| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3BWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.05.2014, 19:15
| #1 |
 |  Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Hallo zusammen, nachdem ich vor einiger Zeit schon mal Hilfe bei euch gefunden habe, hoffe ich auch dieses mal wieder auf eure Unterstützung. Vielen Dank dafür schon mal im Voraus! Stinger hat einen Fund gemeldet, hier der entsprechende Log: Code:
ATTFilter <HTML><HEAD> <TITLE>
McAfee Stinger Scan Results</TITLE></HEAD><BODY BGCOLOR=#ffffff><H1 ALIGN=CENTER>
McAfee Stinger Scan Results</H1><H2 ALIGN=CENTER><HR></H2><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><PRE>
McAfee® Labs Stinger™ Version 12.1.0.893 built on May 9 2014 at 12:15:37
Copyright© 2014, McAfee, Inc. All Rights Reserved.
AV Engine version v5610.1040 for Windows.
Virus data file v1000.0 created on May 9, 2014
Ready to scan for 6348 viruses, trojans and variants.
Custom scan initiated on Samstag, Mai 10, 2014 14:10:29
Rootkit scan result : Not Scanned.
C:\Documents and Settings\All Users\Application Data\czonofs.dat [MD5:4f37bb0a5e3b45a2fea77998b1964441] is infected with Trojan-FDXU!4F37BB0A5E3B
C:\Documents and Settings\All Users\Application Data\czonofs.dat has been Deleted
Summary Report on C:
File(s)
TotalFiles:............ 668818
Clean:................. 425050
Not Scanned:........... 243767
Possibly Infected:..... 1
Time: 01:36:13
Scan completed on Samstag, Mai 10, 2014 15:46:42
FRST.txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014
Ran by mip-admin (administrator) on ESMERALDA on 10-05-2014 15:53:26
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc)
HKLM\...\Run: [Ocs_SM] => C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-05-02] (OCS)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-04-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-04-25] (Iminent)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-18] (AVAST Software)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ATTENTION
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [yaeqlbdy] => regsvr32.exe "C:\ProgramData\yaeqlbdy.dat"
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\MountPoints2: {30586661-a7e5-11e2-be89-806e6f6e6963} - "D:\start.exe"
AppInit_DLLs-x32: c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll => "c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll" File Not Found
Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\mip-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL =
SearchScopes: HKCU - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://www.google.com"
CHR Extension: (Google Docs) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-10]
CHR Extension: (Google Drive) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-10]
CHR Extension: (YouTube) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-10]
CHR Extension: (Google-Suche) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-10]
CHR Extension: (Iminent) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2014-05-10]
CHR Extension: (Google Wallet) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-10]
CHR Extension: (Google Mail) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-10]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Chef\AppData\Roaming\BabSolution\CR\delta2.crx [2013-05-02]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - C:\Program Files (x86)\Iminent\Iminent.crx [2013-05-02]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-18] (AVAST Software)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 SearchAnonymizer; C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-05-02] ()
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3047744 2014-05-08] (Iminent)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-01-18] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-30] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2014-01-18] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2014-01-18] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [79672 2014-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-18] ()
S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-10 15:53 - 2014-05-10 15:53 - 00000000 ____D () C:\FRST
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 _____ () C:\Users\mip-admin\defogger_reenable
2014-05-10 15:49 - 2014-05-10 15:50 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_154947.html
2014-05-10 15:13 - 2014-05-10 15:13 - 02065408 _____ (Farbar) C:\Users\mip-admin\Downloads\FRST64.exe
2014-05-10 15:13 - 2014-05-10 15:13 - 00380416 _____ () C:\Users\mip-admin\Downloads\Gmer-19357.exe
2014-05-10 15:11 - 2014-05-10 15:53 - 00000000 ____D () C:\Users\mip-admin\Desktop\Viren Heilung
2014-05-10 15:11 - 2014-05-10 15:11 - 00050477 _____ () C:\Users\mip-admin\Downloads\Defogger.exe
2014-05-10 14:47 - 2014-05-10 14:47 - 00512784 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avastclear_9.0.2013.exe
2014-05-10 14:10 - 2014-05-10 15:46 - 00001085 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_141029.html
2014-05-10 14:10 - 2014-05-10 14:10 - 00000000 ____D () C:\Quarantine
2014-05-10 14:07 - 2014-05-10 14:08 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_140737.html
2014-05-10 14:05 - 2014-05-10 14:05 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Macromedia
2014-05-10 14:04 - 2014-05-10 15:51 - 00000122 ___RH () C:\Users\mip-admin\Downloads\Stinger.opt
2014-05-10 14:04 - 2014-05-10 15:51 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-05-10 14:04 - 2014-05-10 14:04 - 10653032 _____ (McAfee Inc) C:\Users\mip-admin\Downloads\stinger32.exe
2014-05-10 13:57 - 2014-05-10 13:58 - 88882192 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avast_free_antivirus_setup.exe
2014-05-10 13:51 - 2014-05-10 14:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1033
2014-05-10 13:50 - 2014-05-10 14:06 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Google
2014-05-10 13:48 - 2014-05-10 13:48 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\bitcasa
2014-05-10 13:47 - 2014-05-10 13:47 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Intel Corporation
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Canon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Samsung
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Power2Go8
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Adobe
2014-05-10 13:45 - 2014-05-10 13:50 - 00002259 _____ () C:\Users\mip-admin\Desktop\Google Chrome.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00001450 _____ () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Adobe
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\VirtualStore
2014-05-10 13:43 - 2014-05-10 15:52 - 00000000 ____D () C:\Users\mip-admin
2014-05-10 13:43 - 2014-05-10 13:45 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Packages
