| |
| |||||||
Log-Analyse und Auswertung: Windows 10 (21H2): Trojaner tr/ad.firehooker.buWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.02.2022, 12:38
| #1 |
 |  Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Hallo, seit kurzem habe ich zwei Probleme. 1.) Ich erhalte seit kurzem Trojaner Meldungen von Malwarebytes und Restoro. Die Programme sind aber nicht in der Lage das Problem zu lösen. Restoro sagt zwar, Problem gelöst, aber nach einem Neustart ist der Trojaner wieder da. 2.) Mein Browser (egal welcher installiert ist) stürzt nach wenigen Minuten ab. Lässt sich aber wieder starten und bietet die Wiederherstellung der Seite an. Danach kein Absturz mehr. Seit dem dieser Fehler auftritt, lässt sich der Browser auch nicht mehr aktualisieren (ebenfalls egal, welcher Browser installiert ist). Vielleicht hängt das mit meinem ersten Problem zusammen. Ich hoffe, Ihr könnt mir helfen. Vielen Dank. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
durchgeführt von Bernd (Administrator) auf BERND-PC (Hewlett-Packard HP ProDesk 490 G2 MT) (08-02-2022 11:56:45)
Gestartet von C:\Users\Bernd\Desktop
Geladene Profile: Bernd
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.1503 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\copyq.exe <2>
() [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Fred's Software) [Datei ist nicht signiert] C:\Users\Bernd\Downloads\Printkey2000\PRINTKEY2000.EXE
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(MAGIX Software GmbH -> MAGIX) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_873a5dc0a09971a3\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroApp.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroProtection.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroService.exe
(TomTom) [Datei ist nicht signiert] C:\Program Files\TomTom HOME\TTHOMEService.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Printkey2000] => C:\Users\Bernd\Downloads\Printkey2000\PRINTKEY2000.EXE [794112 1999-06-27] (Fred's Software) [Datei ist nicht signiert]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2021-09-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3163248 2022-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Restoro] => C:\Program Files\Restoro\bin\RestoroApp.exe [477728 2021-10-07] (Restoro Ltd -> Restoro) <==== ACHTUNG
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49976 2014-08-01] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3163248 2022-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1023536 2021-01-25] (Digital Wave Ltd -> Digital Wave Ltd)
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe [1151744 2020-08-24] (MAGIX Software GmbH -> MAGIX)
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\Run: [MicrosoftEdgeAutoLaunch_6F58C97F56F83A125F06EE427733DCC5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Print\Monitors\EPSON Stylus S20 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMEAE.DLL [108032 2007-12-07] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
Startup: C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CopyQ.lnk [2015-05-14]
ShortcutTarget: CopyQ.lnk -> C:\Program Files (x86)\CopyQ\copyq.exe () [Datei ist nicht signiert]
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {009C7563-4E5A-4ED0-92F6-BD5746276CDA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0A723C6B-F89A-416E-AA72-65FA19DE8C1B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0CA853B6-19A2-4B44-8389-F16BD88C2227} - System32\Tasks\AllJoyn-RouterdienstRAS-MedientreiberBrowser => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> C:\WINDOWS\Installer\{AA227579-7A44-441B-AEEC-0FD4C021383A}\{A4EC276B-D718-419E-9257-86FDC2610C2A} <==== ACHTUNG
Task: {14A7BAD6-CCD5-4D62-AE05-98967F2D156B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {14F42AE1-D6F1-4323-AF62-8A2C6026247C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Keine Datei)
Task: {185210C0-25E5-4CA1-9027-A7180F2485A5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {201F4B93-251C-481B-9AA6-8E3770E5D8E0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {23D5D549-2DE5-49AC-B896-5F625DF628C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B67DECD-DC0F-46EA-8565-8E6CF452B7ED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2BD14630-CE33-4D52-A464-CB73E2303B6D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe /show (Keine Datei)
Task: {3316D625-3A4E-407D-8358-5011E845EED0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3433EAB3-8D2F-4E86-AF19-D2110C415353} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Keine Datei)
Task: {397E0A00-A7C5-43C3-8585-F3451C09DBE0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3B07FB3F-EF9F-4F54-AF31-83CC02E4EA96} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bernd.diessel@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {3BBA17D8-8E6C-4998-9DDB-E3EE5AA39BF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-07] (Google LLC -> Google LLC)
Task: {3D05E1D8-1FDA-4073-9861-827B7110B1EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r (Keine Datei)
Task: {4A268B2F-D1C0-4BA7-840A-D507129C8615} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Keine Datei)
Task: {4BE2F791-673B-4735-BAFC-F448C1E97D15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-01-20] (HP Inc. -> HP Inc.)
Task: {5B6E1EB2-B507-40AD-B711-2AB8D77FBF1C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5D06FEE8-91B9-42D4-887D-117BB46BA64B} - System32\Tasks\Xbox Antwort Ereignisse => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{683CF574-7D2D-4EE8-9246-36E1E470A210}\{F1016E61-132D-41E2-AA7E-71F7B55AC36D}" <==== ACHTUNG
Task: {5D940C29-8F77-41D8-9DA4-62AF2A72E57E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {5F1B5B4C-0467-4C70-9EC2-861E7E5EE602} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6C3F1C0B-A88F-432C-8FF4-F0D53FF6FBFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m (Keine Datei)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70C80C91-BB5A-4DA0-A676-2E63248FB7A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-07] (Google LLC -> Google LLC)
Task: {73B8F15D-68B6-4DF6-97CE-5F68C9D1AA29} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {85C6379D-9055-42AA-8A32-1D2D1F270CA0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9076341D-0D3A-4E85-A9ED-A9FD9779D7E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {979979E9-8D28-4CC5-B038-19DBD6D5B27A} - System32\Tasks\Opera scheduled Autoupdate 1592151335 => C:\Users\Bernd\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {9A412DEA-A86B-4111-8984-5148030DF7D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.)
Task: {A2272422-033F-49D8-99A2-91BA8FD84F41} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A57A5B30-AC17-40C4-96FF-15100CF2B18A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Keine Datei)
Task: {AB3A673B-7BAE-458C-B775-F2CD5A51CEF9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {B1ED76D3-1FE7-43FF-B2A1-84CC8B873EB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (Keine Datei)
Task: {B32D2B8B-6C2C-4C20-B001-DF1A3B70060B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {BC8DFE1D-CEAE-4EC1-84F7-1781A7E8A2D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Keine Datei)
Task: {BD649FA3-3ECC-4018-BE22-75B7B29A48E4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CABA7B0B-57F5-4859-84F1-41CA4B1CC23B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CDA21298-ACAA-4B83-91E3-D3D4219A1761} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF819E11-B878-4D0B-ABA5-93228E7EBEFF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DB7B8D8A-9B21-40E8-B0BF-69559742A314} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DDEE3739-7064-42EC-ACC5-60AF5C49BB9E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DEC80DB4-6876-41CE-AC48-BBDFA57C9AA5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E1A5584A-12C3-45BB-810D-5F63DF9530B5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E71BDB27-8D13-4D63-A95F-87B82481106B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{def70ba9-7d4e-4fa0-acfd-9785925ad1c1}: [DhcpNameServer] 192.168.178.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
Edge:
=======
DownloadDir: C:\Users\Bernd\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Bernd\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-08]
Edge DownloadDir: Default -> C:\Users\Bernd\Downloads
Edge Notifications: Default -> hxxps://www.youtube.com
Edge Extension: (Microsoft Defender Browser Protection) - C:\Users\Bernd\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2020-12-15]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Bernd\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-25]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: or9bf29i.default-1469467026629-1533398226752
FF ProfilePath: C:\Users\Bernd\AppData\Roaming\TomTom\HOME\Profiles\y60dw1zp.default [2020-03-08]
FF Extension: (Emulator) - C:\Users\Bernd\AppData\Roaming\TomTom\HOME\Profiles\y60dw1zp.default\Extensions\Navcore.9.540.1497205@tomtom.com [2016-07-05] [] [ist nicht signiert]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\lzd2u46l.default-release-1644065791433 [2022-02-08]
FF user.js: detected! => C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\lzd2u46l.default-release-1644065791433\user.js [2022-02-07]
FF ProfilePath: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\or9bf29i.default-1469467026629-1533398226752 [2022-02-08]
FF user.js: detected! => C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\or9bf29i.default-1469467026629-1533398226752\user.js [2021-05-30]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\or9bf29i.default-1469467026629-1533398226752\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-05-30]
FF HKLM\...\Firefox\Extensions: [{63289A21-D8E6-4D3B-BDFE-3396CC549426}] - C:\WINDOWS\Installer\{5089B123-334F-4C60-81D3-33719AAF3950}\{63289A21-D8E6-4D3B-BDFE-3396CC549426}.xpi
FF Extension: ( ) - C:\WINDOWS\Installer\{5089B123-334F-4C60-81D3-33719AAF3950}\{63289A21-D8E6-4D3B-BDFE-3396CC549426}.xpi [2022-02-08]
FF HKLM-x32\...\Firefox\Extensions: [{63289A21-D8E6-4D3B-BDFE-3396CC549426}] - C:\WINDOWS\Installer\{5089B123-334F-4C60-81D3-33719AAF3950}\{63289A21-D8E6-4D3B-BDFE-3396CC549426}.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-308046B0AF4A39CB -
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default [2022-02-07]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://my-secure.justanswer.de; hxxps://www.ashampoo.com; hxxps://www.auto-motor-und-sport.de; hxxps://www.businessinsider.de; hxxps://www.conrad.de; hxxps://www.dvderotik.com; hxxps://www.facebook.com; hxxps://www.news38.de; hxxps://www.windows-faq.de; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Extension: (Präsentationen) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (Microsoft Defender Browser Protection) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2020-06-04]
CHR Extension: (YouTube) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-30]
CHR Extension: (Avira Password Manager) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-12-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-12-06]
CHR Extension: (Tabellen) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-16]
CHR Extension: (CKP - KeePass integration for Chrome™) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnfepbjehgokldcaljagbmchhnaaogpc [2017-06-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-04-14]
CHR Profile: C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-14]
CHR HKU\S-1-5-21-4071651455-2038161318-6637332-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
StartMenuInternet: Google Chrome -
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [117168 2015-08-07] (Andrea Electronics -> Andrea Electronics Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437800 2021-01-25] (Digital Wave Ltd -> Digital Wave Ltd)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [27784 2022-01-19] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{B6C9EDCD-1AC4-4FB0-A3DC-FA95B844CCE5} [21312 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [756216 2021-12-14] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [755192 2021-12-14] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [753184 2021-12-14] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [755192 2021-12-14] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-25] (HP Inc. -> HP Inc.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 RestoroActiveProtection; C:\Program Files\Restoro\bin\RestoroProtection.exe [9310216 2021-02-07] (Restoro Ltd -> Restoro) <==== ACHTUNG
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6136536 2022-01-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_873a5dc0a09971a3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_873a5dc0a09971a3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 wfcs; "C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2020-12-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [60928 2012-07-06] (Microsoft Windows Hardware Compatibility Publisher -> GenesysLogic)
R3 IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [58880 2008-07-31] (Microsoft Windows Hardware Compatibility Publisher -> Infineon Technologies AG)
S3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [Datei ist nicht signiert]
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller FREE\IFS64.sys [40520 2018-11-19] (Ashampoo GmbH & Co. KG -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-02-08 11:55 - 2022-02-08 11:57 - 000033993 _____ C:\Users\Bernd\Desktop\FRST.txt
2022-02-08 11:46 - 2022-02-08 11:57 - 000000000 ____D C:\FRST
2022-02-08 11:45 - 2022-02-08 11:45 - 002311680 _____ (Farbar) C:\Users\Bernd\Desktop\FRST64.exe
2022-02-08 11:28 - 2022-02-08 11:28 - 098566144 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-02-05 17:59 - 2022-02-07 19:58 - 000000000 _____ C:\WINDOWS\system32\Restoro.rep
2022-02-05 17:45 - 2022-02-07 19:47 - 000022808 _____ C:\WINDOWS\system32\Native.exe
2022-02-05 17:30 - 2022-02-05 17:30 - 000001789 _____ C:\Users\Public\Desktop\Restoro.lnk
2022-02-05 17:30 - 2022-02-05 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restoro
2022-02-05 17:30 - 2022-02-05 17:30 - 000000000 ____D C:\Program Files\Restoro
2022-02-05 17:29 - 2022-02-07 19:56 - 000000168 _____ C:\WINDOWS\restoro.ini
2022-02-05 17:29 - 2022-02-07 19:56 - 000000000 ____D C:\ProgramData\Restoro
2022-02-05 17:29 - 2022-02-05 17:29 - 000932808 _____ (Restoro) C:\Users\Bernd\Downloads\Restoro.exe
2022-02-05 13:54 - 2022-02-07 12:46 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-05 13:52 - 2022-02-05 13:52 - 000333976 _____ (Mozilla) C:\Users\Bernd\Downloads\Firefox Installer.exe
2022-02-05 12:54 - 2022-02-05 12:54 - 000000112 ___SH C:\bootTel.dat
2022-02-05 12:44 - 2022-02-05 12:44 - 000000000 ____D C:\Users\Bernd\AppData\Local\ToolKitMain
2022-02-05 12:43 - 2022-02-05 12:43 - 000001491 _____ C:\Users\Public\Desktop\EaseUS Partition Master Suite.lnk
2022-02-05 12:43 - 2022-02-05 12:43 - 000000000 ____D C:\Users\Bernd\AppData\Local\unali-339875
2022-02-05 12:43 - 2022-02-05 12:43 - 000000000 ____D C:\ProgramData\SystemAcCrux
2022-02-05 12:43 - 2022-02-05 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master Suite
2022-02-05 12:43 - 2022-02-05 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master
2022-02-05 12:43 - 2022-01-13 13:02 - 006009480 _____ C:\WINDOWS\system32\BootMan.exe
2022-02-05 12:43 - 2022-01-13 13:02 - 003994760 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2022-02-05 12:43 - 2022-01-13 13:02 - 000024712 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2022-02-05 12:43 - 2022-01-13 13:02 - 000021128 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2022-02-05 12:43 - 2021-10-27 11:02 - 000174216 _____ C:\WINDOWS\system32\setupepmdrvx64.exe
2022-02-05 12:43 - 2020-12-16 09:03 - 000000057 _____ C:\WINDOWS\system32\setupepmdrv.ini
2022-02-05 12:43 - 2020-12-08 00:00 - 000076344 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUDCPEPM.sys
2022-02-05 12:43 - 2020-02-23 14:54 - 000033712 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUEDKEPM.sys
2022-02-05 12:43 - 2020-02-23 14:49 - 000036280 _____ C:\WINDOWS\system32\epmdkdrv.sys
2022-02-05 12:43 - 2020-02-23 14:49 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\EPMVolFl.sys
2022-02-05 12:31 - 2022-02-05 12:43 - 000000000 ____D C:\Program Files (x86)\EaseUS
2022-02-05 12:30 - 2022-02-05 12:30 - 078141888 _____ (EaseUS ) C:\Users\Bernd\Downloads\epm_suite_freeA19.exe
2022-02-05 12:29 - 2022-02-05 12:29 - 001943336 _____ C:\Users\Bernd\Downloads\epm_free_install_20220205.24523.exe
2022-02-02 13:26 - 2022-02-02 13:26 - 000320411 _____ C:\Users\Bernd\Downloads\mp3DC236.exe
2022-01-28 15:27 - 2022-01-28 15:27 - 000001291 _____ C:\Users\Bernd\Desktop\SDI_x64_R2201.exe - Verknüpfung.lnk
2022-01-28 15:26 - 2021-11-03 07:29 - 009906728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2022-01-27 14:46 - 2022-01-27 14:46 - 000011805 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-27 14:45 - 2022-01-27 14:45 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-01-27 14:44 - 2022-01-27 14:44 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-01-27 14:44 - 2022-01-27 14:44 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-01-27 14:44 - 2022-01-27 14:44 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-01-27 14:09 - 2022-01-27 14:09 - 000000000 ___HD C:\$WinREAgent
2022-01-22 14:25 - 2022-01-22 14:25 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-01-22 14:21 - 2022-01-22 14:21 - 000000020 ___SH C:\Users\Bernd\ntuser.ini
2022-01-22 14:19 - 2022-02-08 11:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-22 14:19 - 2022-02-05 18:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-01-22 14:19 - 2022-01-26 17:24 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4071651455-2038161318-6637332-1001
2022-01-22 14:19 - 2022-01-26 17:24 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4071651455-2038161318-6637332-1001
2022-01-22 14:19 - 2022-01-23 13:09 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-23 13:09 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-23 13:09 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-23 13:09 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-23 13:09 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-23 13:09 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-23 13:09 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-23 13:09 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-23 13:09 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 14:19 - 2022-01-22 14:20 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-22 14:19 - 2022-01-22 14:20 - 000002846 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4071651455-2038161318-6637332-500
2022-01-22 14:19 - 2022-01-22 14:19 - 000004294 _____ C:\WINDOWS\system32\Tasks\Xbox Antwort Ereignisse
2022-01-22 14:19 - 2022-01-22 14:19 - 000003620 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-22 14:19 - 2022-01-22 14:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1592151335
2022-01-22 14:19 - 2022-01-22 14:19 - 000003570 _____ C:\WINDOWS\system32\Tasks\AllJoyn-RouterdienstRAS-MedientreiberBrowser
2022-01-22 14:19 - 2022-01-22 14:19 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7f28b5bdff767
2022-01-22 14:19 - 2022-01-22 14:19 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-22 14:19 - 2022-01-22 14:19 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-22 14:19 - 2022-01-22 14:19 - 000003396 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-22 14:19 - 2022-01-22 14:19 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2022-01-22 14:19 - 2022-01-22 14:19 - 000002934 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4071651455-2038161318-6637332-1001
2022-01-22 14:19 - 2022-01-22 14:19 - 000002806 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bernd.diessel@gmail.com
2022-01-22 14:19 - 2022-01-22 14:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Western Digital
2022-01-22 14:19 - 2022-01-22 14:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-4071651455-2038161318-6637332-1001
2022-01-22 14:19 - 2022-01-22 14:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-01-22 14:19 - 2022-01-22 14:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-01-22 14:15 - 2022-01-22 14:19 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-01-22 14:15 - 2022-01-22 14:19 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-01-22 14:06 - 2022-01-27 15:18 - 001855942 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-22 13:51 - 2022-01-22 13:51 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-01-22 13:50 - 2022-01-22 13:50 - 000002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2022-01-22 13:45 - 2022-02-08 11:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-22 13:45 - 2022-01-27 15:12 - 000927008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-22 13:13 - 2022-01-22 13:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-01-22 13:12 - 2022-02-05 12:48 - 000000000 ____D C:\Users\Bernd
2022-01-22 13:12 - 2022-01-26 17:24 - 000002437 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-22 13:12 - 2022-01-22 13:44 - 000000000 ____D C:\Users\Administrator
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Vorlagen
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Startmenü
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Netzwerkumgebung
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Lokale Einstellungen
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Eigene Dateien
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Druckumgebung
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Documents\Eigene Videos
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Documents\Eigene Musik
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Documents\Eigene Bilder
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\AppData\Local\Verlauf
