOQ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\7T21W9O8.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\7W0AKCX5.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\8913DKKD.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\8AJWI9ZQ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\8JMUN50B.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\91KZZHXF.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\96X11T7G.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\9YRYZTKB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\ACXT5OK0.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\AQ5G4Z33.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\B4IIOO89.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\BGMR3EYV.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\BR3XHL4N.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\BY7F9H8H.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\C16ZSXX0.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\CMLFLEUH.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\DAE3AK2C.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\E16BJVWI.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\E7F0722S.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\E8NQTB6Z.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\EEUJ3P2G.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\ESTU3TT9.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\F74QOY52.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\FPIO3W7P.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\GD39Y437.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\GUQWNFMV.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\GYG2LRGA.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\HAX7OSJ6.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\HSYO4S8Z.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\HTUIBIO1.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\I0205UQ9.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\IDW8L24V.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\IEFEZ2HR.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\IT76R7PM.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\JKFA8XQS.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\KHTOO2K7.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\LDTUMX0K.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\LEH16ZLD.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\LQ3G2N3F.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\LRI4JVEH.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\MT89RAQB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\N3MJQ79K.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\N5WRSKRP.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\NP9SFAPE.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\OZF6BECK.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\QQMQVOO1.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\QT4DS9C1.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\QWL2TTFI.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RESHP22M.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RG1B6599.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RO5PW9KW.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RRCCYKSR.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RX1RIYA9.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\S8AI110G.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\SG4U7G3C.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\SNCP66QI.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\T3AYEU0N.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\T7OGOW2B.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\TQUDJPW6.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\TT07QU6N.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\TYYNEKFC.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\UHUEN7NT.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\US6JAA7D.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\X48X20MB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\X8XVC758.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\XMYQ28KJ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\YB7GFSQC.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\YU60QM3D.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\YWYU0HQT.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\Z3HELOQH.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\ZKY64CUN.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\ZSILNGE2.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\LSKWIL8A.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\M3RHE4KB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MJY36CQV.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MLK1VCYR.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MLWJA6II.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MOS5SITZ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MTG9UZFY.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MZPHWPS0.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\N7TS165M.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NEUJYD6O.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NEZIXUL5.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NMIVM27B.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NORSD3FS.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NY37JXMW.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\O26N9M28.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\O38LNDH7.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\OFABKQ74.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\OFCCJGXJ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\OK7N5ANQ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ONJ0GYX0.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\OUROTWKF.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\P7IKK2G3.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\P93J1BIY.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\PB62I65T.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\PJUVMWZ9.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\QFYNBX7M.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\QPA18Y2R.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\QVU9MG85.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\R1OG7BPN.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\R4CDPXLF.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\R74LPZ8B.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RB2JCXP2.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RJG83SZZ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RKEE73LO.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RPIMEZD2.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RVW6BI1J.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RZ3JQU7R.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\SBK2D1KN.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\SHRNCZV2.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\SWVGY0V4.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\T6ANZMZ3.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TBZE0FPJ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TDPN4W9C.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TEHGOC1O.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TIXTUHRB.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TKD65JXS.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TL3U9AW1.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TV53EKW6.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\U8NIB2MQ.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\UDCZOEGF.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\UFBL6LTB.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\user@doubleclick[2].txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\user@flashtalking[2].txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\V077WOKP.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\V5P114HG.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\VEHKVMV7.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\VFCT6CTJ.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\VHTN68PT.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\VM20B54S.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\X9SG6VUB.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\XDVPO3ZW.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\XO5R1IVP.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\XTKHO6TW.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\XUHNK5V6.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Y2YUKN5T.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\YITEUQ52.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\YM0356JV.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\YUVPJX8V.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Z9NEHP0F.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZDZQLEYK.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZJ9PNHF6.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZNGQVMHY.cookie
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZV45GH3V.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZWAXK5FR.txt
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZXGIDGE1.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\03XLTYJ3.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\09H4NWUT.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0BP030M5.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0EWL7MZ2.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0MG1FMXS.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0WO3XLVY.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0Z0JCCFK.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\105JQ1U6.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1I9E3AJD.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1IC1ROZA.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1O824GG3.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1OH6NBR8.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1XKATI94.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\20W8E6IN.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\21KA16N9.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2F2CEG1W.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2JFB5YB1.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2LD8WQH2.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2PB45W0A.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3804XRR5.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3LGTLJ36.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3Q1UXSBA.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\45W512YO.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\468C8GF0.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4923L5MJ.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\49HHJS8C.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4CC0BW1J.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4TQ4JD93.