2014-05-10 13:43 - 2014-05-10 13:43 - 00000020 ___SH () C:\Users\mip-admin\ntuser.ini
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Vorlagen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Startmenü
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Netzwerkumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Lokale Einstellungen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Eigene Dateien
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Druckumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Musik
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Bilder
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Verlauf
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Synaptics
2014-05-10 13:43 - 2014-03-15 21:13 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-10 13:43 - 2013-06-24 13:29 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-10 13:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-10 13:43 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-10 13:21 - 2014-05-10 13:23 - 00000000 ___HD () C:\windows\AxInstSV
2014-05-10 13:20 - 2014-05-10 13:32 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\QuickScan
2014-05-08 20:15 - 2014-05-08 20:15 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-08 19:52 - 2014-05-08 19:52 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-08 19:52 - 2014-05-08 19:52 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-06 21:38 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 21:38 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 21:38 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 21:38 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 21:38 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-02 20:18 - 2014-04-23 01:47 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-02 20:18 - 2014-04-23 01:47 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-02 20:17 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-02 20:17 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-02 20:17 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-02 20:17 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 12:22 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 12:22 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 12:22 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 12:22 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 12:22 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 12:22 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 12:22 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 12:22 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 12:22 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 12:22 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 12:22 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 12:22 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 12:22 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 12:22 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 12:22 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-12 12:21 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 12:21 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 12:21 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 12:20 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 12:20 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 12:20 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 12:20 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 12:20 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 12:20 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 12:20 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 12:20 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
==================== One Month Modified Files and Folders =======
2014-05-10 15:53 - 2014-05-10 15:53 - 00000000 ____D () C:\FRST
2014-05-10 15:53 - 2014-05-10 15:11 - 00000000 ____D () C:\Users\mip-admin\Desktop\Viren Heilung
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 _____ () C:\Users\mip-admin\defogger_reenable
2014-05-10 15:52 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin
2014-05-10 15:51 - 2014-05-10 14:04 - 00000122 ___RH () C:\Users\mip-admin\Downloads\Stinger.opt
2014-05-10 15:51 - 2014-05-10 14:04 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-05-10 15:50 - 2014-05-10 15:49 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_154947.html
2014-05-10 15:46 - 2014-05-10 14:10 - 00001085 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_141029.html
2014-05-10 15:24 - 2013-05-04 22:30 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-10 15:15 - 2013-01-25 05:10 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-05-10 15:13 - 2014-05-10 15:13 - 02065408 _____ (Farbar) C:\Users\mip-admin\Downloads\FRST64.exe
2014-05-10 15:13 - 2014-05-10 15:13 - 00380416 _____ () C:\Users\mip-admin\Downloads\Gmer-19357.exe
2014-05-10 15:11 - 2014-05-10 15:11 - 00050477 _____ () C:\Users\mip-admin\Downloads\Defogger.exe
2014-05-10 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-05-10 14:47 - 2014-05-10 14:47 - 00512784 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avastclear_9.0.2013.exe
2014-05-10 14:47 - 2013-01-25 03:52 - 01124203 _____ () C:\windows\WindowsUpdate.log
2014-05-10 14:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-05-10 14:10 - 2014-05-10 14:10 - 00000000 ____D () C:\Quarantine
2014-05-10 14:08 - 2014-05-10 14:07 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_140737.html
2014-05-10 14:06 - 2014-05-10 13:50 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Google
2014-05-10 14:06 - 2013-05-02 21:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-10 14:05 - 2014-05-10 14:05 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Macromedia
2014-05-10 14:04 - 2014-05-10 14:04 - 10653032 _____ (McAfee Inc) C:\Users\mip-admin\Downloads\stinger32.exe
2014-05-10 14:01 - 2014-05-10 13:51 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1033
2014-05-10 14:01 - 2013-05-02 15:00 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1001
2014-05-10 13:58 - 2014-05-10 13:57 - 88882192 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avast_free_antivirus_setup.exe
2014-05-10 13:50 - 2014-05-10 13:45 - 00002259 _____ () C:\Users\mip-admin\Desktop\Google Chrome.lnk
2014-05-10 13:48 - 2014-05-10 13:48 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\bitcasa
2014-05-10 13:47 - 2014-05-10 13:47 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Intel Corporation
2014-05-10 13:47 - 2013-01-25 04:58 - 00000000 ____D () C:\ProgramData\WinClon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Canon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Samsung
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Power2Go8
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Adobe