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\AppData\Local\Anwendungsdaten
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Bernd\Anwendungsdaten
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Vorlagen
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Startmenü
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Eigene Dateien
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Druckumgebung
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2022-01-22 13:12 - 2022-01-22 13:12 - 000000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2022-01-22 13:12 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-22 13:08 - 2022-01-22 13:13 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-01-22 13:03 - 2022-01-22 13:03 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-01-22 12:55 - 2022-01-22 12:55 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-22 12:55 - 2022-01-22 12:55 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-22 12:54 - 2022-01-22 12:54 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-01-22 12:31 - 2019-10-15 13:53 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2022-01-22 12:31 - 2019-04-18 18:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2022-01-22 12:20 - 2022-01-22 12:20 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-01-22 12:20 - 2022-01-22 12:20 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-01-22 12:20 - 2022-01-22 12:20 - 000000000 ____D C:\Program Files\MSBuild
2022-01-22 12:20 - 2022-01-22 12:20 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-01-22 12:20 - 2022-01-22 12:20 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-01-22 12:20 - 2022-01-22 12:20 - 000000000 ____D C:\inetpub
2022-01-22 12:11 - 2022-01-22 12:11 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-01-22 11:45 - 2022-02-03 18:32 - 000000000 ___DC C:\WINDOWS\Panther
2022-01-22 11:42 - 2022-01-22 11:42 - 000000000 ___HD C:\$Windows.~WS
2022-01-22 11:40 - 2022-01-22 11:40 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2022-01-19 08:35 - 2021-09-10 01:19 - 001435032 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2022-01-19 08:35 - 2021-09-10 01:19 - 000467048 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2022-01-19 08:35 - 2021-09-10 01:19 - 000381304 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2022-01-19 08:35 - 2021-09-10 01:19 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2022-01-19 08:35 - 2021-09-10 01:19 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 003601384 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 003375928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000692064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000392792 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000343608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000231832 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000220288 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000192880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000190464 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFProc64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000116440 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000095976 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFComm64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000093808 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000093416 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFSAPO64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000092392 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFHAPO64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000092392 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFDAPO64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000090832 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000088240 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2022-01-19 08:35 - 2021-09-10 01:18 - 000083544 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2022-01-19 08:35 - 2021-09-10 01:17 - 072520632 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2022-01-19 08:35 - 2021-09-10 01:17 - 006521408 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2022-01-19 08:35 - 2021-09-10 01:17 - 003843944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2022-01-19 08:35 - 2021-09-10 01:17 - 003676984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2022-01-19 08:35 - 2021-09-10 01:17 - 003159696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2022-01-19 08:35 - 2021-09-10 01:17 - 002930072 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2022-01-19 08:35 - 2021-09-10 01:17 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2022-01-19 08:35 - 2021-09-10 01:17 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2022-01-19 08:35 - 2021-09-10 01:17 - 000023608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2022-01-19 08:35 - 2021-09-10 00:47 - 048490184 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2022-01-19 08:34 - 2021-12-20 09:01 - 001159216 ____N (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-01-19 08:34 - 2021-11-03 07:29 - 000786488 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2022-01-19 08:34 - 2021-09-28 04:55 - 000135416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-01-19 08:34 - 2021-09-28 04:55 - 000047864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-01-19 08:34 - 2021-09-10 01:16 - 000122216 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2022-01-12 17:21 - 2022-01-12 17:21 - 004355440 _____ (Dominik Reichl ) C:\Users\Bernd\Downloads\KeePass-2.50-Setup.exe
2022-01-11 12:05 - 2022-01-11 12:05 - 000109346 _____ C:\Users\Bernd\Downloads\quatrac_pro.jpeg
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-02-08 11:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2022-02-08 11:33 - 2017-04-12 17:39 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-08 11:33 - 2015-08-19 14:44 - 000001866 __RSH C:\ProgramData\ntuser.pol
2022-02-08 11:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-08 11:29 - 2020-05-29 05:44 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-08 11:28 - 2020-06-14 13:04 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-02-08 11:18 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-08 11:17 - 2016-07-07 10:45 - 000000000 ____D C:\Users\Bernd\AppData\Roaming\KeePass
2022-02-08 02:00 - 2015-05-13 16:15 - 000000000 ____D C:\Users\Bernd\AppData\Local\Adobe
2022-02-07 20:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-07 19:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-07 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-07 19:30 - 2015-07-02 08:12 - 000000000 ____D C:\Users\Bernd\AppData\Local\CrashDumps
2022-02-07 12:49 - 2018-05-09 07:41 - 000000000 ____D C:\Users\Bernd\AppData\Local\D3DSCache
2022-02-07 12:45 - 2020-06-28 10:57 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-07 12:22 - 2016-11-16 16:38 - 000000000 ____D C:\Users\Bernd\AppData\LocalLow\Mozilla
2022-02-06 20:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-06 19:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-02-05 17:44 - 2015-05-14 09:42 - 000000000 ____D C:\Users\Bernd\AppData\Roaming\copyq
2022-02-05 12:44 - 2020-11-18 14:01 - 000000000 ____D C:\Users\Bernd\AppData\Local\cache
2022-02-02 13:27 - 2015-05-17 12:32 - 000001164 _____ C:\Users\Bernd\Desktop\mp3DirectCut.lnk
2022-02-02 12:42 - 2015-05-13 17:17 - 000001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2022-02-02 12:42 - 2015-05-13 17:17 - 000001192 _____ C:\Users\Public\Desktop\paint.net.lnk
2022-02-02 12:42 - 2015-05-13 17:17 - 000000000 ____D C:\Program Files\paint.net
2022-01-28 15:26 - 2021-09-12 11:23 - 000000000 ____D C:\Users\Bernd\Downloads\SDI_R2102
2022-01-27 15:18 - 2019-12-07 15:51 - 000785854 _____ C:\WINDOWS\system32\perfh007.dat
2022-01-27 15:18 - 2019-12-07 15:51 - 000167968 _____ C:\WINDOWS\system32\perfc007.dat
2022-01-27 15:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-27 15:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-27 15:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-27 15:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-27 15:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-27 15:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-01-27 15:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-01-27 15:08 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-27 15:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-27 15:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-25 10:46 - 2018-05-06 21:13 - 000000000 ____D C:\Users\Bernd\AppData\Local\PlaceholderTileLogoFolder
2022-01-23 23:03 - 2021-10-29 09:52 - 000000000 ____D C:\Users\Bernd\AppData\Roaming\Breitbandmessung
2022-01-23 22:59 - 2021-10-29 09:51 - 000000000 ____D C:\Program Files\Breitbandmessung
2022-01-23 13:09 - 2017-04-12 17:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-23 13:09 - 2017-04-12 17:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-23 13:09 - 2017-04-12 17:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-01-23 12:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-23 09:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-01-22 14:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-01-22 14:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-22 14:22 - 2015-08-05 18:58 - 000000000 ___RD C:\Users\Bernd\3D Objects
2022-01-22 14:22 - 2015-05-17 12:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-01-22 14:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-22 14:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-01-22 14:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-01-22 14:19 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-22 14:04 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2022-01-22 14:04 - 2015-08-01 18:29 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2022-01-22 13:50 - 2018-01-08 20:19 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-01-22 13:44 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-01-22 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-01-22 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-01-22 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-01-22 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-01-22 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-01-22 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-01-22 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2022-01-22 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-22 13:44 - 2018-01-12 14:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-01-22 13:44 - 2015-06-13 14:50 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2022-01-22 13:44 - 2015-05-15 07:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-22 13:44 - 2015-05-13 13:26 - 000000000 ____D C:\WINDOWS\system32\asg
2022-01-22 13:44 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2022-01-22 13:44 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2022-01-22 13:43 - 2021-12-23 13:15 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2022-01-22 13:43 - 2021-12-09 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2022-01-22 13:43 - 2021-11-14 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE Fotowelt
2022-01-22 13:43 - 2021-11-14 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2022-01-22 13:43 - 2021-11-11 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVCutty 3
2022-01-22 13:43 - 2021-11-10 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2022-01-22 13:43 - 2021-01-08 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-01-22 13:43 - 2020-11-08 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2022-01-22 13:43 - 2020-11-04 08:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixum Fotowelt
2022-01-22 13:43 - 2020-03-08 10:32 - 000000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TomTom Intl
2022-01-22 13:43 - 2020-02-15 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2022-01-22 13:43 - 2020-02-08 17:37 - 000000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky
2022-01-22 13:43 - 2019-12-07 10:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2022-01-22 13:43 - 2019-12-07 10:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2022-01-22 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-01-22 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\InputMethod
2022-01-22 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-22 13:43 - 2019-11-17 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView
2022-01-22 13:43 - 2019-08-31 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberduck
2022-01-22 13:43 - 2018-10-06 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2022-01-22 13:43 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-01-22 13:43 - 2018-07-14 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 - Evolution
2022-01-22 13:43 - 2018-03-18 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v15 - Evolution
2022-01-22 13:43 - 2017-04-12 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2022-01-22 13:43 - 2016-07-29 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2022-01-22 13:43 - 2016-02-10 14:32 - 000000000 ____D C:\WINDOWS\de
2022-01-22 13:43 - 2015-12-01 19:32 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-01-22 13:43 - 2015-06-15 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2022-01-22 13:43 - 2015-05-30 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2022-01-22 13:43 - 2015-05-14 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CopyQ
2022-01-22 13:43 - 2015-05-13 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-01-22 13:43 - 2015-05-13 13:09 - 000000000 ____D C:\Program Files\Intel
2022-01-22 13:43 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-22 13:40 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2022-01-22 13:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-01-22 13:35 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2022-01-22 13:15 - 2016-10-02 14:29 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2022-01-22 13:14 - 2021-11-14 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2022-01-22 13:14 - 2021-09-12 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KC Softwares
2022-01-22 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Resources
2022-01-22 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2022-01-22 13:14 - 2015-05-13 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2022-01-22 13:14 - 2015-05-13 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2022-01-22 13:13 - 2018-01-08 20:19 - 000000000 ____D C:\Program Files\Realtek
2022-01-22 13:13 - 2017-10-18 17:16 - 000000000 ____D C:\Users\Bernd\AppData\Local\Packages
2022-01-22 13:12 - 2021-09-10 18:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2022-01-22 13:03 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-01-22 13:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-01-22 12:31 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-01-22 12:31 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-01-22 12:31 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-01-22 12:31 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-01-22 12:31 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-01-22 12:31 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-01-22 12:31 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-01-22 12:31 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-01-22 12:31 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-01-22 12:31 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-01-22 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-01-22 12:20 - 2021-10-06 14:26 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2022-01-22 12:20 - 2021-10-06 14:26 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2022-01-22 12:20 - 2021-10-06 14:26 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2022-01-22 12:20 - 2021-10-06 14:26 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2022-01-22 12:20 - 2021-10-06 14:26 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2022-01-22 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-01-22 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-01-22 11:45 - 2017-10-18 12:54 - 000000000 ____D C:\ESD
2022-01-22 08:57 - 2020-07-14 10:03 - 000002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-18 13:25 - 2015-05-13 13:20 - 000000000 ____D C:\Users\Bernd\Documents\Rezepte
2022-01-13 14:09 - 2015-05-15 07:57 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-12 17:27 - 2021-10-13 16:19 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-12 17:22 - 2016-07-07 10:44 - 000001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2022-01-12 17:22 - 2016-07-07 10:44 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2018-08-24 17:08 - 2019-01-13 11:24 - 000000624 _____ () C:\Users\Bernd\AppData\Roaming\All CPU MeterV3_Settings.ini
2015-08-16 11:10 - 2017-12-19 10:34 - 000002297 _____ () C:\Users\Bernd\AppData\Roaming\BERND-PC.MTBF.txt
2015-05-13 15:23 - 2015-05-13 15:23 - 000000000 _____ () C:\Users\Bernd\AppData\Roaming\gdfw.log
2015-05-13 15:23 - 2015-05-13 15:23 - 000000779 _____ () C:\Users\Bernd\AppData\Roaming\gdscan.log
2015-06-13 12:23 - 2015-07-19 14:42 - 000000400 _____ () C:\Users\Bernd\AppData\Roaming\HP-PRODESK.MTBF.txt
2017-07-23 10:00 - 2017-07-23 10:20 - 000001456 _____ () C:\Users\Bernd\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-06-13 13:15 - 2021-11-11 11:52 - 000003584 _____ () C:\Users\Bernd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-14 09:04 - 2016-03-25 12:26 - 000007632 _____ () C:\Users\Bernd\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
08.02.2022, 12:39
| #2 |
| | Windows 10 (21H2): Trojaner tr/ad.firehooker.buCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-02-2022
durchgeführt von Bernd (08-02-2022 11:58:13)
Gestartet von C:\Users\Bernd\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1503 (X64) (2022-01-22 13:20:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-4071651455-2038161318-6637332-500 - Administrator - Enabled) => C:\Users\Administrator
Bernd (S-1-5-21-4071651455-2038161318-6637332-1001 - Administrator - Enabled) => C:\Users\Bernd
DefaultAccount (S-1-5-21-4071651455-2038161318-6637332-503 - Limited - Disabled)
Gast (S-1-5-21-4071651455-2038161318-6637332-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4071651455-2038161318-6637332-1007 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4071651455-2038161318-6637332-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
8GadgetPack (HKLM-x32\...\{AEF55727-E650-4061-856B-A7951E50E53A}) (Version: 27.0.0 - 8GadgetPack.net)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated)
Ashampoo Burning Studio 2022 (HKLM-x32\...\{91B33C97-D89F-4715-D02E-90C618F79A4A}_is1) (Version: 1.23.1 - Ashampoo GmbH & Co. KG)
Ashampoo Movie Shrink & Burn 4 v.4.0.2 (HKLM-x32\...\{91B33C97-5DA0-4327-2340-F9FB7270577E}_is1) (Version: 4.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Movie Studio Pro 3 (HKLM-x32\...\{91B33C97-1EC8-D22B-F678-6953B89CE924}_is1) (Version: 3.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 7 (HKLM-x32\...\{91B33C97-6B1A-B73D-D2FE-BFD378F77213}_is1) (Version: 7.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 6 (HKLM-x32\...\{91B33C97-546E-E89A-9F44-0BB2D57DBE96}_is1) (Version: 6.0.20 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 3 v.3.0.9 (HKLM-x32\...\{91B33C97-0CE8-6ABD-1CF4-0DAF2CCF492A}_is1) (Version: 3.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller FREE (HKLM-x32\...\{4209F371-CB4A-DB54-FD54-9F662DEF845D}_is1) (Version: 9.00.00 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 19 (HKLM-x32\...\{4209F371-A9E3-7DD2-C1E5-04BB2B081219}_is1) (Version: 19.00.22 - Ashampoo GmbH & Co. KG)
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Audials COMPUTER BILD Edition2021 (HKLM-x32\...\{1CE6BB09-B9D4-400D-BCA3-BA1F5C192605}) (Version: 21.0.146.0 - Audials AG)
AVCutty 3.7 (HKLM-x32\...\AVCutty) (Version: 3.7 - )
balenaEtcher 1.5.39 (HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.39 - Balena Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Hidden
Breitbandmessung 3.1.0 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 3.1.0 - zafaco GmbH)
CEWE Fotowelt (HKLM\...\CEWE Fotowelt) (Version: 7.2.1 - CEWE Stiftung u Co. KGaA)
CopyQ 2.0.0 (HKLM-x32\...\{9DF1F443-EA0B-4C75-A4D3-767A7783228E}_is1) (Version: 2.0.0 - Lukas Holecek)
Cyberduck (HKLM-x32\...\{62e82c59-4457-4b11-bac2-ceec1ce606dc}) (Version: 7.0.2.30998 - iterate GmbH)
Cyberduck (HKLM-x32\...\{994CDFDD-BDE1-4DE9-9E6E-AA93D6C9ECAD}) (Version: 7.0.2.30998 - iterate GmbH) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.07 (HKLM-x32\...\{631D71FD-237F-4D74-B090-88E66FBC5A10}) (Version: 1.07.0000 - Pinnacle)
EaseUS Partition Master (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Partition Master Suite 16.6 (HKLM-x32\...\EaseUS Partition Master Suite_is1) (Version: - EaseUS)
EPSON Stylus S20 Series Printer Uninstall (HKLM\...\EPSON Stylus S20 Series) (Version: - SEIKO EPSON Corporation)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.53.0 (HKLM-x32\...\FileZilla Client) (Version: 3.53.0 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.3.41.122 - Digital Wave Ltd)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HP Imaging Device Functions 14.5 (HKLM\...\HP Imaging Device Functions) (Version: 14.5 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{02E639C2-2C8A-4A55-8DFF-43666B46E8F3}) (Version: 1.5.6.0 - HP Inc.)
HP Scanjet 300 (HKLM\...\{48F29838-3609-4DF4-9EAE-C0E026043174}) (Version: 14.5 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{B50981AD-95E8-4E4D-912A-7C4B738387CA}) (Version: 3.4.6.0 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D549B5E2-DBE8-4190-ABA5-71106264398C}) (Version: 12.18.34.21 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Incomedia WebSite X5 - Evo (HKLM\...\{B16A8D0F-BD9E-47FA-BD57-595831679B0B}_is1) (Version: 2020.3.4.0 - Incomedia s.r.l.)