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4WLGHYTC.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4XJ00EPI.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\52C2P9NZ.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\5R0UTF8I.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\5TW3SXA1.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6GZVR9AK.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6H3Z7YOY.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6K4CEBNC.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6UHFLW25.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\738JL3LG.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7C53O1QG.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7ORSE1D5.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7R93TS5H.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7S83SD0W.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7WPTA80T.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7X55XE8S.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7Y71PVEI.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\87HPD38W.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\8JOHWKRM.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\90NG61WS.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\9LYDYPTS.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\9XJ0UE4D.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\A0OL53FM.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\A6MPG0EG.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\A8T1MVFC.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\AH3NSJHP.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\AQPJPH0S.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\B18PFD2K.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\B2Y9975V.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\B31TLLHF.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BCB3WGN1.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BW5E4IK4.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CE6JRWG2.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CFH2BKXT.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CIKYKRR8.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CXLGZEO0.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\D08AH4LK.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\D9PM4LXC.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DL7EKDB7.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DO730JQ4.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DQIBUSZC.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\E011O8KY.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\E15F3QTX.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\E2E0NPPO.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\EAHGPKT4.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\EX1T1L5Y.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\F2OQTSFZ.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\F5629SWF.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FJ14XDDL.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FL2YMUT5.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FOYCU3VW.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\G2CLU8LC.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HEA7ANP7.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HED7HWFP.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HFAHQKK6.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HJU7SNKI.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HOJVNY1T.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HW57C55H.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HX8VCTWE.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\I2WDHWY4.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\INQZ8LUF.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\IWAON9X8.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\IXEKGZ8E.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\J8PRS71D.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JJM4UDVS.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JXEKEM4C.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JXFMZBCJ.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JYFLYSEM.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KPUWB468.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KZ4TYPAD.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\L6X6BP4E.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\L8W4TJ6F.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\LP3IFP5Z.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\M2SVQGWL.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MFABI0CV.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MR17W7HB.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NHAW0FTO.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NKDTR2CS.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NKXB1AA6.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NVNE6ZZ1.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\O6EIQMF8.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OAAORSDL.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OGESD2HX.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OHRL08S8.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\P0FU6D0Z.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PB0C85PL.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PBBKRQKJ.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PQ75PP0V.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PR9ED8E0.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PXY89TN6.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QDW6NZPU.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QOHCFLCG.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QXCTQBQW.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QZW4O512.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\R4FZ880W.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RBM74XBW.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RF28NDF3.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RRFZVETH.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RTUT0H52.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SBFV7M3B.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SGNQWKDP.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SIU7ADEG.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SXFZ9Q1M.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\T3DQVEE1.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\T5D1JZ0M.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\U1SGV8GZ.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\U5C0E6L6.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UCCCXENT.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UD3XJGAK.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UDP4Q73B.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UFOC5XLK.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UPBM7538.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UPF3XXJ9.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\V7MFGPJV.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\V8M5SFOC.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VJWDYL30.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VL97W9DZ.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VWCQD43J.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VYQT7WNV.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\W36TJX2J.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\W7OM4KUM.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\WACRY53K.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\WJD7219N.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\WZTTGOHA.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\XHGCFYE4.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YJ6D81O6.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YSIPQQFC.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ZLRY4RXM.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\1FDJBF97.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\36Y6FQST.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\6R512W2Z.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\ATNVSEQM.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\FD07X6A3.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\HQOBT2G7.txt
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\MOMYLGUL.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\S4FYH7B6.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\VB244LJ6.cookie
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\VVAMK8DX.cookie
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:246059135.log.optimizely.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:ad.ad-srv.net
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:adaptv.advertising.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:adgrx.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:adnxs.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:adsrvr.org
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:advertising.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:agkn.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:bs.serving-sys.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:chango.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:doubleclick.net
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:m6r.eu
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:match.rundsp.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:mathtag.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:openx.net
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:owneriq.net
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:pixel.rubiconproject.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:revsci.net
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:rubiconproject.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:serving-sys.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:simpli.fi
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:tap-secure.rubiconproject.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:tap-t.rubiconproject.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:tubemogul.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:turn.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:virool.com
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:w55c.net
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:yieldlab.net
|
|
10.07.2017, 21:26
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ungewünschte Pop-Ups in Chrome und Edge Logs vom adwCleaner und JRT?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Ungewünschte Pop-Ups in Chrome und Edge |
| adobe, antivirus, askbar, blockiert, cpu, defender, desktop, explorer, flash player, google, home, kaspersky, mozilla, neustart, nodejs, popups, prozesse, realtek, registry, rundll, scan, security, software, svchost.exe, system, temp, windows |
Linear-Darstellung