2014-05-10 13:46 - 2013-05-02 13:55 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-05-10 13:45 - 2014-05-10 13:45 - 00001450 _____ () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-10 13:45 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Packages
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Adobe
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\VirtualStore
2014-05-10 13:43 - 2014-05-10 13:43 - 00000020 ___SH () C:\Users\mip-admin\ntuser.ini
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Vorlagen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Startmenü
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Netzwerkumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Lokale Einstellungen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Eigene Dateien
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Druckumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Musik
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Bilder
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Verlauf
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Synaptics
2014-05-10 13:43 - 2013-05-18 13:48 - 00000000 ___RD () C:\Users\Chef\Dropbox
2014-05-10 13:43 - 2013-05-18 13:46 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\Dropbox
2014-05-10 13:43 - 2013-05-04 22:30 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 13:42 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-10 13:41 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-10 13:32 - 2014-05-10 13:20 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\QuickScan
2014-05-10 13:23 - 2014-05-10 13:21 - 00000000 ___HD () C:\windows\AxInstSV
2014-05-10 13:21 - 2013-07-28 16:36 - 00000000 ____D () C:\Users\Chef\AppData\Local\CrashDumps
2014-05-10 13:19 - 2013-05-04 22:30 - 00004098 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 13:19 - 2013-05-04 22:30 - 00003862 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-10 13:13 - 2013-01-25 20:54 - 00754172 _____ () C:\windows\system32\perfh007.dat
2014-05-10 13:13 - 2013-01-25 20:54 - 00156362 _____ () C:\windows\system32\perfc007.dat
2014-05-10 13:13 - 2012-07-26 09:28 - 01748838 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-08 20:15 - 2014-05-08 20:15 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-08 20:15 - 2013-01-25 04:47 - 00000000 ____D () C:\ProgramData\Intel
2014-05-08 20:05 - 2012-08-05 23:07 - 00860322 _____ () C:\windows\PFRO.log
2014-05-08 20:05 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-05-08 19:53 - 2013-01-25 04:42 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-08 19:52 - 2014-05-08 19:52 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-08 19:52 - 2014-05-08 19:52 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-08 19:52 - 2013-01-25 04:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-04-29 16:14 - 2014-05-02 20:17 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-02 20:17 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-23 01:47 - 2014-05-02 20:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2014-05-02 20:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-19 19:06 - 2014-03-02 12:37 - 00000000 ____D () C:\Users\Chef\Documents\Arztadressen
2014-04-19 11:39 - 2014-05-06 21:38 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 21:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 21:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 21:38 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 21:38 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-15 11:11 - 2013-05-02 13:55 - 00000000 ___RD () C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-15 11:11 - 2013-05-02 13:55 - 00000000 ___RD () C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 20:18 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 20:17 - 2013-08-21 16:51 - 00000000 ____D () C:\windows\system32\MRT
2014-04-14 20:16 - 2013-05-03 10:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-17 19:52
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-05-2014
Ran by mip-admin at 2014-05-10 15:54:11
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D1FE6D8B-E5EE-5205-3E53-CDA000257D99}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2011 - Avast Software)
Bitcasa version 0.9.20.4133 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4133 - Bitcasa Inc.)
BrowserProtect (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - ) <==== ATTENTION
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP3300 Benutzerregistrierung (HKLM-x32\...\Canon iP3300 Benutzerregistrierung) (Version: - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version: - Delta) <==== ATTENTION
Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.16.16 - Delta) <==== ATTENTION
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Help Desk (HKLM\...\{3D85CD3F-00E0-4E14-82D6-1F9397DDD09B}) (Version: 1.0.8 - Samsung Electronics CO., LTD.)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.17.41.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.17.41.0 - Iminent) Hidden <==== ATTENTION
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystic Gallery (HKLM-x32\...\Mystic Gallery) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.7.2 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{3EB3E946-FB88-45C2-A19B-410D254657D9}) (Version: 2.1.20 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{F5B5BA56-8FEB-494B-84E6-C8DA9C2BEE50}) (Version: 2.1.6 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
User Guide (HKLM-x32\...\{C7588111-1A12-4EFE-8CA0-DA4344480D92}) (Version: 1.4.00 - Samsung Electronics CO., LTD.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
==================== Restore Points =========================
22-03-2014 16:42:52 Windows Update
12-04-2014 10:12:36 Windows Update
02-05-2014 18:13:40 Windows Update
10-05-2014 11:39:43 Windows Update
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {04DEB689-306C-496A-9364-1CDF17180B35} - System32\Tasks\AdobeAAMUpdater-1.0-Esmeralda-Chef => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {06A4AD44-E164-481C-97E7-4FD0C13BE49F} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-11-30] (Samsung Electronics CO., LTD.)
Task: {12DF29B0-55C0-4F02-B631-39303CF52C98} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-18] (AVAST Software)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2033F2F4-84BB-4548-B145-D214EC365DC7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C06C0B3-58E7-4594-902F-FD6D297592DB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {4AA7E9A4-D73C-4C6B-B81F-A2852332C3C1} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16] (Synaptics Incorporated)
Task: {5346A36B-87BE-40E5-8722-B2BCD8FA1EA4} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {59ED68AC-CE6F-4B61-BE58-F596EDEDC4DE} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-10-25] (Samsung Electronics CO., LTD.)