Incomedia WebSite X5 v15 - Evolution (HKLM\...\{7AA7E155-503E-44B9-AC33-93B1B81687AF}_is1) (Version: 15.0.2.0 - Incomedia s.r.l.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java(TM) SE Development Kit 12.0.2 (64-bit) (HKLM\...\{3FA68A00-9C88-5E69-870A-B40CB89DC2EF}) (Version: 12.0.2.0 - Oracle Corporation)
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 5.14.0.505 - KC Softwares)
KeePass Password Safe 2.50 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.50 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LibreOffice 7.2 Help Pack (German) (HKLM\...\{D0406731-E457-4FE9-B1D6-A5D916E0875E}) (Version: 7.2.4.1 - The Document Foundation)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
MAGIX Cloud Import (HKLM\...\{637FCBFD-7364-4D52-8485-B0487B4ABC09}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden
MAGIX Cloud Import (HKLM\...\MX.{637FCBFD-7364-4D52-8485-B0487B4ABC09}) (Version: 0.1.0.5 - MAGIX Software GmbH)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{CDADCBDE-5D95-40F5-AF35-0F970BD103BC}) (Version: 1.0.2.0 - MAGIX Software GmbH) Hidden
MAGIX Travel Maps (HKLM\...\{06FEA91E-FD3C-4C5E-B232-460785F926F3}) (Version: 1.2.1.462 - MAGIX Software GmbH) Hidden
MAGIX Travel Maps (HKLM\...\MX.{06FEA91E-FD3C-4C5E-B232-460785F926F3}) (Version: 1.2.1.462 - MAGIX Software GmbH)
MAGIX Video converter 3 (HKLM\...\VID_1D19&PID_6120&MI_01) (Version: 1.0.0.0 - Conexant Systems)
MAGIX Video deluxe Premium (Demo) (HKLM\...\{65A2D2CE-C0EE-464A-AB90-BDF420101C6A}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Designelemente 1) (HKLM\...\{E090602A-2070-401A-ABBA-3DB1C1FAAE8D}) (Version: 20.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Designelemente 2) (HKLM\...\{6A59CAF7-EE4B-4390-90A9-C3527DE269F7}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Filmvorlagen 1) (HKLM\...\{0499ADE6-106C-4599-BDAC-D8347650F5AC}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Filmvorlagen 2) (HKLM\...\{97E9B8AE-9318-47B5-BA31-2FFE9159759D}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Fotoshow Maker-Stile) (HKLM\...\{42C71F09-651F-44DB-86C7-26AA4171B5B9}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\{1660AC05-2ED8-4A4A-AC06-1A10547F8FD7}) (Version: 21.0.1.85 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\MX.{1660AC05-2ED8-4A4A-AC06-1A10547F8FD7}) (Version: 21.0.1.92 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (Menüvorlagen) (HKLM\...\{3BE8E4CD-82C4-48DB-B5C1-611C7876F511}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Migrate Content) (HKLM\...\{093F2C78-2F97-418B-A287-92AB026A19AD}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Soundtrack Maker-Stile) (HKLM\...\{EAD2005E-E029-4C86-A78B-C2B7F91C3E44}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Titeleffekte) (HKLM\...\{34C66A2A-91EC-48D3-BE43-D5D95F3A4652}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Überblendeffekte) (HKLM\...\{C86DB03E-5D68-44F7-895D-8D4138D54A50}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (Vorlagen und Effekte) (HKLM-x32\...\MAGIX_GlobalContent.Video_deluxe_Premium) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Premium Update (HKLM\...\{B7D8DCFC-8F5E-4759-A867-7C627CDE063E}) (Version: 21.0.1.92 - MAGIX Software GmbH) Hidden
MAGIX Video easy Retten Sie Ihre Videokassetten! (HKLM\...\{C9FBDFB8-C2D8-4539-A3BC-E214302541F1}) (Version: 7.0.1.12 - MAGIX Software GmbH) Hidden
MAGIX Video easy Retten Sie Ihre Videokassetten! (HKLM\...\MX.{C9FBDFB8-C2D8-4539-A3BC-E214302541F1}) (Version: 7.0.1.12 - MAGIX Software GmbH)
MediathekView 13.8.0 (HKLM\...\1927-5045-2127-3394) (Version: 13.8.0 - MediathekView Team)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4071651455-2038161318-6637332-500\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Music Maker (64-Bit) (HKLM\...\{DC06D09C-D841-44F3-81CA-150011EC5C46}) (Version: 30.0.3.39 - MAGIX Software GmbH) Hidden
Music Maker (64-Bit) (HKLM\...\MX.{DC06D09C-D841-44F3-81CA-150011EC5C46}) (Version: 30.0.3.39 - MAGIX Software GmbH)
NewBlue Filters 5 Ultimate (HKLM-x32\...\NewBlue Filters 5 Ultimate) (Version: 5.0.180730 - NewBlue)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Grafiktreiber 472.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
paint.net (HKLM\...\{9108ED9C-43BD-44DF-83AF-6DB198556920}) (Version: 4.3.7 - dotPDN LLC)
Pinnacle Studio 18 Add-Ons (HKLM-x32\...\{0BCCDCE5-D1AD-47A9-8864-D2A411403D89}) (Version: 18.0 - Corel) Hidden
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 7.0.3 - CEWE Stiftung u Co. KGaA)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9235.1 - Realtek Semiconductor Corp.)
Restoro (HKLM\...\Restoro) (Version: 2.1.0.0 - Restoro) <==== ACHTUNG
Savevid (HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\Savevid) (Version: 0.0.0.1054 - Bandoo Media Inc)
Shotcut (HKLM\...\Shotcut) (Version: 20.11.25 - Meltytech, LLC)
Sky Go 20.6.2.0 (HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\com.bskyb.skygoplayer_is1) (Version: 20.6.2.0 - Sky)
TomTom HOME 2.20.8.1298 (HKLM\...\TomTom HOME) (Version: 2.20.8.1298 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update Notifier (HKLM\...\{BB4BCDF3-0210-4F77-85CF-DE1164081445}) (Version: 3.0.0.57 - MAGIX Software GmbH) Hidden
Update Notifier (HKLM\...\{CA4A7F7E-296C-4E14-861D-24517ABADA03}) (Version: 3.0.0.57 - MAGIX Software GmbH) Hidden
Update Notifier (HKLM\...\MX.{CA4A7F7E-296C-4E14-861D-24517ABADA03}) (Version: 3.0.0.57 - MAGIX Software GmbH)
Vita Concert Grand LE (HKLM\...\{2C61CE04-1EEF-4582-ABBA-B9CCFC3743EB}) (Version: 2.4.0.96 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1375 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Packages:
=========
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.9.9.0_x64__gqbn7fs4pywxm [2022-02-07] (Drawboard)
Duplicate Cleaner Tool -> C:\Program Files\WindowsApps\60709MehrzadChehraz.Singuler_2.7.1.0_x64__9xcfhtjr0fr4e [2022-01-07] (Mehrzad Chehraz)
File Opener - Open Image,Document,Video,Audio -> C:\Program Files\WindowsApps\4846UtilitiesTools.FileOpener-OpenImageDocumentVid_1.1.10.0_x64__b17t1j31etq18 [2018-11-11] (Utilities Tools)
Flight Unlimited 2K16 -> C:\Program Files\WindowsApps\FlightSystemsLLC.FlightUnlimited2K16_2.1.16.0_x64__gr0hpt7qkpqd0 [2020-07-31] (Flight Systems LLC)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.13.85.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
MSN Gesundheit & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-09-14] (Microsoft Corporation) [MS Ad]
MSN Kochen & Genuss -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2021-09-14] (Microsoft Corporation) [MS Ad]
MSN Reisen -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-09-14] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-25] (NVIDIA Corp.)
Shrestha Files Pro -> C:\Program Files\WindowsApps\43158JPTGamesandApps.ShresthaFiles-AModernDualPane_1.10.119.0_x64__pnxmbr0ydfejr [2021-10-15] (JPT Games and Apps)
WiFi Tool -> C:\Program Files\WindowsApps\53028HelgeMagnusKeck.WiFiTool_1.6.31.0_x64__kmtq5bk764tmy [2021-04-21] (WiFi Tools)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4071651455-2038161318-6637332-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Bernd\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-4071651455-2038161318-6637332-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Bernd\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-4071651455-2038161318-6637332-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Users\Bernd\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter.gadget\GPUStatusReader.dll (AddGadgets IT -> Orbmu2k)
CustomCLSID: HKU\S-1-5-21-4071651455-2038161318-6637332-1001_Classes\CLSID\{a3d7e084-b0df-4d14-8e0a-27a572a6332c}\localserver32 -> => Keine Datei
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_873a5dc0a09971a3\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-05-14 09:42 - 2013-12-08 05:48 - 000070656 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\plugins\itemdata.dll
2015-05-14 09:42 - 2013-12-08 05:48 - 000095744 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\plugins\itemencrypted.dll
2015-05-14 09:42 - 2013-12-08 05:12 - 000333312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\plugins\itemfakevim.dll
2015-05-14 09:42 - 2013-12-08 05:48 - 000068608 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\plugins\itemimage.dll
2015-05-14 09:42 - 2013-12-08 05:26 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\plugins\itemnotes.dll
2015-05-14 09:42 - 2013-12-08 05:48 - 000216064 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\plugins\itemsync.dll
2015-05-14 09:42 - 2013-12-08 04:55 - 000055808 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\plugins\itemtext.dll
2015-05-14 09:42 - 2013-12-08 04:56 - 000047104 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\plugins\itemweb.dll
2021-12-06 11:04 - 2022-02-08 11:33 - 000010752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Microsoft\Edge\Application\VERSION.dll
2020-08-12 08:54 - 2020-08-12 08:54 - 000011776 _____ () [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\libEGL.DLL
2020-08-12 08:54 - 2020-08-12 08:54 - 002013696 _____ () [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\libGLESv2.dll
2015-05-14 09:42 - 2013-06-27 00:33 - 000021504 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\imageformats\qsvg4.dll
2015-05-14 09:42 - 2013-07-11 07:11 - 002598912 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\QtCore4.dll
2015-05-14 09:42 - 2013-06-26 23:16 - 008581632 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\QtGui4.dll
2015-05-14 09:42 - 2013-06-26 23:10 - 001053696 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\QtNetwork4.dll
2015-05-14 09:42 - 2013-06-26 23:23 - 001341440 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\QtScript4.dll
2015-05-14 09:42 - 2013-06-26 23:20 - 000283136 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\QtSvg4.dll
2015-05-14 09:42 - 2013-06-27 00:29 - 013112320 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\QtWebKit4.dll
2015-05-14 09:42 - 2013-06-26 23:10 - 000356352 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\CopyQ\QtXml4.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 001657856 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\LIBEAY32.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000321024 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\ssleay32.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000048128 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\bearer\qgenericbearer.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000032768 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qgif.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000039936 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qicns.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000033280 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qico.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000331264 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qjpeg.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000026112 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qsvg.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000025600 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qtga.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000371712 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qtiff.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000024064 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qwbmp.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000492544 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qwebp.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 001424896 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\platforms\qwindows.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 005892608 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Core.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 006332416 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Gui.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 001245696 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Network.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 003279360 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Qml.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 003600384 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Quick.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000329216 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Svg.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 005496832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Widgets.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000018432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\QtQuick.2\qtquick2plugin.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000314880 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000091648 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000018432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\QtQuick\Window.2\windowplugin.dll
2020-08-18 19:00 - 2020-08-18 19:00 - 000135168 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-01-20] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-01-20] (HP Inc. -> HP Inc.)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernd\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\petra und bernd 2018 07 27.jpg
HKU\S-1-5-21-4071651455-2038161318-6637332-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\StartupApproved\Run: => "vidnotifier.exe"
HKU\S-1-5-21-4071651455-2038161318-6637332-1001\...\StartupApproved\Run: => "GoogleDriveSync"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{84C26BA8-098D-4F22-8DFB-F79A618DECA4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9AFE2FA1-61B4-4E3D-AA06-BB8E32093C8E}C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2111.exe] => (Allow) C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2111.exe (www.SamLab.ws) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C2F0B821-98A7-4A4A-B299-7C4CADF3259F}C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2111.exe] => (Allow) C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2111.exe (www.SamLab.ws) [Datei ist nicht signiert]
FirewallRules: [{0E698187-3CE4-43CF-B85A-522C60762999}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{07FADFD5-6BF9-45E6-8DB8-14B23983D1E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{11F1AA81-3102-4D20-87C6-14922BC6795A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D6CA1C4-075F-47CB-B432-EA2AC0734EAB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{E5A39073-41D7-4E19-A87E-804CFB2AA905}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{9E5DEEFF-9264-4654-B3BC-7F4ED610E1A8}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{52EC1B84-AC2E-4499-A9C8-08570B65AE82}] => (Allow) LPort=1900
FirewallRules: [{9F8D6747-70C9-4834-B1AB-DD72AFC13BDD}] => (Allow) LPort=2869
FirewallRules: [{DCB7D0E1-31DE-47B8-8991-CB35D12A05CF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8118884F-F11C-451E-968E-85D542E5336E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{02BBFBF5-1CA2-4FB6-93DD-BE73B00ADBD4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B8F38C5A-7D08-4886-8DE1-7F72B2AE400C}] => (Allow) C:\Program Files (x86)\Audials\ComputerBild 2021\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{BFE792D4-FC71-4A17-8584-2380AFBBA736}] => (Allow) LPort=12972
FirewallRules: [{07B5CA2A-A601-4E96-8796-6D4BE340FED2}] => (Allow) LPort=14714
FirewallRules: [{FDD05338-7BEA-45FF-A302-DB90EC2A535F}] => (Allow) LPort=31931
FirewallRules: [TCP Query User{53B2AF4D-8822-4D0E-9CA5-F460B5971EF0}C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2102.exe] => (Allow) C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2102.exe (www.SamLab.ws) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{0512DA67-662F-4F32-B07E-1330125FEBDA}C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2102.exe] => (Allow) C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2102.exe (www.SamLab.ws) [Datei ist nicht signiert]
FirewallRules: [{DBF05814-FFB5-4000-A769-55210A146829}] => (Allow) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{612F23D1-3AD4-48D9-987A-7FCF9B85CD4C}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{81C76BF0-8B7E-4A3B-B115-8DAC3A764A2E}] => (Allow) C:\Program Files\MAGIX\Music Maker\30\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{5DE3BC93-DF9B-4B45-8CE5-47E93B10FE14}] => (Allow) C:\Program Files\MAGIX\Video deluxe Premium\2022\Videodeluxe.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{17101AD4-8790-4189-8DF7-FC13100F2248}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{622A4623-471E-4BEB-BA68-10B181DC8B93}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{13EE6639-169C-4F75-9125-D418E201D5ED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8940D19A-80CB-4CAB-AF12-1F3E9F7E1324}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FF14F9D-D235-46C0-B4C4-389AFE69CD1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0626854D-E621-4AC4-B0CB-5FC5569644C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B1B2EE98-A592-4B36-9191-CDC7EAAAC580}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FDA9DEBC-8CDA-4D40-B4C3-491386F3073F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E9EA168E-692E-421E-885F-B90A5F137459}C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2201.exe] => (Allow) C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2201.exe (www.SamLab.ws) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C95054B2-8A30-4AEF-A43C-2C4111BBDFD8}C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2201.exe] => (Allow) C:\users\bernd\downloads\sdi_r2102\sdi_x64_r2201.exe (www.SamLab.ws) [Datei ist nicht signiert]
==================== Wiederherstellungspunkte =========================
03-02-2022 18:45:36 Geplanter Prüfpunkt
06-02-2022 19:57:26 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/08/2022 11:32:30 AM) (Source: HPTouchpointAnalyticsService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at HP.TouchpointAnalyticsClient.Commons.Utils.HpsaUtils.get_HpsaVersion()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.DefaultAccountNameProvider.get_Hpsa()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.FindAccountName(IAccountNameProvider nameProvider)
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.CreateDefault()
at HP.TouchpointAnalyticsClient.Service.ClientScheduler..ctor()
at HP.TouchpointAnalyticsClient.Service.TouchpointAnalyticsClientService.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/07/2022 08:01:13 PM) (Source: HPTouchpointAnalyticsService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at HP.TouchpointAnalyticsClient.Commons.Utils.HpsaUtils.get_HpsaVersion()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.DefaultAccountNameProvider.get_Hpsa()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.FindAccountName(IAccountNameProvider nameProvider)
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.CreateDefault()
at HP.TouchpointAnalyticsClient.Service.ClientScheduler..ctor()
at HP.TouchpointAnalyticsClient.Service.TouchpointAnalyticsClientService.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/07/2022 07:35:27 PM) (Source: HPTouchpointAnalyticsService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at HP.TouchpointAnalyticsClient.Commons.Utils.HpsaUtils.get_HpsaVersion()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.DefaultAccountNameProvider.get_Hpsa()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.FindAccountName(IAccountNameProvider nameProvider)
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.CreateDefault()
at HP.TouchpointAnalyticsClient.Service.ClientScheduler..ctor()
at HP.TouchpointAnalyticsClient.Service.TouchpointAnalyticsClientService.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/07/2022 07:31:44 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (02/07/2022 07:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RestoroMain.exe, Version: 2.1.0.0, Zeitstempel: 0x615ed5b2
Name des fehlerhaften Moduls: RestoroMain.exe, Version: 2.1.0.0, Zeitstempel: 0x615ed5b2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000002e8448
ID des fehlerhaften Prozesses: 0x17e8
Startzeit der fehlerhaften Anwendung: 0x01d81c50c733f78e
Pfad der fehlerhaften Anwendung: C:\Program Files\Restoro\RestoroMain.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Restoro\RestoroMain.exe
Berichtskennung: 37efea82-8a1f-415a-8306-b93989270010
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/07/2022 07:29:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RestoroMain.exe, Version: 2.1.0.0, Zeitstempel: 0x615ed5b2
Name des fehlerhaften Moduls: RestoroMain.exe, Version: 2.1.0.0, Zeitstempel: 0x615ed5b2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000002e8448
ID des fehlerhaften Prozesses: 0x2fc0
Startzeit der fehlerhaften Anwendung: 0x01d81c50a6591698
Pfad der fehlerhaften Anwendung: C:\Program Files\Restoro\RestoroMain.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Restoro\RestoroMain.exe
Berichtskennung: 3337550b-c884-405c-a518-af626cc311d3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/07/2022 02:49:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf HP_TOOLS (E:) nicht abschließen. Grund: Dieser Vorgang wird auf diesem Dateisystem nicht unterstützt. (0x89000020)
Error: (02/07/2022 02:49:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf HP_RECOVERY (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Systemfehler:
=============
Error: (02/08/2022 11:32:56 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/08/2022 11:29:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wfcs" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/08/2022 10:00:39 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/07/2022 08:01:51 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/07/2022 07:58:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wfcs" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/07/2022 07:36:26 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/07/2022 07:33:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wfcs" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/07/2022 12:57:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2022-02-08 06:05:30
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/FormfacBundle&threatid=311943&enterprise=0
Name: PUABundler:Win32/FormfacBundle
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\FormatFactory2021_04_08\FFSetup5.7.1.0 (2021_04_09 09_25_16 UTC).exe; file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\FormatFactory2021_04_08\FFSetup5.7.1.0 (2021_05_20 10_03_20 UTC).exe; file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\FormatFactory2021_04_08\FFSetup5.7.1.0 (2021_12_17 12_18_17 UTC).exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: BERND-PC\Bernd
Prozessname: Unknown
Sicherheitsversion: AV: 1.357.259.0, AS: 1.357.259.0, NIS: 1.357.259.0
Modulversion: AM: 1.1.18900.2, NIS: 1.1.18900.2
Date: 2022-02-08 06:05:30
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Name: PUADlManager:Win32/InstallCore
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Format Factory\FFSetup (2019_05_01 09_57_39 UTC).exe; file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Format Factory\FFSetup (2019_06_07 14_37_05 UTC).exe; file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Format Factory\FFSetup (2021_05_20 10_03_20 UTC).exe; file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Format Factory\FFSetup (2021_12_17 12_18_17 UTC).exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: BERND-PC\Bernd
Prozessname: Unknown
Sicherheitsversion: AV: 1.357.259.0, AS: 1.357.259.0, NIS: 1.357.259.0
Modulversion: AM: 1.1.18900.2, NIS: 1.1.18900.2
Date: 2022-02-08 06:05:30
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:Formatfactory_BundleInstaller&threatid=268642&enterprise=0
Name: App:Formatfactory_BundleInstaller
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\FormatFactory2021_11_10\FFSetup5.8.1.0 (2021_11_10 17_30_40 UTC).exe; file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\FormatFactory2021_11_10\FFSetup5.8.1.0 (2021_12_17 12_18_17 UTC).exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: BERND-PC\Bernd
Prozessname: Unknown
Sicherheitsversion: AV: 1.357.259.0, AS: 1.357.259.0, NIS: 1.357.259.0
Modulversion: AM: 1.1.18900.2, NIS: 1.1.18900.2
Date: 2022-02-08 06:05:30
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUAAdvertising:Win32/Conduit&threatid=311906&enterprise=0
Name: PUAAdvertising:Win32/Conduit
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: containerfile:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Ashampoo\Music Studio\ashampoo_music_studio_3_3.51_sm (2019_05_01 09_57_39 UTC).exe; containerfile:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Ashampoo\Music Studio\ashampoo_music_studio_3_3.51_sm (2019_06_07 14_37_05 UTC).exe; containerfile:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Ashampoo\Music Studio\ashampoo_music_studio_3_3.51_sm (2021_05_20 10_03_20 UTC).exe; containerfile:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Ashampoo\Music Studio\ashampoo_music_studio_3_3.51_sm (2021_12_17 12_18_17 UTC).exe; containerfile:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Ashampoo\Music Studio\ashampoo_music_studio_3_3.51_sm (2022_01_22 14_21_37 UTC).exe; file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\Ashampoo\Music Studio\ashampoo_music_studio_3_3.51_sm (2019_05_01 09_57_39 UTC).exe->(inno#000022)->(wise0008); file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Be
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: BERND-PC\Bernd
Prozessname: Unknown
Sicherheitsversion: AV: 1.357.259.0, AS: 1.357.259.0, NIS: 1.357.259.0
Modulversion: AM: 1.1.18900.2, NIS: 1.1.18900.2
Date: 2022-02-08 06:05:30
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/PiriformBundler&threatid=311950&enterprise=0
Name: PUABundler:Win32/PiriformBundler
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: containerfile:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\spsetup132 (2019_05_04 10_55_02 UTC).exe; containerfile:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\spsetup132 (2019_06_02 22_11_24 UTC).exe; containerfile:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\spsetup132 (2019_06_07 14_37_05 UTC).exe; file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\spsetup132 (2019_05_04 10_55_02 UTC).exe->(nsis-instdata); file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\spsetup132 (2019_06_02 22_11_24 UTC).exe->(nsis-instdata); file:_L:\FileHistory\Bernd\BERND-PC\Data\C\Users\Bernd\Downloads\spsetup132 (2019_06_07 14_37_05 UTC).exe->(nsis-instdata)
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: BERND-PC\Bernd
Prozessname: Unknown
Sicherheitsversion: AV: 1.357.259.0, AS: 1.357.259.0, NIS: 1.357.259.0
Modulversion: AM: 1.1.18900.2, NIS: 1.1.18900.2
==================== Speicherinformationen ===========================
BIOS: AMI 02.06 10/15/2014
Hauptplatine: Hewlett-Packard 21F5
Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 16343.6 MB
Verfügbarer physikalischer RAM: 12143.97 MB
Summe virtueller Speicher: 32727.6 MB
Verfügbarer virtueller Speicher: 27798.43 MB
==================== Laufwerke ================================
Drive c: (Windows ) (Fixed) (Total:917.59 GB) (Free:440.23 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.82 GB) (Free:1.38 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
Drive l: (Elements 2) (Fixed) (Total:1862.98 GB) (Free:588.26 GB) NTFS
\\?\Volume{a8629226-f917-11e4-824c-806e6f6e6963}\ (SYSTEM ) (Fixed) (Total:1 GB) (Free:0.41 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 08ABAC71)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=917.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0C)
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 09CDDEC2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
08.02.2022, 13:10
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10 (21H2): Trojaner tr/ad.firehooker.buZitat:
Dieses völlig überflüssige Programm Restoro umgehend deinstallieren.