Task: {69B5829A-2A3F-4578-9042-AEF18736F613} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-10-15] (SEC)
Task: {6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {6E48F844-22D1-44F3-8857-7D0452415727} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {967D187D-5A2C-46BE-A6C3-30EFBA3E9BF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB3527A5-705D-4939-A605-964D0470BA71} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D5D7F3E5-83B7-4A72-A6BE-9922EEBF94D7} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F6296C50-6397-4C60-A2CF-0699E5738F57} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {F7C47359-95C7-48FF-9600-437CA42806DE} - System32\Tasks\EPUpdater => C:\Users\Chef\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {FA1864BF-A4CB-4F4A-BB73-CEC9D8738308} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2013-05-02 17:43 - 2013-05-02 17:43 - 00040960 _____ () C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2012-11-30 09:26 - 2012-11-30 09:26 - 00082312 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-07-26 09:55 - 2012-07-26 09:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-09-17 10:23 - 2012-09-17 10:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 04:54 - 2012-08-06 04:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-10 13:15 - 2014-05-10 09:41 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051000\algo.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 01068664 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00103032 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-01-25 04:47 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-01-25 05:07 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/10/2014 02:07:00 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16537, Zeitstempel: 0x5123410e
Name des fehlerhaften Moduls: IEFRAME.dll, Version: 10.0.9200.16859, Zeitstempel: 0x531171d2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001038e8
ID des fehlerhaften Prozesses: 0x5c4
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Vollständiger Name des fehlerhaften Pakets: iexplore.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iexplore.exe5
Error: (05/10/2014 01:43:13 PM) (Source: ESENT) (User: ) (EventID: 489)
Description: taskhostex (3992) Versuch, Datei "C:\Users\Chef\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (05/10/2014 01:23:13 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: IEInstal.exe, Version: 10.0.9200.16750, Zeitstempel: 0x5269da59
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000088f42d10
ID des fehlerhaften Prozesses: 0x20a64
Startzeit der fehlerhaften Anwendung: 0xIEInstal.exe0
Pfad der fehlerhaften Anwendung: IEInstal.exe1
Pfad des fehlerhaften Moduls: IEInstal.exe2
Berichtskennung: IEInstal.exe3
Vollständiger Name des fehlerhaften Pakets: IEInstal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEInstal.exe5
Error: (05/10/2014 01:21:15 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: IEInstal.exe, Version: 10.0.9200.16750, Zeitstempel: 0x5269da59
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000088f42d10
ID des fehlerhaften Prozesses: 0x20448
Startzeit der fehlerhaften Anwendung: 0xIEInstal.exe0
Pfad der fehlerhaften Anwendung: IEInstal.exe1
Pfad des fehlerhaften Moduls: IEInstal.exe2
Berichtskennung: IEInstal.exe3
Vollständiger Name des fehlerhaften Pakets: IEInstal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEInstal.exe5
Error: (05/10/2014 01:11:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Esmeralda) (EventID: 5973)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/10/2014 01:11:12 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1dd44
Startzeit: 01cf6c408219807f
Endzeit: 4294967295
Anwendungspfad: C:\windows\system32\wwahost.exe
Berichts-ID: cac1f060-d833-11e3-beba-208984a59691
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (05/09/2014 06:48:25 PM) (Source: Customer Experience Improvement Program) (User: ) (EventID: 1008)
Description: 80070005
Error: (05/07/2014 04:11:04 PM) (Source: Customer Experience Improvement Program) (User: ) (EventID: 1008)
Description: 80070005
Error: (05/07/2014 01:24:37 PM) (Source: ATIeRecord) (User: ) (EventID: 16388)
Description: ATI EEU Client event error
Error: (05/06/2014 07:56:12 PM) (Source: ATIeRecord) (User: ) (EventID: 16391)
Description: ATI EEU maximum number of session has been surpassed
System errors:
=============
Error: (05/10/2014 02:07:38 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2014 02:07:38 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2014 02:07:37 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2014 01:41:47 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) (EventID: 6)
Description: 0xc000014d0
Error: (05/10/2014 01:25:02 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) (EventID: 6)
Description: 0xc000014d0
Error: (05/08/2014 08:05:49 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) (EventID: 6)
Description: 0xc000014d0
Error: (05/07/2014 03:00:17 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "avast! EmHWID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (05/06/2014 07:58:05 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) (EventID: 6)
Description: 0xc000014d0
Error: (05/06/2014 07:56:10 PM) (Source: DCOM) (User: Esmeralda) (EventID: 10010)
Description: {787D01C9-AA41-4D81-90A6-4E44557CF902}
Error: (04/28/2014 07:09:36 PM) (Source: Schannel) (User: NT-AUTORITÄT) (EventID: 4120)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.