__________________ |
|
08.02.2022, 13:59
| #4 |
| | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Moin, leider finde ich keine Log-Datei von Malwarebytes. Hier die letzte Meldung von Restoro als Anhang (Screenshot). Restoro habe ich jetzt deinstalliert. |
|
08.02.2022, 14:02
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Dann lies bitte die Anleitung von Malwarebytes richtig. Oder hat jetzt nur dieses Restoro was gefunden?
__________________ Logfiles bitte immer in CODE-Tags posten  Geändert von cosinus (08.02.2022 um 14:09 Uhr) |
|
08.02.2022, 14:08
| #6 |
| | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Ich nutze von Windows das Virenprogramm Defender und die Windows Firewall. Letzte Nacht habe ich von Defender einen Vollscan machen lassen. Er hat 8 Bedrohungen gefunden und bearbeitet. Wo finde ich von Defender die Log-Datei? |
|
08.02.2022, 14:09
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Nun hüpf doch ejetzt nicht ständig mit den Programmen hin und her. Wir sind immer noch bei Malwarebytes.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2022, 15:10
| #8 |
| /// TB-Ausbilder | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu "Restoro" ist ja selbst PUP/PUA/Müll.  Du bist mit "Trojan.DownloadProtect" infiziert. MBAM kann diese Schadsoftware entfernen. Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Danach sehen wir weiter. |
|
08.02.2022, 15:12
| #9 |
| | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Meine Malwarebytes Testversion war abgelaufen. Was ich gesehen habe, muss von der Malwarebytes-Browsererweiterung gekommen sein. Habe mir jetzt die Malwarebytes Premium Version zugelegt und gleich einen aktuellen Scan gemacht. Hier das Ergebnis: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 08.02.22
Scan-Zeit: 14:19
Protokolldatei: b0d8e4ca-88e1-11ec-b492-3464a915821b.json
-Softwaredaten-
Version: 4.5.2.157
Komponentenversion: 1.0.1562
Version des Aktualisierungspakets: 1.0.50863
Lizenz: Premium
-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.1503)
CPU: x64
Dateisystem: NTFS
Benutzer: Bernd-PC\Bernd
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 434407
Erkannte Bedrohungen: 331
In die Quarantäne verschobene Bedrohungen: 331
Abgelaufene Zeit: 41 Min., 38 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 16
PUP.Optional.Restoro, HKU\S-1-5-21-4071651455-2038161318-6637332-1001\SOFTWARE\Restoro, In Quarantäne, 817, 551610, 1.0.50863, , ame, , ,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, 6672, 252393, 1.0.50863, , ame, , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}, In Quarantäne, 817, 551619, , , , , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\Restoro.Engine.1, In Quarantäne, 817, 551619, , , , , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\Restoro.Engine, In Quarantäne, 817, 551619, 1.0.50863, , ame, , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\Restoro, In Quarantäne, 817, 551614, 1.0.50863, , ame, , ,
PUP.Optional.Restoro, HKU\S-1-5-21-4071651455-2038161318-6637332-1001\SOFTWARE\Local AppWizard-Generated Applications\Restoro, In Quarantäne, 817, 551612, 1.0.50863, , ame, , ,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, 6672, 252393, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, In Quarantäne, 5871, -1, 0.0.0, , action, , ,
PUP.Optional.DownloadProtect.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, In Quarantäne, 5871, -1, 0.0.0, , action, , ,
Trojan.DownloadProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Xbox Antwort Ereignisse, In Quarantäne, 313, 910813, , , , , ,
Trojan.DownloadProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5D06FEE8-91B9-42D4-887D-117BB46BA64B}, In Quarantäne, 313, 910813, , , , , ,
Trojan.DownloadProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\BOOT\{5D06FEE8-91B9-42D4-887D-117BB46BA64B}, In Quarantäne, 313, 910813, , , , , ,
Trojan.DownloadProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AllJoyn-RouterdienstRAS-MedientreiberBrowser, In Quarantäne, 313, 910814, , , , , ,
Trojan.DownloadProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0CA853B6-19A2-4B44-8389-F16BD88C2227}, In Quarantäne, 313, 910814, , , , , ,
Trojan.DownloadProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\BOOT\{0CA853B6-19A2-4B44-8389-F16BD88C2227}, In Quarantäne, 313, 910814, , , , , ,
Registrierungswert: 4
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{63289A21-D8E6-4D3B-BDFE-3396CC549426}, In Quarantäne, 6730, 237883, , , , , ,
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{63289A21-D8E6-4D3B-BDFE-3396CC549426}, In Quarantäne, 6730, 237883, 1.0.50863, , ame, , ,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, 6672, 252393, 1.0.50863, , ame, , ,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, 6672, 252393, 1.0.50863, , ame, , ,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 102
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{009CB8E5-4145-4002-8372-581622F94945}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{00F9DDF7-7A83-4226-A48B-5171F531EA51}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{08070296-A023-4DBE-9899-054B3DF48592}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{0809FCFD-A94F-4014-9D9D-53E2F5ACC1A9}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{099F528D-1D6D-48A3-9A3A-CC79AB521426}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{0CB2F073-4D3C-496B-AFAC-6878FCBE4C55}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{0D4CA3C8-9184-4F4E-82AA-D3311305CAF3}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{12AF07D6-3888-4FF1-899A-D426F5B972EE}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{130DD3CF-EF0E-4BA3-A8F0-405353FD3EFE}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{177F18E2-108E-4857-AB91-E9BEF67AF6D4}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1893D95B-8D31-4E7C-9085-7C5E25034E25}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{19301B0F-D651-44CD-9024-7895A4CFBCC2}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{193A9D7F-18E2-45B7-8BFE-1DB477C460FA}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1B422911-1B0A-4C40-917C-976E01C68F56}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1B68048B-D8CA-4227-8F08-5F0C0AE1D551}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{228DC9D9-70B8-4282-8686-3738EEC0F618}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{28C11F2F-41A7-4ADA-AA54-5A3D24FC9F80}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{31FE403C-921E-48F5-9EC0-06A5D3728B10}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{326377F8-CCFC-4E6B-BA3A-99C7C4F210C7}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{32BE70E7-8122-448C-8DCE-106282DD6560}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{35317A64-1AEB-4727-A541-7426B1AF0D11}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{372E6FC2-6C9F-403C-AA91-3D804D46D14F}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{37BFD426-79A1-4C88-B88F-0A8603D7332D}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{38B72741-1814-4D78-8775-2BADE1184F31}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{39AB0F4B-623F-4155-AA12-C25A8D386B65}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3B3A55FD-252B-4864-8B40-B6F5AFB0DDE1}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3C595FCF-5F29-4464-B2F4-E4A5B3683B9E}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3F95DC9F-8F40-463B-A1E5-AAB357479BA0}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{41B2A1FD-D4F0-4BFC-BFEB-275E2ABA7657}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{455EDD94-380E-40CE-BD1C-E018EA034302}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4591E1C5-1967-41F4-92E2-4C58FABFA608}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{488235F0-A797-46BD-AB04-2C3A193E4E60}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{48F9B301-D5F0-426F-B555-86BE4D5BD17A}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4E940F88-7336-4805-83D8-50D9D42EE24C}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{514933A0-E1C0-4604-A22F-D5FAFEF6E5C6}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{55BE7806-7C8D-4A43-99E6-4CA524E23D8C}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{565A26DD-B656-4622-AACF-553BFDA54F0C}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{57D2FC5A-0062-465E-AD28-CF5787FF80E7}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{5A005371-4B4C-4961-B553-286B9B2627A3}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{5F32F3A2-DC50-491F-9D79-11D8927F78DD}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{601D6C44-74AA-4C38-B0CA-FBE33A8DA3C1}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{613195E3-418C-4273-BEF3-90D74CE3C5EF}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{61CD0A8A-5C80-4F5A-966E-CDCB93ED9493}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{61E8FF7A-9185-4F8B-8C1A-370C11582265}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{689FFCA5-0FAD-471F-805B-A168F4647846}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{69CAA823-8F1E-4FC9-BD1D-CD840E51C29B}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6BAEFB4A-DE1B-4792-B92D-D0FAB35661D4}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6C98AA45-BA0B-4E09-93FF-FBBD9C3F83C1}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6DD7CCB9-ECA8-4448-92E2-99ED94C719BA}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{715819FD-8A71-4DC2-861F-7BCCB7C960E5}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{73820162-2EDD-4CB9-A526-D856011B6905}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{748B517D-89E9-45B5-8072-A68B87E26C9E}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{77835D11-E41C-46E9-A15D-FBFFDDAA4022}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7995E498-AC64-4B46-9EF0-4B16BA5571C8}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{79FC4DA9-6C3F-42D2-BF82-893675338D8E}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7BE38F3F-7BD0-46EE-ACC9-1B93585DC413}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7E47DDB1-C27C-4D5D-8B4A-836B80B6B6CA}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7FBA0897-3CC2-490C-B742-5532747B6013}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{835D5725-B0DE-4208-83DC-0057B2646DDC}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{885A45BE-3977-4FD5-99EA-0121FFD259C9}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{92CEAE55-5211-45C7-8B21-2F87C72C51AE}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{931FE615-B672-4AB2-94FB-5AD11BEA86E6}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{99094754-8360-4818-9A64-1CB097B89342}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9990D28C-FFDC-4B9E-9553-B07436F2C0D6}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9E92BDFF-F3B2-4E55-AE3D-623380791122}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9FE043B8-8ADE-4EB2-8B64-C0FBAEA1582B}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A064DD32-3281-4C8B-86DE-2908DAFDDE07}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A3CA5039-8B4B-41DF-8DD6-8FD5B6A414A1}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A49A39D1-EA03-4F1F-B94C-7422AF5A3C33}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A69841DE-5708-406D-8C23-83624F3E7943}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A9678741-EAB9-4AB6-9D3D-057995042149}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AB0D5F41-3847-496B-832B-A3617E5D861A}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AD612602-8352-4D22-8D1F-05CB3D00DD35}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AF19984C-16ED-49F4-97BB-B97944E56AAB}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B96BD67B-D40D-4973-A54B-C89E80514D72}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BAA9BFA8-7E28-412D-BE6B-6C752765D6C5}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BC6EE315-FD53-42C0-B305-5817CDB73ECC}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BCABCEAB-2908-489D-99C6-9D975B38F08A}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BF424FA0-B9F3-4D50-A7D8-A1FCA2107CEF}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C4828DBE-9BEE-4C59-AFD5-B53B02DF9E49}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C762885E-4115-40CB-9857-0E965308982B}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CAB50867-12B7-4F49-9783-475CD8A4254B}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CBA27754-22D7-4C35-82E7-110E8F825582}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D2FEE591-18EF-4DE5-B67F-A1AD56E84BE5}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\INSTALLER\{5089B123-334F-4C60-81D3-33719AAF3950}, In Quarantäne, 5871, 255640, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DBA5881B-B723-415F-AC40-CA87828CD247}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E3E0E7CE-6C19-4B8C-9FD8-FA18939EC8EE}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EB056787-677F-4B20-90E0-36EC111130D8}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EB4C5118-4E16-42A2-8F35-8EAB7FD44BC8}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EC88C111-2A4C-409B-8B5C-AA0BC81DAB01}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EDA85639-0A7C-4BE9-8298-B27528CBEA4C}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EF0A5FB4-9809-4BDD-91CA-4BF9AD2C1369}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F0A11709-C310-415A-9077-68894F3C0136}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F33B52B0-9E97-436D-A159-8E62F649FCB3}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F74869B8-37D9-4095-9F21-B279F05A13E0}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F9201396-82E2-4254-AAC7-754E32552A69}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FB222E2C-B73C-4265-8DAA-F2B8014A5D42}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FC36553E-FBC0-4FB6-AC41-B88497CCE709}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FE07BDF7-69B7-4A07-848E-E1537B20F5A3}, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ,
Trojan.DownloadProtect, C:\PROGRAMDATA\PACKAGE CACHE\{683CF574-7D2D-4EE8-9246-36E1E470A210}, In Quarantäne, 313, 910813, 1.0.50863, , ame, , ,
Trojan.DownloadProtect, C:\WINDOWS\INSTALLER\{6BABD02D-96CC-4EDE-9A44-828246CCD6DE}, In Quarantäne, 313, 910814, 1.0.50863, , ame, , ,
Trojan.DownloadProtect, C:\WINDOWS\INSTALLER\{AA227579-7A44-441B-AEEC-0FD4C021383A}, In Quarantäne, 313, 910814, 1.0.50863, , ame, , ,
Datei: 209
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{009CB8E5-4145-4002-8372-581622F94945}\xgoimiobgfbambofmkijheifdlfigacpoml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 3727F640572AF5BBD8C10A2BAE3BD091, 2359BE93DB511B149496D104D6FEAB216F97E21E237FF56139F4152B84E3B733