Microsoft Office Sessions:
=========================
Error: (05/10/2014 02:07:00 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: iexplore.exe10.0.9200.165375123410eIEFRAME.dll10.0.9200.16859531171d2c000000500000000001038e85c401cf6c480d3af57cC:\Program Files\Internet Explorer\iexplore.exeC:\windows\SYSTEM32\IEFRAME.dll97050ba4-d83b-11e3-bebc-208984a59691
Error: (05/10/2014 01:43:13 PM) (Source: ESENT) (User: ) (EventID: 489)
Description: taskhostex3992C:\Users\Chef\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (05/10/2014 01:23:13 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: IEInstal.exe10.0.9200.167505269da59unknown0.0.0.000000000c00000050000000088f42d1020a6401cf6c423a6981fdC:\Program Files\Internet Explorer\IEInstal.exeunknown78a8d198-d835-11e3-beba-208984a59691
Error: (05/10/2014 01:21:15 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: IEInstal.exe10.0.9200.167505269da59unknown0.0.0.000000000c00000050000000088f42d102044801cf6c41f43a8678C:\Program Files\Internet Explorer\IEInstal.exeunknown329ddec4-d835-11e3-beba-208984a59691
Error: (05/10/2014 01:11:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Esmeralda) (EventID: 5973)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927142
Error: (05/10/2014 01:11:12 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: wwahost.exe6.2.9200.164201dd4401cf6c408219807f4294967295C:\windows\system32\wwahost.execac1f060-d833-11e3-beba-208984a59691Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbweApp
Error: (05/09/2014 06:48:25 PM) (Source: Customer Experience Improvement Program) (User: ) (EventID: 1008)
Description: 80070005
Error: (05/07/2014 04:11:04 PM) (Source: Customer Experience Improvement Program) (User: ) (EventID: 1008)
Description: 80070005
Error: (05/07/2014 01:24:37 PM) (Source: ATIeRecord) (User: ) (EventID: 16388)
Description:
Error: (05/06/2014 07:56:12 PM) (Source: ATIeRecord) (User: ) (EventID: 16391)
Description:
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 8083.41 MB
Available physical RAM: 6274.82 MB
Total Pagefile: 9299.42 MB
Available Pagefile: 6443.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:436.5 GB) (Free:389.05 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
und hier auch noch die GMER.txt: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-10 16:03:05
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002a rev. 0,00MB
Running: Gmer-19357.exe; Driver: C:\Users\mip-admin\AppData\Local\Temp\kwliapow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\windows\System32\win32k.sys!W32pServiceTable fffff960001f8e00 7 bytes [00, 77, 82, 01, 00, 57, F2]
.text C:\windows\System32\win32k.sys!W32pServiceTable + 8 fffff960001f8e08 7 bytes [01, 42, C0, FF, 00, 17, DB]
---- User code sections - GMER 2.1 ----
.text C:\windows\system32\svchost.exe[904] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163 000007fea0d3f81b 1 byte [62]
.text C:\windows\System32\svchost.exe[1140] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163 000007fea0d3f81b 1 byte [62]
.text C:\windows\system32\wbem\wmiprvse.exe[2940] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163 000007fea0d3f81b 1 byte [62]
.text C:\windows\system32\SearchIndexer.exe[3912] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163 000007fea0d3f81b 1 byte [62]
.text C:\windows\Explorer.EXE[880] C:\windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163 000007fea0d3f81b 1 byte [62]
.text C:\windows\system32\AUDIODG.EXE[1948] C:\windows\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 163 000007fea0d3f81b 1 byte [62]
---- Threads - GMER 2.1 ----
Thread C:\windows\system32\csrss.exe [4244:4380] fffff960008585e8
---- Processes - GMER 2.1 ----
Process C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe (*** suspicious ***) @ C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [1508](2013-05-02 15:43:02) 0000000000ff0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior
---- EOF - GMER 2.1 ----
Grüße Christian |
|
10.05.2014, 20:19
| #2 |
 | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Hallo und willkommen an Board, trojakick  Mein Name ist Machiavelli und werde bei Deinem Malware Problemen behilflich sein. Falls Du Dich im abgesicherten Modus befindest, würde ich Dir raten, alle Anweisungen von mir auszudrucken, um besseren Überblick auf die Gesamtsituation zu bekommen. Ich bin hier im Malwareteam und daher ist es mir möglich, Dir zu helfen. Damit eine Bereinigung ermöglicht werden kann, musst Du ein paar Regeln/Tipps beachten:
Ich melde mich mit weiteren Anweisungen später. |
|
10.05.2014, 20:38
| #3 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Hallo Machiavelli,
__________________ich habe gerade noch den ESET OnlineScanner laufen lassen. der Scan lief jetzt knapp über eine Stunde. Hier das entsprechende Ergebnis: Code:
ATTFilter C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaApp.dll Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaEng.dll möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\deltasrv.exe Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\escortShld.dll Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\uninstall.exe Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung
C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung
C:\Users\Chef\AppData\Roaming\BabSolution\CR\delta2.crx Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung
C:\Users\Chef\AppData\Roaming\BabSolution\Shared\BabMaint.exe Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung
Arbeitsspeicher Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung
|
|
10.05.2014, 20:40
| #4 | |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Hallo, da hat sich einiges angehäuft. Das macht mir am meisten Sorge: Zitat:
Bitte entferne diese Extensions:
Schritt 2: Uninstalls Bitte deinstalliere folgende Programme:
Schritt 3: FRST Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-04-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-04-25] (Iminent)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ATTENTION
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [yaeqlbdy] => regsvr32.exe "C:\ProgramData\yaeqlbdy.dat"
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\MountPoints2: {30586661-a7e5-11e2-be89-806e6f6e6963} - "D:\start.exe"
AppInit_DLLs-x32: c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll => "c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll" File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL =
SearchScopes: HKCU - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL =
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3047744 2014-05-08] (Iminent)
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Task: {6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {F7C47359-95C7-48FF-9600-437CA42806DE} - System32\Tasks\EPUpdater => C:\Users\Chef\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
C:\Program Files (x86)\Delta
C:\Users\Chef\AppData\Roaming\BabSolution
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 4: Adwarecleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 5: Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 6: FRST Scan   Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan. Schritt 7: TDSSKiller Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt 8: Frage Wie läuft Dein System nun? Geändert von Machiavelli (10.05.2014 um 20:49 Uhr) |
|
10.05.2014, 21:35
| #5 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Hallo Machiavelli, hier die Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-05-2014
Ran by mip-admin at 2014-05-10 21:53:25 Run:1
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-04-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-04-25] (Iminent)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ATTENTION
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [yaeqlbdy] => regsvr32.exe "C:\ProgramData\yaeqlbdy.dat"
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\MountPoints2: {30586661-a7e5-11e2-be89-806e6f6e6963} - "D:\start.exe"
AppInit_DLLs-x32: c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll => "c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll" File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL =
SearchScopes: HKCU - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL =
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3047744 2014-05-08] (Iminent)
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Task: {6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {F7C47359-95C7-48FF-9600-437CA42806DE} - System32\Tasks\EPUpdater => C:\Users\Chef\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
C:\Program Files (x86)\Delta
C:\Users\Chef\AppData\Roaming\BabSolution
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Iminent => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\IminentMessenger => Value not found.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-2669165515-361187302-876288576-1001\Software\Microsoft\Windows\CurrentVersion\Run\\yaeqlbdy => Value not found.
HKU\S-1-5-21-2669165515-361187302-876288576-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30586661-a7e5-11e2-be89-806e6f6e6963} => Key not found.
HKCR\CLSID\{30586661-a7e5-11e2-be89-806e6f6e6963} => Key not found.
"c:\programdata\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{38B7222B-4B2A-4275-BD2A-70DC0BE165A6} => Key deleted successfully.
HKCR\CLSID\{38B7222B-4B2A-4275-BD2A-70DC0BE165A6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key not found.
HKCR\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Value not found.
HKCR\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => Value deleted successfully.
HKCR\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
SProtection => Service not found.
C:\ProgramData\MakeMarkerFile.exe => Moved successfully.
C:\Users\EasySurvey\EasySurvey.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A6F1A9B-4BA6-4F48-B8E3-A9E97BE4940A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D96AE2B-5C69-4898-9186-C0B3DFDC0E3C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE1CCD12-2225-4C44-8A46-5A20C6FE9CE1} => Key deleted successfully.
C:\Windows\System32\Tasks\BrowserProtect => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7C47359-95C7-48FF-9600-437CA42806DE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C47359-95C7-48FF-9600-437CA42806DE} => Key deleted successfully.
C:\Windows\System32\Tasks\EPUpdater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully.
"C:\Program Files (x86)\Delta" => File/Directory not found.
C:\Users\Chef\AppData\Roaming\BabSolution => Moved successfully.