PUP.Optional.DownloadProtect, C:\Windows\Installer\{009CB8E5-4145-4002-8372-581622F94945}\cgoimiobgfbambofmkijheifdlfigacporx, In Quarantäne, 54, 237879, , , , , 67292EE7603B7DC83308B503DAD76E08, 029AA1CD67CD4D3A3BB32CD489DF69E6FD52490E52A7BC0C012AC0285F6B48CD
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{00F9DDF7-7A83-4226-A48B-5171F531EA51}\xmchmncnadgpkpplbfgepacncpjffdmkoml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , FDB7C1E9CD6E2205B19BF6CCEE1BCD0C, 50FADE982F9F3799BB2E1AD8FB2DABA4C2952E1901A7D247B75D79BE34C15053
PUP.Optional.DownloadProtect, C:\Windows\Installer\{00F9DDF7-7A83-4226-A48B-5171F531EA51}\cmchmncnadgpkpplbfgepacncpjffdmkorx, In Quarantäne, 54, 237879, , , , , 24644A8D5CAF4BB085C59072E840B7D7, 98FE8196999124DD87753C10EA42030D2B22126618AC6061C6CEB14F96D67C98
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{08070296-A023-4DBE-9899-054B3DF48592}\xkjjlfffnbkangadbmhpmaifgenggcgedml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , D0DC30B0841FCD36AE9DB6B74C78606C, 9A3E590311F2B251F4A3CC7679B73B1BEF99F1602968436947641995911A5256
PUP.Optional.DownloadProtect, C:\Windows\Installer\{08070296-A023-4DBE-9899-054B3DF48592}\ckjjlfffnbkangadbmhpmaifgenggcgedrx, In Quarantäne, 54, 237879, , , , , 0A94E5A39A9481C2E08F4FC2CEB3D3B8, 9605355316F51169E5CC7F5E09591B1A4D3D95BEDE641CD2E2DB98325083E968
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{0809FCFD-A94F-4014-9D9D-53E2F5ACC1A9}\xdjgpcbmkfaghgigkedolkgigaengbohfml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , E015A9331C4AF8D0E57A0B3F00E3409D, 0BECBFB68E4FC6545F9EA78CCBFB5B8080844F907430CA3B0CB8DB23B88CB7BE
PUP.Optional.DownloadProtect, C:\Windows\Installer\{0809FCFD-A94F-4014-9D9D-53E2F5ACC1A9}\cdjgpcbmkfaghgigkedolkgigaengbohfrx, In Quarantäne, 54, 237879, , , , , 8FEF35837CBFCDD00EE07C554ECD6645, EBD99F93F5414E6E6B6E5247F4571586D2672755C9B63C3157E4CCAC1B0AB863
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{099F528D-1D6D-48A3-9A3A-CC79AB521426}\xlhhhlchnbdmadaikklfdjpkijjnadnpgml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , D90AFC8088D62993BB35C5BC09EE2511, DF574DD902746D3BCC51D24C8AE95AFEEED8B67C015E76B17A8100FD2490B4DD
PUP.Optional.DownloadProtect, C:\Windows\Installer\{099F528D-1D6D-48A3-9A3A-CC79AB521426}\clhhhlchnbdmadaikklfdjpkijjnadnpgrx, In Quarantäne, 54, 237879, , , , , CF033E5F7E192C0B981ACE543D979D7E, 6E5DFC1C4D508A7E4C4BE87F51BBEE931EC4E04636D03229750BF2B272072B06
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{0CB2F073-4D3C-496B-AFAC-6878FCBE4C55}\xalcgljmdejmlojholfgglopanfbeghciml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 40EBED88C01BEB2C9F97E55BE44A29D6, 49FC667B611FC861E34B7614B4027C8B5C14C4C4979ADA4DFD9C0F68BBEE710A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{0CB2F073-4D3C-496B-AFAC-6878FCBE4C55}\calcgljmdejmlojholfgglopanfbeghcirx, In Quarantäne, 54, 237879, , , , , 47B28638814893BA5187EF2EEB1BA5DC, B0B6283AEE480EB524B122BF40D4810EC7ED2B03207419E4993D8620D0E53CB3
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{0D4CA3C8-9184-4F4E-82AA-D3311305CAF3}\xbapbjhbieheegddjcdjhnabjpannpeclml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 3BB9E3A9E631749B9355A24E55F6C6C4, 45F568DE51C13E4AD566C5C97FA91F0B98C655D4D93D39AACDE330C1A14F48BA
PUP.Optional.DownloadProtect, C:\Windows\Installer\{0D4CA3C8-9184-4F4E-82AA-D3311305CAF3}\cbapbjhbieheegddjcdjhnabjpannpeclrx, In Quarantäne, 54, 237879, , , , , 2DABF959F74B9196BA5EFF65F8D3A574, 9D8392EB9F86B2B9CAAD5AFB12BFFD5F915B7C751765E70B72936FDDFA3359CD
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{12AF07D6-3888-4FF1-899A-D426F5B972EE}\xokfaabkabphkhbeipdjglbbfejphjkfaml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , A831757C4DD09830C89AE6061EA4035B, C3DAA098A1EB622451CC07D07FD47F40C68EADB293152F26F9599E31619FADE7
PUP.Optional.DownloadProtect, C:\Windows\Installer\{12AF07D6-3888-4FF1-899A-D426F5B972EE}\cokfaabkabphkhbeipdjglbbfejphjkfarx, In Quarantäne, 54, 237879, , , , , 0A119D2B38BCD60C028A7650D8399E3D, 7F7E52F784229A97C8ED506F6B9C45188C0C4896394EC8947F3947B306CA7802
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{130DD3CF-EF0E-4BA3-A8F0-405353FD3EFE}\xapgmblfjmhphcoekjgnampfbpodnpmkhml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 3D4A016A91E1E13C697D094B15862C02, BED6C24AF922CFF6F1203978AD74AD9FD14E038DE7D251816DEBD2EF90B6C75C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{130DD3CF-EF0E-4BA3-A8F0-405353FD3EFE}\capgmblfjmhphcoekjgnampfbpodnpmkhrx, In Quarantäne, 54, 237879, , , , , C5E561AAE12B1440491FF7F97C490914, AA8DAD4C93B1D7B7C05E229B14913127BA2E3A5656CB9190C4D9B14680418BCD
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{177F18E2-108E-4857-AB91-E9BEF67AF6D4}\xolaajbmjfddhhfgacjffkhnjlicpgamiml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 983BC87506D640CA4B652C58B7F22AD5, 014D3A0507C4CAEC5324DAE23948AB5F63EC72EACE6A2C936D5216918650C8AC
PUP.Optional.DownloadProtect, C:\Windows\Installer\{177F18E2-108E-4857-AB91-E9BEF67AF6D4}\colaajbmjfddhhfgacjffkhnjlicpgamirx, In Quarantäne, 54, 237879, , , , , BD1477FB17831F9998785DDD9BAED680, 92EE52012559E01AB93A42DF422285A2FA238C30D50E267F8FFB0CB371472874
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1893D95B-8D31-4E7C-9085-7C5E25034E25}\xjihneeiplfkninnaicmkmiceogmidpkdml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , CDD032DFAB3EC1FC5E5E096F6D3ADC58, B9368169428A0CCF2E9216B37F205037BCA5893F94120001330B18A9935EF248
PUP.Optional.DownloadProtect, C:\Windows\Installer\{1893D95B-8D31-4E7C-9085-7C5E25034E25}\cjihneeiplfkninnaicmkmiceogmidpkdrx, In Quarantäne, 54, 237879, , , , , 2CB45C26CDACF1230B7BE21BD7FE76A6, 66368441D3DCE222F865D62D4E3A3B56226E91F8E4D3A0F4134AB074095F6D35
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{19301B0F-D651-44CD-9024-7895A4CFBCC2}\xobfkojhfkieengbonjphdedegocgkdojml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , C4BC22A9CFD4B7BE00636E03CF81FCE7, A898FAA93E68F3ADB96FF99021DF294699E311EE32DEE36C3714533B0FE82E47
PUP.Optional.DownloadProtect, C:\Windows\Installer\{19301B0F-D651-44CD-9024-7895A4CFBCC2}\cobfkojhfkieengbonjphdedegocgkdojrx, In Quarantäne, 54, 237879, , , , , 28355458F77765DE8D0C3A867F27CA03, 19566A6E22145BD8696C393E9545F2E6C0D4185C4BA20D4D2D03F8A7D00E5BED
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{193A9D7F-18E2-45B7-8BFE-1DB477C460FA}\xjkegdidemllkfidkpnoagakccoifcgfnml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 545A6ACAD4546CA8E8342508E9CEC63A, BF7B5EF22A079AC9C972986ADE72D4DF7C5D437FB0C50FE058FB9A12CA3A1F1C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{193A9D7F-18E2-45B7-8BFE-1DB477C460FA}\cjkegdidemllkfidkpnoagakccoifcgfnrx, In Quarantäne, 54, 237879, , , , , 1F86EAFCE27E398F1ABDA61E4D133A54, 23B06DE202122D28CE8994F6AC0CA63A77355A2C781DBCF970303444C970D73F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1B422911-1B0A-4C40-917C-976E01C68F56}\xmbhigbdfdkcnolbgcdbelkalmhgllmibml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 6D15BCD6A0675A2A6B11520029DBEA62, 3D01598ABC29945118443BD9E266AD66D5EED6611C591FD6F8A94736F8683EFC
PUP.Optional.DownloadProtect, C:\Windows\Installer\{1B422911-1B0A-4C40-917C-976E01C68F56}\cmbhigbdfdkcnolbgcdbelkalmhgllmibrx, In Quarantäne, 54, 237879, , , , , C51EBE32F71929C40EB8E66410854694, C54394D0CD1A0E9E63329B5C8D7C06ADAA3F2A780038FEA3F02541CC19009A6B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{1B68048B-D8CA-4227-8F08-5F0C0AE1D551}\xhaaajemgjmkeplepbpobfihbnmpofpkgml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 6F314D5EFE100092674BD989AE9BB511, E57BC26F0753993572518315BB0BE3571472000CCEFF81C6EE1790286355961D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{1B68048B-D8CA-4227-8F08-5F0C0AE1D551}\chaaajemgjmkeplepbpobfihbnmpofpkgrx, In Quarantäne, 54, 237879, , , , , EC8F40BD9A101D1EB2D1F7959A909380, 08271BD42053AC0E17F93052E3473F15D946C901B84B5C81C11340482A2E49F2
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{228DC9D9-70B8-4282-8686-3738EEC0F618}\xmfcpoofgichadjhokgggebphioaonijoml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 5E5621A298E864BBF9E3668E1034EAB1, 3A4881019B5D806BE9D76679EE7F6F32D546384556F5A1AABE0C7BD779976188
PUP.Optional.DownloadProtect, C:\Windows\Installer\{228DC9D9-70B8-4282-8686-3738EEC0F618}\cmfcpoofgichadjhokgggebphioaonijorx, In Quarantäne, 54, 237879, , , , , 8D44A5B80A5D70B3F18F38CD0BD0D65F, 39931D315F2CA2C611E3D27CFA349A0E6D69E79F89F521F59E3334C95E6220A8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{28C11F2F-41A7-4ADA-AA54-5A3D24FC9F80}\xlbbnmmnmhfokdagiceodgfmibiaddaljml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 9D43B5939A492E4BF31935D72D8408F3, CDC61131F06EA33F677C434E01E18296C89DAF5B192477AECFB642A47688C1D0
PUP.Optional.DownloadProtect, C:\Windows\Installer\{28C11F2F-41A7-4ADA-AA54-5A3D24FC9F80}\clbbnmmnmhfokdagiceodgfmibiaddaljrx, In Quarantäne, 54, 237879, , , , , 6891CBD252EE29772F96B147DCE8D59C, 026D1FF0582DB2A7AB2DE5F5D0E02A9B31885824693E8B706CA1AD7DBC4E20C6
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{31FE403C-921E-48F5-9EC0-06A5D3728B10}\xndondedonliocjiffginffkfgfagnojbml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , FAC07E0EAAF65AF89BD3D2BB707E0763, F789E5D8143802C78C547E67C2FA6EC8071952ACA9A9C34B1E73A618CDAE6043
PUP.Optional.DownloadProtect, C:\Windows\Installer\{31FE403C-921E-48F5-9EC0-06A5D3728B10}\cndondedonliocjiffginffkfgfagnojbrx, In Quarantäne, 54, 237879, , , , , E8500B2640D43F4970FD8611AF8AEF76, EB2A319B6B1DD90188274179668E135607812B404DA2A166C19D840A48CC1238
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{326377F8-CCFC-4E6B-BA3A-99C7C4F210C7}\xnlfjfkpkdnmhcpghheipdbhbckijmcgeml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , FAB172E08A5A6FED472364D442580B96, 1A6B011095F97D43D0A1BF1ACD28B7CEF3E03FC8D9E6B1A595CE6129F5DEF70C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{326377F8-CCFC-4E6B-BA3A-99C7C4F210C7}\cnlfjfkpkdnmhcpghheipdbhbckijmcgerx, In Quarantäne, 54, 237879, , , , , 690232EB2546298EA8DFBDBE01BECA41, B5F22EA156A58725518ACFA79BED6EEEEE132CE1E819A53D6CDE1726CE4480BC
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{32BE70E7-8122-448C-8DCE-106282DD6560}\xkkplaibhjcdldimnegeojpieglannaajml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , FFA36A2C3DF30A493450B6FB5D7A1C6A, D55F36CF445C860D1BD239D80BA7B84B9751D324861D4970CE856C280C31FB1D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{32BE70E7-8122-448C-8DCE-106282DD6560}\ckkplaibhjcdldimnegeojpieglannaajrx, In Quarantäne, 54, 237879, , , , , 08F0DE78BE9D9348F27827999F014348, 4A1F9FE24155A3788C79DCC6CEFCD159CA507E726C5C0C5156146FA73F777846
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{35317A64-1AEB-4727-A541-7426B1AF0D11}\xhknibldihdbhdkdejahoocnnncjeloboml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , FA5168876669A213B05BA83D0C672BD2, 5A71870C75C1092333ECE2A0BDCD1BAC6E47161F2DBE8E11E9D2C50EB2220B86
PUP.Optional.DownloadProtect, C:\Windows\Installer\{35317A64-1AEB-4727-A541-7426B1AF0D11}\chknibldihdbhdkdejahoocnnncjeloborx, In Quarantäne, 54, 237879, , , , , 39C6D0A0344342C3B7C5927AF978670D, 5B0268283A27A5A505B4D9389A5095A7E4A524544FC1514C23C4D96D0A2B8D1D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{372E6FC2-6C9F-403C-AA91-3D804D46D14F}\xhgklddongkjaphoejpiincjnhmkjcmmaml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , B0C7E5754D39A2051A4F87D6684EE376, D833A7B8F3D2A9BBE27C1E9DACB7266356C6386C97C0F7C309AF59E8019021DD
PUP.Optional.DownloadProtect, C:\Windows\Installer\{372E6FC2-6C9F-403C-AA91-3D804D46D14F}\chgklddongkjaphoejpiincjnhmkjcmmarx, In Quarantäne, 54, 237879, , , , , 3C96F2C8F615CD862161F2A85C74FFFC, F88741688E616995AB8C92A6F8804A69B271AB82386BEE657076F90CB7C9F43C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{37BFD426-79A1-4C88-B88F-0A8603D7332D}\xljaedcgfiojinjnbjcbgpfiodgomnkhmml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 6DC737389EDD2007E3B725D1F494995B, 629B855DB5C52E7B3381E3594EDC61F688FC27C9AC4A7534C249104A181D19F8
PUP.Optional.DownloadProtect, C:\Windows\Installer\{37BFD426-79A1-4C88-B88F-0A8603D7332D}\cljaedcgfiojinjnbjcbgpfiodgomnkhmrx, In Quarantäne, 54, 237879, , , , , B12E2A841378B958667B7ECC45C8B428, D464F095E59D94E3A356336FC1F5E47C44A510F7A97ECD57C2951009F9D9A0A1
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{38B72741-1814-4D78-8775-2BADE1184F31}\xbdjhhlakllkgjnmknopndgbghkdcieneml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 0E9781BC17468A3E3C61805864F8A1A3, AF7D2E17DE3C4BA1179A2B913F29556AB672126CC35E9766D11D2B9FC13C53FA
PUP.Optional.DownloadProtect, C:\Windows\Installer\{38B72741-1814-4D78-8775-2BADE1184F31}\cbdjhhlakllkgjnmknopndgbghkdcienerx, In Quarantäne, 54, 237879, , , , , DD1214FCECDFC3F3906D3CDC27D940EC, E54596EEFCA195B50EA024E261B04C9D4A423DDA4C140E4B9A8690524D33591A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{39AB0F4B-623F-4155-AA12-C25A8D386B65}\xecghjopmmfeefddhbdkkdpocofcmfmbfml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , AFB1222F8B07D6E1E55EEF2263C69026, F54BF6CC3789FCD1FEB0202A10705C8429A018B0CE590539C1F02B9A56D6D2AA
PUP.Optional.DownloadProtect, C:\Windows\Installer\{39AB0F4B-623F-4155-AA12-C25A8D386B65}\cecghjopmmfeefddhbdkkdpocofcmfmbfrx, In Quarantäne, 54, 237879, , , , , EE7FD5C961A0691930AF57AF9DDD4DE9, 1B8748BB3ACEDF7E6507622558F2FFB9F958BE4707716AFEA861D7855E4EE15B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3B3A55FD-252B-4864-8B40-B6F5AFB0DDE1}\xmlgeepldlonolgldccapddljbkggkbpiml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 609A180C980E8CC745F424F80E5471B0, 78F62D38DFBEA3F3EF4B6DC377459B2B994AA1647256F66CDAA1E479B620CF85
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3B3A55FD-252B-4864-8B40-B6F5AFB0DDE1}\cmlgeepldlonolgldccapddljbkggkbpirx, In Quarantäne, 54, 237879, , , , , BA273851B12013396937CAD0F6CA0D54, B3DC6910A2ECE94C8E90E872B06FDAED93A1A3E827C4F68545D483AEEC69034C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3C595FCF-5F29-4464-B2F4-E4A5B3683B9E}\xgbocccpcgcdbjopjehopohbpikhpijcmml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 30E312077523DB09F731C20951226C9A, 788B6A5C4759272E1EA2EAC8541AC6B8638B8A3C347DF29C9301D41C781A3944
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3C595FCF-5F29-4464-B2F4-E4A5B3683B9E}\cgbocccpcgcdbjopjehopohbpikhpijcmrx, In Quarantäne, 54, 237879, , , , , 83C2D30F3609D89253B0DD239F573A87, 3270E65760D48AF6D55EC1EC74E2AA61D3746AB7B089F693D2FC5535749989D4
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3F95DC9F-8F40-463B-A1E5-AAB357479BA0}\xkiomdcbpfijnlbncjeenokfeibgjiomcml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 2C292A4E1E0AA18467DDFD0585A0C38A, BADBFB6E806DDF2DF84CC620CAEB4A99CFF4E1C8B931FA7F92F523F9E1A5C4AA