==== End of Fixlog ====
Code:
ATTFilter # AdwCleaner v3.207 - Bericht erstellt am 10/05/2014 um 21:58:13
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : mip-admin - ESMERALDA
# Gestartet von : C:\Users\mip-admin\Desktop\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : SearchAnonymizer
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gefunden : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Ordner Gefunden : C:\Program Files (x86)\Iminent
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\DesktopIconForAmazon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\file scout
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\Iminent
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\OCS
Ordner Gefunden : C:\Users\mip-admin\AppData\LocalLow\Delta
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : HKLM\SOFTWARE\80dc8fb73bec48
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Speedchecker Limited
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Google Chrome v34.0.1847.131
[ Datei : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Startup_urls] : hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91
Gefunden [Homepage] : hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91
Gefunden [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gefunden [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
[ Datei : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
*************************
AdwCleaner[R0].txt - [12086 octets] - [10/05/2014 21:58:13]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12147 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by mip-admin on 10.05.2014 at 22:12:56,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\mip-admin\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.05.2014 at 22:22:34,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014
Ran by mip-admin (administrator) on ESMERALDA on 10-05-2014 22:24:15
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc)
HKLM\...\Run: [Ocs_SM] => C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-05-02] (OCS)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-18] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\mip-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://www.google.com"
CHR Extension: (Google Docs) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-10]
CHR Extension: (Google Drive) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-10]
CHR Extension: (YouTube) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-10]
CHR Extension: (Google-Suche) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-10]
CHR Extension: (Google Wallet) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-10]
CHR Extension: (Google Mail) - C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-10]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-18] (AVAST Software)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 SearchAnonymizer; C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-05-02] ()
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-01-18] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-30] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2014-01-18] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2014-01-18] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [79672 2014-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-18] ()
S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-10 22:22 - 2014-05-10 22:22 - 00001689 _____ () C:\Users\mip-admin\Desktop\JRT.txt
2014-05-10 22:12 - 2014-05-10 22:12 - 00000000 ____D () C:\windows\ERUNT
2014-05-10 21:58 - 2014-05-10 21:58 - 00000000 ____D () C:\AdwCleaner
2014-05-10 21:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-10 21:56 - 2014-05-10 21:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\mip-admin\Downloads\tdsskiller.exe
2014-05-10 21:56 - 2014-05-10 21:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\mip-admin\Desktop\tdsskiller.exe
2014-05-10 21:55 - 2014-05-10 21:55 - 01016261 _____ (Thisisu) C:\Users\mip-admin\Downloads\JRT.exe
2014-05-10 21:55 - 2014-05-10 21:55 - 01016261 _____ (Thisisu) C:\Users\mip-admin\Desktop\JRT.exe
2014-05-10 21:54 - 2014-05-10 21:54 - 01316991 _____ () C:\Users\mip-admin\Downloads\adwcleaner.exe
2014-05-10 21:54 - 2014-05-10 21:54 - 01316991 _____ () C:\Users\mip-admin\Desktop\adwcleaner.exe
2014-05-10 21:44 - 2014-05-10 21:44 - 00002259 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2014-05-10 21:44 - 2014-05-10 21:44 - 00002259 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2014-05-10 21:44 - 2014-05-10 21:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-10 21:44 - 2014-05-10 21:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-10 20:29 - 2014-05-10 20:29 - 02347384 _____ (ESET) C:\Users\mip-admin\Downloads\esetsmartinstaller_deu.exe
2014-05-10 20:29 - 2014-05-10 20:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-10 15:53 - 2014-05-10 22:24 - 00000000 ____D () C:\FRST
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 _____ () C:\Users\mip-admin\defogger_reenable
2014-05-10 15:49 - 2014-05-10 15:50 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_154947.html
2014-05-10 15:13 - 2014-05-10 15:13 - 02065408 _____ (Farbar) C:\Users\mip-admin\Downloads\FRST64.exe
2014-05-10 15:13 - 2014-05-10 15:13 - 00380416 _____ () C:\Users\mip-admin\Downloads\Gmer-19357.exe
2014-05-10 15:11 - 2014-05-10 22:24 - 00000000 ____D () C:\Users\mip-admin\Desktop\Viren Heilung
2014-05-10 15:11 - 2014-05-10 15:11 - 00050477 _____ () C:\Users\mip-admin\Downloads\Defogger.exe
2014-05-10 14:47 - 2014-05-10 14:47 - 00512784 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avastclear_9.0.2013.exe
2014-05-10 14:10 - 2014-05-10 15:46 - 00001085 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_141029.html
2014-05-10 14:10 - 2014-05-10 14:10 - 00000000 ____D () C:\Quarantine
2014-05-10 14:07 - 2014-05-10 14:08 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_140737.html
2014-05-10 14:05 - 2014-05-10 14:05 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Macromedia
2014-05-10 14:04 - 2014-05-10 15:51 - 00000122 ___RH () C:\Users\mip-admin\Downloads\Stinger.opt
2014-05-10 14:04 - 2014-05-10 15:51 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-05-10 14:04 - 2014-05-10 14:04 - 10653032 _____ (McAfee Inc) C:\Users\mip-admin\Downloads\stinger32.exe
2014-05-10 13:57 - 2014-05-10 13:58 - 88882192 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avast_free_antivirus_setup.exe
2014-05-10 13:51 - 2014-05-10 22:21 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1033
2014-05-10 13:50 - 2014-05-10 14:06 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Google
2014-05-10 13:48 - 2014-05-10 13:48 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\bitcasa
2014-05-10 13:47 - 2014-05-10 13:47 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Intel Corporation
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Canon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Samsung
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Power2Go8
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Adobe
2014-05-10 13:45 - 2014-05-10 13:50 - 00002259 _____ () C:\Users\mip-admin\Desktop\Google Chrome.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00001450 _____ () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Adobe
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\VirtualStore
2014-05-10 13:43 - 2014-05-10 15:52 - 00000000 ____D () C:\Users\mip-admin
2014-05-10 13:43 - 2014-05-10 13:45 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Packages