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3F95DC9F-8F40-463B-A1E5-AAB357479BA0}\ckiomdcbpfijnlbncjeenokfeibgjiomcrx, In Quarantäne, 54, 237879, , , , , 19F16FD7D203542DC409B15BB20EC87E, E7A7EDC1D8B93B632A57C9785D24F01C13B7953E2ACA1F25E7FD53C655B12A4A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{41B2A1FD-D4F0-4BFC-BFEB-275E2ABA7657}\xbfecgbdkedbijddlkdmjclkljhhnffffml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 85E8317A83874B9AA9C56B5E60982C88, 8070D12B717EE5077FD8FCBC7DD261EDE42C6D7DA5FE5AA98366E48F079770B7
PUP.Optional.DownloadProtect, C:\Windows\Installer\{41B2A1FD-D4F0-4BFC-BFEB-275E2ABA7657}\cbfecgbdkedbijddlkdmjclkljhhnffffrx, In Quarantäne, 54, 237879, , , , , 8AD373CF6ECCCED6256B7BD15515A6D8, 6DAC3FBE82C29028CF7C2C2DD3607BBA5B8EAB87CFD0BB9F53ED9E8CF321EA51
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{455EDD94-380E-40CE-BD1C-E018EA034302}\xkjjhkeoplaibihklbimcdhdgkmfnhfmpml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , B6F3FAEFD9572C8F2441868CE67A8EAC, CCB3CCCF53EDCA0A3773A6F5DF7C9142336B50217DD2D6FB6D38A34198544247
PUP.Optional.DownloadProtect, C:\Windows\Installer\{455EDD94-380E-40CE-BD1C-E018EA034302}\ckjjhkeoplaibihklbimcdhdgkmfnhfmprx, In Quarantäne, 54, 237879, , , , , 9647470E8A7C05EFAA23C8AF3DF1E1CB, FAB60E2840846602819C057017F3D01593E612AEB4ED2DF6D7FA9D211FAF4804
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4591E1C5-1967-41F4-92E2-4C58FABFA608}\xbhohmkminmbefndmoimjgdnlpokooghjml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 516580A5AEBE662F5CA69E5B80263E37, C270F436986F82627EC5D7CEAAB9518DDB4EF6843287E5263B693C9F8D95C617
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4591E1C5-1967-41F4-92E2-4C58FABFA608}\cbhohmkminmbefndmoimjgdnlpokooghjrx, In Quarantäne, 54, 237879, , , , , 04C76B732FDCF24C1CA5CE5C691A92BF, D620FA125125E6FCF3E8A5E58CB53C3674383E0AA47D340E6649EA07B81B6500
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{488235F0-A797-46BD-AB04-2C3A193E4E60}\xedfncmlkgddjhjoaahjjcabhockokndlml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , F0054BF5F46A8D8961FB40C4CDD42BAE, 550EBE9C744FAB033F4887522C0B38406BB4A20032CB9E8070C3513F8D400B09
PUP.Optional.DownloadProtect, C:\Windows\Installer\{488235F0-A797-46BD-AB04-2C3A193E4E60}\cedfncmlkgddjhjoaahjjcabhockokndlrx, In Quarantäne, 54, 237879, , , , , 004A3ACBE35613C76A46A7C8F6E3AFF1, 6533369E1F03DFAE8F3D6899A44EE2E2D86420391860C03EAF315828496B637E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{48F9B301-D5F0-426F-B555-86BE4D5BD17A}\xliibjbblihlgpmgimbdegeamafoceecfml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , B71A8371C20A5358A6190331B915E286, 7F0515469D67B692954D8F09B3E6ECEAA58E2B0056A4599F579E8025340DD76E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{48F9B301-D5F0-426F-B555-86BE4D5BD17A}\cliibjbblihlgpmgimbdegeamafoceecfrx, In Quarantäne, 54, 237879, , , , , E97065037905EF672CFCF148372DCA98, 069EF6807822B85F1C705CF7F7DDA3E297A68FB6AA0090EA4B8C2CD8A4BBDEE4
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4E940F88-7336-4805-83D8-50D9D42EE24C}\xnnfikemiijkfpalgehcednhbhpicgmeeml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 02B508B0115E40CE848A30C0C8D787F1, 0EFD33D76857E393F7FFA42A3FC350A2EE28C387B9BB3A017482559831E791D2
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E940F88-7336-4805-83D8-50D9D42EE24C}\cnnfikemiijkfpalgehcednhbhpicgmeerx, In Quarantäne, 54, 237879, , , , , 082859781720061E52B07FA50FD9C998, D40C1194B425E3473791720AA9700965179A435B92967A973E0A51D851268E3F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{514933A0-E1C0-4604-A22F-D5FAFEF6E5C6}\xaleokbhopnlldngddhmdabaekpipifogml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , B3BE2FA994055B4EE7D7D96386F4750A, E8856E545715F4727CB720AD072A812FA419977A7ACE594CF28100910513743F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{514933A0-E1C0-4604-A22F-D5FAFEF6E5C6}\caleokbhopnlldngddhmdabaekpipifogrx, In Quarantäne, 54, 237879, , , , , 6611479F4C1A65319FAC1E929B4E3294, 410F57107E2A979CEC62AB1C07EC00F904F8A8536DE62C94188D226B5281B308
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{55BE7806-7C8D-4A43-99E6-4CA524E23D8C}\xmhahhiignnmlhgkmkpbgkonmdnjbnchbml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 45408D73E122EFDF6947144E22539484, 013D3C2D2CD0A640C3D2D0660F50D8FE795A5A484B23DD01E5D6CD523D7B7A74
PUP.Optional.DownloadProtect, C:\Windows\Installer\{55BE7806-7C8D-4A43-99E6-4CA524E23D8C}\cmhahhiignnmlhgkmkpbgkonmdnjbnchbrx, In Quarantäne, 54, 237879, , , , , FC567889FC4FEE9AF3B02C817D8EAEA7, 5B5BF39A1809AEFBEAC83B7F209CE06CA67DF08F08F9F8097F193A82BF8D6B03
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{565A26DD-B656-4622-AACF-553BFDA54F0C}\xoneidkibclnebhafckcmmgeakkkomdfiml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 60D629C9D8E44FA657CEDBC6439AF989, 43B04741191C85EF7BC6B2991E138090410A52439C7CE6A92D6A6D3A38E702D2
PUP.Optional.DownloadProtect, C:\Windows\Installer\{565A26DD-B656-4622-AACF-553BFDA54F0C}\coneidkibclnebhafckcmmgeakkkomdfirx, In Quarantäne, 54, 237879, , , , , 9D2978309F676F576E635EBEE1CE3061, 929445AC520DDCAAC1A6BD5DE0E1B14BAA06546509CF6BCC022C13F4F3955B7C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{57D2FC5A-0062-465E-AD28-CF5787FF80E7}\xnfegaanheajjomgnecgfobcdadpnpdpcml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 6234B09F4F455ED2305731DA0C176079, B472FBA01B9318D150F72643F1F2E69278F9D40294AFAF24365C1FFF47753099
PUP.Optional.DownloadProtect, C:\Windows\Installer\{57D2FC5A-0062-465E-AD28-CF5787FF80E7}\cnfegaanheajjomgnecgfobcdadpnpdpcrx, In Quarantäne, 54, 237879, , , , , AE96E451E0447CCE3A39BB601A519018, 58157F398E9568B899CA5D83A58D4E5DED7580E733111AFB5B6250F3251CEF8B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{5A005371-4B4C-4961-B553-286B9B2627A3}\xagdemmbdkpodcnjlbgbleeboadgebagbml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , F6A1999478B344F9CE8FAFA635D1D21E, 31616FEC47AD5BA16FA8B4B6C0B56E803C6867E18C27BCB9433F0EBD5BF08ACC
PUP.Optional.DownloadProtect, C:\Windows\Installer\{5A005371-4B4C-4961-B553-286B9B2627A3}\cagdemmbdkpodcnjlbgbleeboadgebagbrx, In Quarantäne, 54, 237879, , , , , 8563C3D6ECADC0C4D9D0D630BBBB317A, 794C4DA4D34066A8917A6FD80D8BD69B25A3940A330510E3B0B42214E8FA1D84
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{5F32F3A2-DC50-491F-9D79-11D8927F78DD}\xenbmlncipeaeieohmangbnngdjdbdkedml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 147E742F0D880B145599D6F070A79605, 452FEA8FF981136891C99E3826336A2DEE611121C2918968535008F5618EE5F4
PUP.Optional.DownloadProtect, C:\Windows\Installer\{5F32F3A2-DC50-491F-9D79-11D8927F78DD}\cenbmlncipeaeieohmangbnngdjdbdkedrx, In Quarantäne, 54, 237879, , , , , 42843E6596E843FE485F996E2FB06933, BB1CB1FEF16AB19167C5DC2A60F91203A6132BA32C98260A2B892E093ECABE7E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{601D6C44-74AA-4C38-B0CA-FBE33A8DA3C1}\xohmlgcgfanijbpafiklbdlidacflfkkmml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 21BA0BE728CC1515C287110045F313E5, 89B731249969B984D1EE93A8D27B9FC0D45E17FA60725521E35BF61FD57DD53D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{601D6C44-74AA-4C38-B0CA-FBE33A8DA3C1}\cohmlgcgfanijbpafiklbdlidacflfkkmrx, In Quarantäne, 54, 237879, , , , , 485CB4CCD121A4FDEF779289A4728381, D1E2AF14290290DCE7A8D542FAAFCF6862DB38E4BF62D8DB790D1BE1CFEA353C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{613195E3-418C-4273-BEF3-90D74CE3C5EF}\xmoiaoaaibhahkjifbdoeonflahgjbcnbml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 0D2BB9FB1F5E92822C07C276A7F16517, 42FF1944FB940E52E6025DEABF52F31CFAD52966669B73375149A022B7EBFFCE
PUP.Optional.DownloadProtect, C:\Windows\Installer\{613195E3-418C-4273-BEF3-90D74CE3C5EF}\cmoiaoaaibhahkjifbdoeonflahgjbcnbrx, In Quarantäne, 54, 237879, , , , , E6B87CC7693ED8126F29578FA8E727F9, C842BFB236F7BFC7AA44EE2FC5A214FA252D647306A6F10DEE93F4851C118578
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{61CD0A8A-5C80-4F5A-966E-CDCB93ED9493}\xjphapepdhahengaiiabpfhengbbgieacml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 0468B81815C9E7346D29F6E2948F0F09, 28F2B1195B0D791827C7FB2B1B6E7238DA50FE346E7CB837DF50FF7EC0BD0077
PUP.Optional.DownloadProtect, C:\Windows\Installer\{61CD0A8A-5C80-4F5A-966E-CDCB93ED9493}\cjphapepdhahengaiiabpfhengbbgieacrx, In Quarantäne, 54, 237879, , , , , 38B0388E8C624E0D01F16EC363F88743, C23D1F22848E335E68FFC5306A106C1B8130850C4052D870234817A4B6EEE33F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{61E8FF7A-9185-4F8B-8C1A-370C11582265}\xnbfimehnhlnljmmekpcgimokhhalhdofml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , BBC67F3AB408D3649C63E4012157B38B, F3DB7F46E0D8861A647A6975EA57B713F00D2BD5E94B67CE1AB415038AE29699
PUP.Optional.DownloadProtect, C:\Windows\Installer\{61E8FF7A-9185-4F8B-8C1A-370C11582265}\cnbfimehnhlnljmmekpcgimokhhalhdofrx, In Quarantäne, 54, 237879, , , , , 872723047FD4C147837502B9EFA22506, 84F4C4943C960FA61C9E03413404DCA6A03CDBA3CB70E74EEC3F3DD324CEB71D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{689FFCA5-0FAD-471F-805B-A168F4647846}\xajdjpfdphmgohipgjjjlokkkilmddddgml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 402C288249927CE12E005AD4D0702005, B794C40AD023AE175C9041954DC4A9C85B91FD95A4C009F8F1B05F50ACCA3DCF
PUP.Optional.DownloadProtect, C:\Windows\Installer\{689FFCA5-0FAD-471F-805B-A168F4647846}\cajdjpfdphmgohipgjjjlokkkilmddddgrx, In Quarantäne, 54, 237879, , , , , F68B698C55CA2DC803408D5A1890F611, D83A7CC5D99FC234A8B7927A7F017D654008606F4B5923686B4646EFF9934750
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{69CAA823-8F1E-4FC9-BD1D-CD840E51C29B}\xfngbkjoodaochonomefgbkgmkdbakbcfml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 9AB7D05565F9F7E15D0D4FCD0DB4E770, 135F0B51EF5452B39ACA7CDE8E235B134ACD4CC2531160E02129576F7F372E13
PUP.Optional.DownloadProtect, C:\Windows\Installer\{69CAA823-8F1E-4FC9-BD1D-CD840E51C29B}\cfngbkjoodaochonomefgbkgmkdbakbcfrx, In Quarantäne, 54, 237879, , , , , 79859CE89FB55E65625862AF10E0CADF, 8051ECA4BAC7095758F2CA7827AAC94BDFC23955A2A1F8323EC116C048E20790
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6BAEFB4A-DE1B-4792-B92D-D0FAB35661D4}\xjghhfdmjhmbccdgbpbanafagbajeinfdml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , D3FF3B4A23633C502C2C59CE8771BA4C, E196D0D5AD6EBADB19D5967671EE31AFE255E46D24429B38ABC7450C06815BED
PUP.Optional.DownloadProtect, C:\Windows\Installer\{6BAEFB4A-DE1B-4792-B92D-D0FAB35661D4}\cjghhfdmjhmbccdgbpbanafagbajeinfdrx, In Quarantäne, 54, 237879, , , , , BF6E7586F81AA20CB491FC13D4474CF4, 27ED0D4C5923CD2511C73C6FB371F1847F33DCC678B5314EFC1E414D7FB3D9B0
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6C98AA45-BA0B-4E09-93FF-FBBD9C3F83C1}\xlnfkilephbimfdkdlidclipgohhaefdjml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 635591D38BB3603EF42E2EECD60A0579, 5C3A87D514F5F96A1CE3D989C483990E317098CACB7FE88392E0DE0D79D2F52C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{6C98AA45-BA0B-4E09-93FF-FBBD9C3F83C1}\clnfkilephbimfdkdlidclipgohhaefdjrx, In Quarantäne, 54, 237879, , , , , C402830823DF225DF9B9137C75AD82AE, B4FA06C2ECA7F6E5D217E090C6845E285D698D98F981FD5F30E79246807341DC
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{6DD7CCB9-ECA8-4448-92E2-99ED94C719BA}\xojhiajhlaammmkjphbnbpmdhloionembml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 5D07CF20268495645117D6A60C723678, 356674450018FD31EA2EE2EEE9BBF0A4C03BC10D1CDA6D0E3ED7801CFC023B52
PUP.Optional.DownloadProtect, C:\Windows\Installer\{6DD7CCB9-ECA8-4448-92E2-99ED94C719BA}\cojhiajhlaammmkjphbnbpmdhloionembrx, In Quarantäne, 54, 237879, , , , , 293EE4EB33AC08458A1220AA3E537FDD, 5F469296D2A88FB5ECC99C6AA7DA89A21ADEB5C841875433F7585DF1B97BE424
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{715819FD-8A71-4DC2-861F-7BCCB7C960E5}\xnmphklcjaohobgmbljehhbjkbomlbpffml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 0DD93C1FF6F51FFF5415CB88082472B2, 00E0A6E2CE72EF3C4978C66F69F798B3860E23EBD6C454222F921EB66CFBBFC0
PUP.Optional.DownloadProtect, C:\Windows\Installer\{715819FD-8A71-4DC2-861F-7BCCB7C960E5}\cnmphklcjaohobgmbljehhbjkbomlbpffrx, In Quarantäne, 54, 237879, , , , , 59B204672E13F8578F663491FBF80DE1, 8EDCE1F3AD8CCCE4E2290E82A71C96CC47F501F5BD42E3796305F76D56D035CC
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{73820162-2EDD-4CB9-A526-D856011B6905}\xlbghilnbfbihmgboeejjjlieeklcpfgoml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 7E6F32BBC9C6BCB0277BF5C9FB4A0F91, 41A24DBE1A1A3E5B6116AF1004B28A10919E728FA3D25D78F92E422ECC488DD6
PUP.Optional.DownloadProtect, C:\Windows\Installer\{73820162-2EDD-4CB9-A526-D856011B6905}\clbghilnbfbihmgboeejjjlieeklcpfgorx, In Quarantäne, 54, 237879, , , , , 331F6691C2D7D74EB12709CCCBB4B048, BB8114B4035E439435701E7E69D17C9789EF6318C9A167BCD2A479BCF0A36A6D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{748B517D-89E9-45B5-8072-A68B87E26C9E}\xckjfcnlcmnilkjfkcpopbdjfopagjienml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , D427FB426622FE0793B69B4370BC4BB3, EB8AC8D531FE226342F2D0836D203BEB1054E3B3B2B3A4609076452F0796ED22
PUP.Optional.DownloadProtect, C:\Windows\Installer\{748B517D-89E9-45B5-8072-A68B87E26C9E}\cckjfcnlcmnilkjfkcpopbdjfopagjienrx, In Quarantäne, 54, 237879, , , , , EF81D11F16C4ED7477050846555C080D, F1280EA4CE51CC8C5940B381818A50AD93C5A82A7EB7CF84D99FB3EE0FD79877
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{77835D11-E41C-46E9-A15D-FBFFDDAA4022}\xpoicaokopbogkjddmacgeahgfflnghhbml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 259DE9D9168A45E77AAF8BDD4693B63D, 0B62E31F10D0B2641118D896685BE3C714A41CA3BCD7C81D8A0A61670695DE16
PUP.Optional.DownloadProtect, C:\Windows\Installer\{77835D11-E41C-46E9-A15D-FBFFDDAA4022}\cpoicaokopbogkjddmacgeahgfflnghhbrx, In Quarantäne, 54, 237879, , , , , CA1A1ECDE4A0A366686327C992CA4F46, AEA5BC32D86C81084C0D4FEF902E4A14CEC81E2562190713F95880824E402B60
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7995E498-AC64-4B46-9EF0-4B16BA5571C8}\xjedaklhbaegiiienbinnjpijakflmnfkml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , B016D829A38D7C0B795CE0BFF87F74D3, 0D4E9C04C0A2E7262C7C49EE8588D7EC225981DAAEDA5F469A18908249917154
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7995E498-AC64-4B46-9EF0-4B16BA5571C8}\cjedaklhbaegiiienbinnjpijakflmnfkrx, In Quarantäne, 54, 237879, , , , , 8363DB842A3054FFAD2DF8546D5564F0, 65464250F2453E5DF23E6B045B4DB05F63419C2513BFD4DACFC168F1D866FC84
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{79FC4DA9-6C3F-42D2-BF82-893675338D8E}\xfjiebeaioaeacmihadbojpkhibfbejaiml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 5B41CE3B5C051A7B1FCF6E73135214BC, 86158E383C1C6518E459CB10EF11EFFE75C6644F6FC30F033B583C802D5FAD05
PUP.Optional.DownloadProtect, C:\Windows\Installer\{79FC4DA9-6C3F-42D2-BF82-893675338D8E}\cfjiebeaioaeacmihadbojpkhibfbejairx, In Quarantäne, 54, 237879, , , , , 8A3485FDE70CA93EDAEDA7D52E4F9E34, 3B4B0C456473C7EE05F71930A548597E4375577152A01223566A3238D560CC32
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7BE38F3F-7BD0-46EE-ACC9-1B93585DC413}\xobapjjcpdcdaligempidaehkpogpmklhml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 67F20253A6272AF52F478EB587777B10, 43A23E0E81B4326E29E60224F4B563160C3105F0BA8A89ECDA504057024DBB5D
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7BE38F3F-7BD0-46EE-ACC9-1B93585DC413}\cobapjjcpdcdaligempidaehkpogpmklhrx, In Quarantäne, 54, 237879, , , , , 86207341E515D21EB9A33A3C9DB409B5, 68229A96D78CB4CCE5D1319899877FAD6B83166CE040D57C78C51B84A0984A7B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7E47DDB1-C27C-4D5D-8B4A-836B80B6B6CA}\xnmhejioiiabkphacdnfmdofjjhbbcpooml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 18D10FE1270EEF5E3341CC3BD9C979B7, E44A50A8A873822FE52F44B1E92A6C7D6E35A81A41299153FC93A038E833776A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7E47DDB1-C27C-4D5D-8B4A-836B80B6B6CA}\cnmhejioiiabkphacdnfmdofjjhbbcpoorx, In Quarantäne, 54, 237879, , , , , 2AA15AAE7E9BB7F4A6CA3FF8F6D2A474, 897582FDF0699F6A0DA824AA23E768B6DC16C1601C561BC2A2DCBB94C1328E36
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{7FBA0897-3CC2-490C-B742-5532747B6013}\xldmpihgbdkogdhjgbkfkifbgknojmmmcml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , AA590B425CB712BE29E9C1CCD856145A, 9D71E1674B8AA61FE2D19DD6A9285D4221A98F31621286F76C70C8469A6DC436
PUP.Optional.DownloadProtect, C:\Windows\Installer\{7FBA0897-3CC2-490C-B742-5532747B6013}\cldmpihgbdkogdhjgbkfkifbgknojmmmcrx, In Quarantäne, 54, 237879, , , , , 3EEE85F81ADAFDE54B03DC68C1E50717, 083E8D8A988A8A019A12B5509F828F826CDAD2764B3B847466F2EE6839678F77
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{835D5725-B0DE-4208-83DC-0057B2646DDC}\xopkiibfppcjjlaopjedpbnllkgafnhceml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 2B183DC2969C874D5BD03F71CB9D814C, 9F1CFCF856A50E8223AE78172856D9B5A4943830929296614540E68EDC6AA7B1
PUP.Optional.DownloadProtect, C:\Windows\Installer\{835D5725-B0DE-4208-83DC-0057B2646DDC}\copkiibfppcjjlaopjedpbnllkgafnhcerx, In Quarantäne, 54, 237879, , , , , DD2C9EB0C7A1AA6F95FB3EFAA5D4F131, CD2C14DEB3656719B50D320FAA32C34C090C70D3CF6C544BFC6EF83CCC368E03
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{885A45BE-3977-4FD5-99EA-0121FFD259C9}\xlabnbbnhpojlddldgidhomlgikplabkiml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , DB4F3023D45E1A44524F9D742A9574F5, 9FD75CABFC75679FCD42717A810592D15557C65D2520C1ABC8D19FC5669CB804
PUP.Optional.DownloadProtect, C:\Windows\Installer\{885A45BE-3977-4FD5-99EA-0121FFD259C9}\clabnbbnhpojlddldgidhomlgikplabkirx, In Quarantäne, 54, 237879, , , , , A146B5FDEC1931C2B0B3156F8146E30D, D4DF9D8CCF0B55362AEECC7C39D23D21EE1CA6077DCEDA24DBDA0794C7817CAE
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{92CEAE55-5211-45C7-8B21-2F87C72C51AE}\xggjgnolcaebonhcjejechbjfhjbkmihlml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 23642B9C97205D1E28A4D6B32A849F3A, 6424CFEC7072AAF4232866749D1CEB5D91392264ABAC93AC44D9D72A5DE94487
PUP.Optional.DownloadProtect, C:\Windows\Installer\{92CEAE55-5211-45C7-8B21-2F87C72C51AE}\cggjgnolcaebonhcjejechbjfhjbkmihlrx, In Quarantäne, 54, 237879, , , , , 7649BAEA6A3E848D3B7D3396B3B06815, 5CE307501D71E7881A102CE0A17AEBD64CCF801D932A912397420EDBC0EF1432
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{931FE615-B672-4AB2-94FB-5AD11BEA86E6}\xalomgcbempeilafjolakmfjmmimndiiaml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 70DCCD8ACBB593280A21D3E37C7DD3E9, 3001C8CF975E8F7D8046B3D5B8045DD3CB1FD18BB44BAC8EF8E526A731FC3994
PUP.Optional.DownloadProtect, C:\Windows\Installer\{931FE615-B672-4AB2-94FB-5AD11BEA86E6}\calomgcbempeilafjolakmfjmmimndiiarx, In Quarantäne, 54, 237879, , , , , 8E7EC5D3AA2A6BF54445EDBE5203FD97, C22E047DF2ACD60BE8FCFF2936AC81A7194F1CD0E5909D3308843405EC9FB8B9
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{99094754-8360-4818-9A64-1CB097B89342}\xalbcoifeilhffaghmackcgmhpgabampfml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , CDB6285F5F2B1EA8D47E866AE128061C, 1373E2F2085B663976DA4DE0F4945F53CE77514611DEE97ABC3B20D68F5C9150
PUP.Optional.DownloadProtect, C:\Windows\Installer\{99094754-8360-4818-9A64-1CB097B89342}\calbcoifeilhffaghmackcgmhpgabampfrx, In Quarantäne, 54, 237879, , , , , DBED2480F7B9F0FA57D905515C5A510E, 89DAC19877F7F0E7AB467F25DCC4C42D44E16AF96BC8CA79F3BD4710818F181D
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9990D28C-FFDC-4B9E-9553-B07436F2C0D6}\xfhggmdmghdpcpgleafcljaaeacjfjgeaml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , A8606E1EF2CC3415D124E9D0C29DE818, AD7002D7A67E1E9DCA30E79ADC6936B2DE392D75749DBD1C9B84D0C3EEDC8A6F
PUP.Optional.DownloadProtect, C:\Windows\Installer\{9990D28C-FFDC-4B9E-9553-B07436F2C0D6}\cfhggmdmghdpcpgleafcljaaeacjfjgearx, In Quarantäne, 54, 237879, , , , , 091403CC087A54F2865140140277D2BD, 6F89C973B81206E9053BB84CC1DDB551F70BA54DD23F184A3DFD6A0C79114DE1
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9E92BDFF-F3B2-4E55-AE3D-623380791122}\xpieacadnamehekmbhnldcaoepaijnmplml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 1B972CB49099EEF2DB10A06C704A65CD, B70CEA188F7852FF10C465D66D60D4355C63EACF9DFED95E98B2F9CD94CF236E
PUP.Optional.DownloadProtect, C:\Windows\Installer\{9E92BDFF-F3B2-4E55-AE3D-623380791122}\cpieacadnamehekmbhnldcaoepaijnmplrx, In Quarantäne, 54, 237879, , , , , 529ECF1C57DB1AE039574C783BBB8C82, 31DB4FD7EA299383CCDFF4F4C1393F08C28D72D3C3CD9005E4F080AECC8D4606
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{9FE043B8-8ADE-4EB2-8B64-C0FBAEA1582B}\xbdknfllcmpifheojijhljcfhilhkidghml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , C917998A93C4D8289F78B66FF32BB83C, C6B0CFFFDBB0658D3C481B9909179F0BB6FAC5F863F8CD61F5351B052DFCFC4B
PUP.Optional.DownloadProtect, C:\Windows\Installer\{9FE043B8-8ADE-4EB2-8B64-C0FBAEA1582B}\cbdknfllcmpifheojijhljcfhilhkidghrx, In Quarantäne, 54, 237879, , , , , B681D6390C6C66785545A2277E5B9D4D, 065C05E3B96DBAA936ED04A96C079C99518936A603B497F801AACA7D8C785F33
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A064DD32-3281-4C8B-86DE-2908DAFDDE07}\xfpikhkcmmidaihibfbnmjppooghjjiocml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 76139EB52CA849D875A054672304E47D, 048120249F3EB507AB6C7ED8624525F7C5D54FB7FF9B7A7A691FEE3F42D822B8
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A064DD32-3281-4C8B-86DE-2908DAFDDE07}\cfpikhkcmmidaihibfbnmjppooghjjiocrx, In Quarantäne, 54, 237879, , , , , 1E8A35A7EC5F92F0C85373E81495AF50, AEDFEBE040D6D9D340B553352E9235CAF6182C3EEB3E76EF9D5207D4B934CFB4
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A3CA5039-8B4B-41DF-8DD6-8FD5B6A414A1}\xpllnlnmbnlpcclmgpocmcanepmpjhpcmml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , A2A63B960B202B6C5E5A976BE69026BD, D60238740D6D4C2B1785CF0E371A50957BDD0036FC464384CCB0CAF00E657894
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A3CA5039-8B4B-41DF-8DD6-8FD5B6A414A1}\cpllnlnmbnlpcclmgpocmcanepmpjhpcmrx, In Quarantäne, 54, 237879, , , , , 3BD1A1AF334A9337E918F6FA4D1C8026, 1CEAB80DEF388B14B74E8EBC532363FAD1C4B16EC6CADE9BA84797D07DB27E5A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A49A39D1-EA03-4F1F-B94C-7422AF5A3C33}\xebejgocahffhleolkbgoefhilioimlcoml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 618462D70C59D89C7D1A7FAE6A16AC79, 013BB9BC6F517DC74867B55B4EBC0433A590DB7B8EA30A98B5ABDDC902CB00A3
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A49A39D1-EA03-4F1F-B94C-7422AF5A3C33}\cebejgocahffhleolkbgoefhilioimlcorx, In Quarantäne, 54, 237879, , , , , 9D926802E17F56D422EBF88F55E3BD41, 0D8FA822C4BAD595FDECE43DC5758EE12F9ECD5D97A4BF3B5BFEE336E0E57B71
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A69841DE-5708-406D-8C23-83624F3E7943}\xliclpnalpolmgbddjkdjdnlamdcpegggml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , CF273A0FF0DA2C7EC14B4762654093E8, 932AF4D7657085E3279890DEF21EC5AAC717DB7CAA3E886D61ADD7BB6DB5FCEE
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A69841DE-5708-406D-8C23-83624F3E7943}\cliclpnalpolmgbddjkdjdnlamdcpegggrx, In Quarantäne, 54, 237879, , , , , 3540BE266793BDAD20FA5927EF9DE3D8, 7CC66F33F792E5CDEA5859EEBCFA6FE0AB3B4DDE76B78C07FBFAB938BA44E6C6
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{A9678741-EAB9-4AB6-9D3D-057995042149}\xebnaddhbfiohojmmonlfmhjchjpnpckdml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 68D5FED1863D7234D53E26BCC4B41E3B, D6876813F6962C54BB76CC916B193880D83DDEF3B3FA5108DF58EA9854B14226
PUP.Optional.DownloadProtect, C:\Windows\Installer\{A9678741-EAB9-4AB6-9D3D-057995042149}\cebnaddhbfiohojmmonlfmhjchjpnpckdrx, In Quarantäne, 54, 237879, , , , , 5121DC97745AD291E519F073118527F7, 5792275ADAF566E420C07BC2449CD3EB7A0E07C1076DF0792465732280BCDD7F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AB0D5F41-3847-496B-832B-A3617E5D861A}\xhepkdomgdpigkhidbfdajengdbadgokiml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 54EC27390A0FA44256E5CD6C7D1B3966, F28A8F95B574C105095D763313ACB433605D632A0CC94AF8F703F630B4E3D8EB
PUP.Optional.DownloadProtect, C:\Windows\Installer\{AB0D5F41-3847-496B-832B-A3617E5D861A}\chepkdomgdpigkhidbfdajengdbadgokirx, In Quarantäne, 54, 237879, , , , , 12D4F27CF048DBAB81C347C4AD42CF20, 49F6A612A81F2AE5D69856B0DA9265777BF7B790B6C0375FFCDEAF98A8F4615A
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AD612602-8352-4D22-8D1F-05CB3D00DD35}\xhmmgeodkjnaikpljalmpccfnmehccbojml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 3586F979E9BF65B6769FF20D509159C0, BEA355C566ED1E4B99C1299F0627F0EFB6A7E0EC60BBDA1002451DA32DA40594
PUP.Optional.DownloadProtect, C:\Windows\Installer\{AD612602-8352-4D22-8D1F-05CB3D00DD35}\chmmgeodkjnaikpljalmpccfnmehccbojrx, In Quarantäne, 54, 237879, , , , , 2691966B9C41003E395C58E7AD6335FF, 06D04DF46ABCD589F52A63AFD1FF7D8845BAFFF849AB7E7D141E2151A83713ED
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{AF19984C-16ED-49F4-97BB-B97944E56AAB}\xbpdjafogcakglancekjegbebjnaanohiml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , D572CC06B753676B64FF08B1C6E1D800, 27950A25FB68A02F8AB15DC735770075A0344617D91218048201A7A4CAE979DB
PUP.Optional.DownloadProtect, C:\Windows\Installer\{AF19984C-16ED-49F4-97BB-B97944E56AAB}\cbpdjafogcakglancekjegbebjnaanohirx, In Quarantäne, 54, 237879, , , , , 26D335B7FC4F4D3A28529BD6F6FDBEFB, 215BC3DB01E75FE032C88F308B813BD38ACF85F91812E3340ADB2CD01041966E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{B96BD67B-D40D-4973-A54B-C89E80514D72}\xggfbcnihadbnogpdbjclopckfheeijhfml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 62B9A5C2AB301E4623943EB8257298C8, D42576395D406226E95ADFAFB062110E5C9BC96EB6F39B13D3ACED5AA9250A81
PUP.Optional.DownloadProtect, C:\Windows\Installer\{B96BD67B-D40D-4973-A54B-C89E80514D72}\cggfbcnihadbnogpdbjclopckfheeijhfrx, In Quarantäne, 54, 237879, , , , , 9C70D1CBB5B916352EC3921D26DA03D0, 127D387269FFF390F267174F6CF8D390921D2466B10D1288F3026B77D79D03B8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BAA9BFA8-7E28-412D-BE6B-6C752765D6C5}\xfompnpjiojjbokabiajhlfpmnobkmpnhml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 67E9C14B34478B63B29233D55FD22A63, 0CB4C7107E1EC89192EB3A5862501F505A2174054E76C789112A106BEF567303
PUP.Optional.DownloadProtect, C:\Windows\Installer\{BAA9BFA8-7E28-412D-BE6B-6C752765D6C5}\cfompnpjiojjbokabiajhlfpmnobkmpnhrx, In Quarantäne, 54, 237879, , , , , E2759B1329F5525017E14F035BDD191F, AE5AC3F342E3DD3F57C4CFD1803C77CC2A5A405DA171E12608F715C00F5D3A58
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BC6EE315-FD53-42C0-B305-5817CDB73ECC}\xlnolmgnlngcfhpopfemghaolnkdckaplml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , D7BF01F3C6CFB1E42C1D7DB5C2CB6838, 0456195B642029956BC5E08E1F39BE4A864700D1826AD601554A58FD7B2EF990
PUP.Optional.DownloadProtect, C:\Windows\Installer\{BC6EE315-FD53-42C0-B305-5817CDB73ECC}\clnolmgnlngcfhpopfemghaolnkdckaplrx, In Quarantäne, 54, 237879, , , , , 74003AF708C9508BC9FD35BEBC4174B4, 7FB045979F6A1C6F478C085D2C49A06D2051FE3D9DADAB30C6A622CE7127A991
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BCABCEAB-2908-489D-99C6-9D975B38F08A}\xkimfkifjehaheanppaegacnldfgebpckml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , F54CB72D097B8331C9402686A4C3A60B, 77152F9BD42C40F23A373363B560E77D95BFF229FB216C132B9AC23A475D9B3B
PUP.Optional.DownloadProtect, C:\Windows\Installer\{BCABCEAB-2908-489D-99C6-9D975B38F08A}\ckimfkifjehaheanppaegacnldfgebpckrx, In Quarantäne, 54, 237879, , , , , 6E08B1ACF964423E6C7270B05546F7D8, 6240EB059DC4B75B0CCA768FEBDAA98E5845DD78C259CDD15913F72AA1B7902B
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{BF424FA0-B9F3-4D50-A7D8-A1FCA2107CEF}\xpahhapgmpahcbllcceipdelligcjhpjdml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , E8C215518B3583BB89764D796B4FCE24, E9CCB6753A27F5A77D5E494F2A18D8DAD1FA32C581210CB38B5628FE08C8F720
PUP.Optional.DownloadProtect, C:\Windows\Installer\{BF424FA0-B9F3-4D50-A7D8-A1FCA2107CEF}\cpahhapgmpahcbllcceipdelligcjhpjdrx, In Quarantäne, 54, 237879, , , , , F7E0914E5035D0F2115312141D2FB1E6, 50E0E282DE8585F03319D1B8F34ACFA58A02EFE45F08FE6F32BC7963D1816BC8
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C4828DBE-9BEE-4C59-AFD5-B53B02DF9E49}\xfgdpelehjnglhjckappjeokbpekdboblml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , B2980C3AD9A4411FBE3414096B778EE0, 59CFA17F82943AE11A81EBF7AE691CF63CEEF90A34BD4CF8F926723697183603
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C4828DBE-9BEE-4C59-AFD5-B53B02DF9E49}\cfgdpelehjnglhjckappjeokbpekdboblrx, In Quarantäne, 54, 237879, , , , , 4518B5B24CB0EECFA75A7D9E73F516C2, 9B1235829C16F64A6D416DC032E295740107CA71ED31B306F64F083C8143B816
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{C762885E-4115-40CB-9857-0E965308982B}\xfjpojnhjchfkbdbkgobmnpeghnnjpgngml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 617F40A746753982147B73367DBF7AF2, CCF5D2F587468B347A0A3C5AFC89E13897AEF0F81BE2C8239D5BC193E4BEFA94
PUP.Optional.DownloadProtect, C:\Windows\Installer\{C762885E-4115-40CB-9857-0E965308982B}\cfjpojnhjchfkbdbkgobmnpeghnnjpgngrx, In Quarantäne, 54, 237879, , , , , 53FE142C4F33D1C7DC36E1CD1DF2379F, 119DE16A27B5BC5024B32E998D66784964BD8F9F6F63D52F5C7DE37391D53E1C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CAB50867-12B7-4F49-9783-475CD8A4254B}\xclnmldklpkoagkcchikgmcphcmoldigaml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 6D6CBA65319A7B44CCC2DE8EFD4C2C3A, F7DE980C7A5B9EDBF2D72299B71D6BBBF01C074D10102E74CD638854B3484D92
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CAB50867-12B7-4F49-9783-475CD8A4254B}\cclnmldklpkoagkcchikgmcphcmoldigarx, In Quarantäne, 54, 237879, , , , , 1DACB2C245B52D6897D3C550E6559454, 635CB121C0102095E8765C098792FBA8B4EBCFD09E39ACB6E83A42F1988A9284
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{CBA27754-22D7-4C35-82E7-110E8F825582}\xiplcjmhemnmifajikaedoehojdhhnopaml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ABC481F4E0DA60EC15D202C07143BC57, EF7444D6A3BA490B0E55A07EA389A3C56846C5403E6AF128BDCD9AF9F32E7756
PUP.Optional.DownloadProtect, C:\Windows\Installer\{CBA27754-22D7-4C35-82E7-110E8F825582}\ciplcjmhemnmifajikaedoehojdhhnoparx, In Quarantäne, 54, 237879, , , , , 513795BC30AB3FBF74E2EDAE5EC6C168, CCB1264B5749BCF1BBB6129D16BB0BE468CB8EFBA9551B78A3C7EBF9A13DA355
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{D2FEE591-18EF-4DE5-B67F-A1AD56E84BE5}\xefldblnkhdekdfbdmidlkdgjpopenhifml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 5713150785D1812278FA1A2F6694B843, 3B54DF217ACAA60FBE40C3FD9A8BEEAB15924242B0B253D6A2F7A9DCB907723A
PUP.Optional.DownloadProtect, C:\Windows\Installer\{D2FEE591-18EF-4DE5-B67F-A1AD56E84BE5}\cefldblnkhdekdfbdmidlkdgjpopenhifrx, In Quarantäne, 54, 237879, , , , , 3E91E821541ECFEC515FCD061E7862D1, B2153E724A3509374C1E4F3AFEDCB81B9FC0A21075F46CEB43E2CDA40DDB02CF
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\INSTALLER\{5089B123-334F-4C60-81D3-33719AAF3950}\{63289A21-D8E6-4D3B-BDFE-3396CC549426}.xpi, In Quarantäne, 5871, 255640, 1.0.50863, , ame, , 65B6C082FCF28194D71F0A55C5AC2DFD, 998FA5A33C033352DC63DCA5FDA2C6776C3C90A96D8D90EC8893EB4AEDC4A8B3
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DBA5881B-B723-415F-AC40-CA87828CD247}\xfplkciddngkhfikfjboblaiiefbgoanmml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , CE43641C5C26DDBF8A64CDE339FA113B, C533738EE56D9B44B64FED4F10E7BF2227FF9583854D50EE330A94B841220D2B
PUP.Optional.DownloadProtect, C:\Windows\Installer\{DBA5881B-B723-415F-AC40-CA87828CD247}\cfplkciddngkhfikfjboblaiiefbgoanmrx, In Quarantäne, 54, 237879, , , , , 116905667BDDA20FD2598728BE20162B, 1DE2186F02DDDFEF43F0A8238B80BB33F32542BAEC2FA9875B67AFC836C404BA
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{E3E0E7CE-6C19-4B8C-9FD8-FA18939EC8EE}\xakodhicilggmaghmgjbcjpigjbfcnofgml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 202A7078BDEE4D274DFBADF5B6B2013D, FC1FF1A59FA852619A8D5E126BD39ED3E92C6C0CE455E37F7161741DE2F20437
PUP.Optional.DownloadProtect, C:\Windows\Installer\{E3E0E7CE-6C19-4B8C-9FD8-FA18939EC8EE}\cakodhicilggmaghmgjbcjpigjbfcnofgrx, In Quarantäne, 54, 237879, , , , , 36EB25B2BBDA12ABE7FCF2F00964A9C9, 841A55BB29E5B5D177EBB6AE52EEF0905D0F1B44E8063421C88C0126E90B3A34
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EB056787-677F-4B20-90E0-36EC111130D8}\xnhmfbafhgjahbnjlcckjpgamfoahbaefml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 6289A6571C664BC50A646C489F1E26B9, 970FC24CE80E4130EF19AD074C44511AF4F40CBCBF4110E89E65BDD485DB5F34
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EB056787-677F-4B20-90E0-36EC111130D8}\cnhmfbafhgjahbnjlcckjpgamfoahbaefrx, In Quarantäne, 54, 237879, , , , , C87A350906065C9F8FE7D942F79FF2F0, 6E7ECB3165540630BF08B15BCE017B67E11CFA4C3D43E6773AF61FD0E62A85C2
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EB4C5118-4E16-42A2-8F35-8EAB7FD44BC8}\xoagbiaelljdngonnbifdkgepcldpbjafml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 26D62B92C7AB8614A199031BE3150491, A5A7B4A5B06AEE995EA8561A58D717A0827E7CB952F7BDDE111575C8FDCD3E90
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EB4C5118-4E16-42A2-8F35-8EAB7FD44BC8}\coagbiaelljdngonnbifdkgepcldpbjafrx, In Quarantäne, 54, 237879, , , , , D95176652F376238212667BA2BC49CBD, 5A239D42E7798C22CEAF4FBB1590DBB609A12BAF3EDB67B4FF428FED20AA807E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EC88C111-2A4C-409B-8B5C-AA0BC81DAB01}\xeckkffnfjjmocdolelonkkipifpgcbhgml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 283C27ECF81AFAD17470AA69B4F53E04, B516C040F98AAEA1F4B89FD7F27A7905E10CCFFD8E7B9C0CBB678BE7B19A8C5C
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EC88C111-2A4C-409B-8B5C-AA0BC81DAB01}\ceckkffnfjjmocdolelonkkipifpgcbhgrx, In Quarantäne, 54, 237879, , , , , 490B99AF50401086C03BB274E13397F1, 62F8B86A319B732F852AAED7CBE59E4AD37D6F1E0B7A6B15D1C79AAB855DD577
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EDA85639-0A7C-4BE9-8298-B27528CBEA4C}\xgkgalaapfapepclclkpngdggnhjfojloml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , ACEE0D9FE6C81595926BE3342EDE01F5, 8D47A973306C9A1DECD2E64AC305B20A0CF3E27897ACB2FB8A58B44690449751
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EDA85639-0A7C-4BE9-8298-B27528CBEA4C}\cgkgalaapfapepclclkpngdggnhjfojlorx, In Quarantäne, 54, 237879, , , , , D32FCF0E0B2093C410E141014AD311D9, 4341D39D28C2C97E3CC8B01C7F90EC16EBD9A52BF76AAA19312876F2EFC54D27
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{EF0A5FB4-9809-4BDD-91CA-4BF9AD2C1369}\xgcianafioijhgilgbofddkljfjbmmgepml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 832385D9733F748BB3C2A3D4B4B5CAFD, 40B30F790CE0FCB4DA34D8B46D9A28A5726CC616950BD4B2600DE27CF957AE45
PUP.Optional.DownloadProtect, C:\Windows\Installer\{EF0A5FB4-9809-4BDD-91CA-4BF9AD2C1369}\cgcianafioijhgilgbofddkljfjbmmgeprx, In Quarantäne, 54, 237879, , , , , 013BC0642185CB8C3D232700F59E2E78, A054CB5FDFBD793D6300208B93EC9F9C16B35A4661063B63DE0D815F876D8E0C
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F0A11709-C310-415A-9077-68894F3C0136}\xjcajdafehheikhojcgpeicmhadkimeekml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , BF70AA126D67EDD187E2153910A102FE, 6562E339AE624B44E3930D4D2EA82D022F02DEC4755AC31C4BCBBBC8CA20A5EA
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F0A11709-C310-415A-9077-68894F3C0136}\cjcajdafehheikhojcgpeicmhadkimeekrx, In Quarantäne, 54, 237879, , , , , DB0C28F39CD4853113A5B9636344C10C, 144F18FF6E555C2B529556659D0AB7659B6C06206CC2A3DAF1E726915B58B3C9
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F33B52B0-9E97-436D-A159-8E62F649FCB3}\xpliifnbnejdolacmljdidehpggnkpjkdml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 0300E72F3405D643B5F8705D3FA24DAB, A83F2C4EBCA7258FEBF3867701174D6387DE385C36B4C86020E6C120C9A4F37B
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F33B52B0-9E97-436D-A159-8E62F649FCB3}\cpliifnbnejdolacmljdidehpggnkpjkdrx, In Quarantäne, 54, 237879, , , , , EA3B84CB24B79466518FA1A4EBBB032F, B531F5FF1CB71E468CCC25FE14B8281888B6B4B80A9C89244403284430267E50
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F74869B8-37D9-4095-9F21-B279F05A13E0}\xkpjkdaihhppmdpoejafiinlbpgfdkleiml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 9CC07FF696B273ED1C517C0DAD640157, F3F07FAD7868D53235F0B746D8BF2F86EC94B7277E0CE81F6EE7CBF74BF0B1A5
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F74869B8-37D9-4095-9F21-B279F05A13E0}\ckpjkdaihhppmdpoejafiinlbpgfdkleirx, In Quarantäne, 54, 237879, , , , , 7E96CB07C8F6A5F2FCB6D8B2CB197D62, BE7F8F5BAD7FF674DD1A7BA64D9BC043FFB1D2E06151ADE302EB58CA463B535E
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{F9201396-82E2-4254-AAC7-754E32552A69}\xngingmbilnndlmhjgjhjgicfhfflimfjml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , EC02F2B16134DD162EF4154471FDBEA7, 8A41643F9BDF30B93F7DD9F01001161491669AC8626B3DF998794344628B8268
PUP.Optional.DownloadProtect, C:\Windows\Installer\{F9201396-82E2-4254-AAC7-754E32552A69}\cngingmbilnndlmhjgjhjgicfhfflimfjrx, In Quarantäne, 54, 237879, , , , , 7E0ACD68DCADAF0834FD57586A889DC0, 4FA4C6EB696A5706B796E3F63992DE2E8E8D81FA21FB08B07C50B32DCA91FEC1
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FB222E2C-B73C-4265-8DAA-F2B8014A5D42}\xlacmlkfdjlbdnknlignkejhfofpibencml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 787D1531518671E52CFDB7D41C715A03, A0E6C850A9ACA622550AABB1FE55763740B45EDF903125A83163033911AB5200
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FB222E2C-B73C-4265-8DAA-F2B8014A5D42}\clacmlkfdjlbdnknlignkejhfofpibencrx, In Quarantäne, 54, 237879, , , , , C548E66D9AAF2C10F089D685914CBEEB, B8EC610C7CC8AF9E9B9879DCA01D6CE87676E8420033FCE3EFB45642F6CF53BC
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FC36553E-FBC0-4FB6-AC41-B88497CCE709}\xbbnibclclmjpkdmggpaaonefofionfjmml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 088E3CC516ACCED74B219A5EAF63FE3D, E163FA00846FB67F3D53F2DB1A4D35A62C32A39DD8ABDCA527176D55D3A16505
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FC36553E-FBC0-4FB6-AC41-B88497CCE709}\cbbnibclclmjpkdmggpaaonefofionfjmrx, In Quarantäne, 54, 237879, , , , , D5CDAC645EBC44C53733608F3D3249E3, 7A14AD0CCC7948796B6C56EE23D689EC42BE67FF2F9A161FB2FAE68C3413A34F
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{FE07BDF7-69B7-4A07-848E-E1537B20F5A3}\xkgjplhapfljgcjpkacmippgleenecoeaml, In Quarantäne, 54, 237879, 1.0.50863, , ame, , 5101B5F7BE84F48D9947BB3AAAF4973F, 9BC1BFB5845174671A781FFD78B5F69959362CC5BA5CF6B562A392FB9FC8F222
PUP.Optional.DownloadProtect, C:\Windows\Installer\{FE07BDF7-69B7-4A07-848E-E1537B20F5A3}\ckgjplhapfljgcjpkacmippgleenecoearx, In Quarantäne, 54, 237879, , , , , DF48511C6B73AF61F39E5925B4D47756, 36B087F9747B97FEA3CBB853E6AA454C9391D82B14E78B579A1DA5F3C524DC0F
PUP.Optional.DownloadProtect.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, In Quarantäne, 5871, -1, 0.0.0, , action, , 67DF6678E5B77F2AF41B5E2FF13F506B, 947F895A4A696D9F93FB7AAA5F5E7B2542BABECDBBF7FDE36FEE0CBB5553B666
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, In Quarantäne, 5871, -1, 0.0.0, , action, , 82EB1DD59206FC1D945A053FA8B628FE, F19208A2E4D2CDE66BFED6D59F10722DB678A5E745B65B150078E5B336C9D0BD
PUP.Optional.Restoro, C:\WINDOWS\RESTORO.INI, In Quarantäne, 817, 551609, 1.0.50863, , ame, , D431FFABBDA84CEEE69124497BB341AB, 3991287502AF566F08B0F42E10D20E8DC61895628D7D88A85558BA85F4D91624
Trojan.DownloadProtect, C:\PROGRAMDATA\PACKAGE CACHE\{683CF574-7D2D-4EE8-9246-36E1E470A210}\{F1016E61-132D-41E2-AA7E-71F7B55AC36D}, In Quarantäne, 313, 910813, 1.0.50863, , ame, , 51FEF7E265F8B2B18A31A17F5E360A3D, 9CBE268B7CB7A3D4764A9457094BC910AE20F966116DD80E62C935407C604276
Trojan.DownloadProtect, C:\WINDOWS\INSTALLER\{6BABD02D-96CC-4EDE-9A44-828246CCD6DE}\{0D1A3E26-E52B-4C3F-9CC1-C28C618AE351}, In Quarantäne, 313, 910814, 1.0.50863, , ame, , 553BAE0B91582B44601E32A1920AD4E4, 8B62EF52A3CBE96662A393842CE511D59AEC05FC131C79969226A960C6AEBE3F
Trojan.DownloadProtect, C:\WINDOWS\INSTALLER\{AA227579-7A44-441B-AEEC-0FD4C021383A}\{A4EC276B-D718-419E-9257-86FDC2610C2A}, In Quarantäne, 313, 910814, 1.0.50863, , ame, , BB27B8D0F7DD1152F9252E918FBC8729, 9A69FDE1F621B47D17B0084EDF455B3E06BCE60A00FCAF0B9EB9FDB67DBC699A
Trojan.DownloadProtect, C:\WINDOWS\SYSTEM32\TASKS\AllJoyn-RouterdienstRAS-MedientreiberBrowser, In Quarantäne, 313, 928632, 1.0.50863, , ame, , 93DA12180E6480453B7AE812306CE196, F886461665DA6B9E708595C2810C5EE2F548DD626834C3F8572CD51F4A0C6F26
Trojan.DownloadProtect, C:\WINDOWS\SYSTEM32\TASKS\Xbox Antwort Ereignisse, In Quarantäne, 313, 928631, 1.0.50863, , ame, , 3B26C2A2BE2230850B46E7884FA54CAA, F6B7650516DE8AA345C8E4C91C7416E72CDF6F6DCAFD5079E8B367252F5EB09B
PUP.Optional.Restoro, C:\WINDOWS\SYSTEM32\NATIVE.EXE, In Quarantäne, 817, 551621, 1.0.50863, , ame, , A1E5E09208F19DE7AD33554E9627D5E4, E4F2EBA8E47DA66A0794A9FF41D2764C05B089C5706586345BA417F4DAAA7430
PUP.Optional.Restoro, C:\USERS\BERND\APPDATA\LOCAL\TEMP\~NSU.TMP\BU_.EXE, In Quarantäne, 817, 551611, 1.0.50863, , ame, , BD37BB537E3D31C738027938F42F506F, 5E659E47F8EE559CF5B53EFFC37C999DBBB323F4DC1095203C52549096D52C80
PUP.Optional.Restoro, C:\USERS\BERND\APPDATA\LOCAL\TEMP\~NSU.TMP\AU_.EXE, In Quarantäne, 817, 551611, 1.0.50863, , ame, , 5915AF0D20409747F27E57AC98403B95, DCFF42CE18B6880174677A34B8C6C7A24C70EB1710694BAF7068450F793DBD98
PUP.Optional.Restoro, C:\USERS\BERND\DOWNLOADS\RESTORO.EXE, In Quarantäne, 817, 551611, 1.0.50863, , ame, , 39FEF85FE114D96DDE745B8CE0659B2E, 08333E61156E2CCFD7843A924FB671862FC226C89BF98F20AB95EA6125130EF7
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
08.02.2022, 15:19
| #10 |
| /// TB-Ausbilder | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Gut gemacht.  Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Danke! |
|
08.02.2022, 15:30
| #11 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 (21H2): Trojaner tr/ad.firehooker.buZitat:
Zitat:
Halt!  Da muss erst unnütze/veraltete Software runter. Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2022, 15:33
| #12 | |
| /// TB-Ausbilder | Windows 10 (21H2): Trojaner tr/ad.firehooker.buZitat:
 |
|
08.02.2022, 15:57
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Naja nicht unbedingt in der Reihenfolge...wäre aber schon schöner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2022, 17:19
| #14 |
| | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Die 5 Programme habe ich deinstalliert und danach adwcleaner ausgeführt. Hier die Log-Datei: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-08-2022
# Duration: 00:00:54
# OS: Windows 10 Pro
# Cleaned: 47
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\PARETOLOGIC
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\PARETOLOGIC
Deleted C:\ProgramData\SuperEasy Software
Deleted C:\Users\Bernd\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
Deleted C:\Users\Bernd\AppData\Roaming\DriverCure
Deleted C:\Users\Bernd\AppData\Roaming\PARETOLOGIC
Deleted C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Savevid
Deleted HKCU\Software\ParetoLogic
Deleted HKCU\Software\Savevid
Deleted HKCU\Software\SuperEasy Software
Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
Deleted HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\ParetoLogic
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.CyberLinkService Folder C:\Program Files\CYBERLINK\SHARED FILES\PLUGIN\NEWBLUE
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Administrator\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Bernd\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Deleted Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|PMBVolumeWatcher
Deleted Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6342 octets] - [08/02/2022 17:12:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
|
08.02.2022, 17:27
| #15 |
| /// TB-Ausbilder | Windows 10 (21H2): Trojaner tr/ad.firehooker.bu Gut gemacht. Nun bitte eine Kontrolle mit FRST:
|
|
| Themen zu Windows 10 (21H2): Trojaner tr/ad.firehooker.bu |
| absturz, aktualisieren, biete, bietet, browser, ebenfalls, erhalte, fehler, gelöst, gen, hängt, installiert, malwarebytes, meldungen, microsoft defender, minute, minuten, neustart, nicht mehr, nvcontainer, nvcontainer.exe, programme, seite, starten, stürzt, trojaner, wiederherstellung, windows |
Linear-Darstellung