2014-05-10 13:43 - 2014-05-10 13:43 - 00000020 ___SH () C:\Users\mip-admin\ntuser.ini
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Vorlagen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Startmenü
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Netzwerkumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Lokale Einstellungen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Eigene Dateien
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Druckumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Musik
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Bilder
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Verlauf
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Synaptics
2014-05-10 13:43 - 2014-03-15 21:13 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-10 13:43 - 2013-06-24 13:29 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-10 13:43 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-10 13:43 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-10 13:21 - 2014-05-10 13:23 - 00000000 ___HD () C:\windows\AxInstSV
2014-05-10 13:20 - 2014-05-10 13:32 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\QuickScan
2014-05-08 20:15 - 2014-05-08 20:15 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-08 19:52 - 2014-05-08 19:52 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-08 19:52 - 2014-05-08 19:52 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-06 21:38 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 21:38 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 21:38 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 21:38 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 21:38 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-02 20:18 - 2014-04-23 01:47 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-02 20:18 - 2014-04-23 01:47 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-02 20:17 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-02 20:17 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-02 20:17 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-02 20:17 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 12:22 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 12:22 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 12:22 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 12:22 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 12:22 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 12:22 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 12:22 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 12:22 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 12:22 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 12:22 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 12:22 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 12:22 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 12:22 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 12:22 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 12:22 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-12 12:21 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 12:21 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 12:21 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 12:21 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 12:21 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 12:20 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 12:20 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 12:20 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 12:20 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 12:20 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 12:20 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 12:20 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 12:20 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 12:20 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 12:20 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
==================== One Month Modified Files and Folders =======
2014-05-10 22:24 - 2014-05-10 15:53 - 00000000 ____D () C:\FRST
2014-05-10 22:24 - 2014-05-10 15:11 - 00000000 ____D () C:\Users\mip-admin\Desktop\Viren Heilung
2014-05-10 22:24 - 2013-05-04 22:30 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-10 22:22 - 2014-05-10 22:22 - 00001689 _____ () C:\Users\mip-admin\Desktop\JRT.txt
2014-05-10 22:21 - 2014-05-10 13:51 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1033
2014-05-10 22:15 - 2013-01-25 05:10 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-05-10 22:12 - 2014-05-10 22:12 - 00000000 ____D () C:\windows\ERUNT
2014-05-10 22:10 - 2013-01-25 20:54 - 00754172 _____ () C:\windows\system32\perfh007.dat
2014-05-10 22:10 - 2013-01-25 20:54 - 00156362 _____ () C:\windows\system32\perfc007.dat
2014-05-10 22:10 - 2012-07-26 09:28 - 01748838 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-10 22:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-05-10 21:58 - 2014-05-10 21:58 - 00000000 ____D () C:\AdwCleaner
2014-05-10 21:56 - 2014-05-10 21:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\mip-admin\Downloads\tdsskiller.exe
2014-05-10 21:56 - 2014-05-10 21:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\mip-admin\Desktop\tdsskiller.exe
2014-05-10 21:55 - 2014-05-10 21:55 - 01016261 _____ (Thisisu) C:\Users\mip-admin\Downloads\JRT.exe
2014-05-10 21:55 - 2014-05-10 21:55 - 01016261 _____ (Thisisu) C:\Users\mip-admin\Desktop\JRT.exe
2014-05-10 21:54 - 2014-05-10 21:54 - 01316991 _____ () C:\Users\mip-admin\Downloads\adwcleaner.exe
2014-05-10 21:54 - 2014-05-10 21:54 - 01316991 _____ () C:\Users\mip-admin\Desktop\adwcleaner.exe
2014-05-10 21:53 - 2013-01-25 04:52 - 00000000 ____D () C:\Users\EasySurvey
2014-05-10 21:49 - 2013-01-25 04:58 - 00000000 ____D () C:\ProgramData\WinClon
2014-05-10 21:46 - 2013-05-04 22:30 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 21:46 - 2012-08-05 23:07 - 00862180 _____ () C:\windows\PFRO.log
2014-05-10 21:46 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-10 21:45 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-05-10 21:44 - 2014-05-10 21:44 - 00002259 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2014-05-10 21:44 - 2014-05-10 21:44 - 00002259 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2014-05-10 21:44 - 2014-05-10 21:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-10 21:44 - 2014-05-10 21:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-10 21:44 - 2013-05-02 17:46 - 00000898 _____ () C:\windows\SysWOW64\InstallUtil.InstallLog
2014-05-10 20:29 - 2014-05-10 20:29 - 02347384 _____ (ESET) C:\Users\mip-admin\Downloads\esetsmartinstaller_deu.exe
2014-05-10 20:29 - 2014-05-10 20:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-10 19:55 - 2013-05-04 22:34 - 00000000 ____D () C:\Program Files\Google
2014-05-10 19:55 - 2013-05-02 21:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-10 19:55 - 2013-01-25 03:52 - 01138338 _____ () C:\windows\WindowsUpdate.log
2014-05-10 15:52 - 2014-05-10 15:52 - 00000000 _____ () C:\Users\mip-admin\defogger_reenable
2014-05-10 15:52 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin
2014-05-10 15:51 - 2014-05-10 14:04 - 00000122 ___RH () C:\Users\mip-admin\Downloads\Stinger.opt
2014-05-10 15:51 - 2014-05-10 14:04 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-05-10 15:50 - 2014-05-10 15:49 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_154947.html
2014-05-10 15:46 - 2014-05-10 14:10 - 00001085 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_141029.html
2014-05-10 15:13 - 2014-05-10 15:13 - 02065408 _____ (Farbar) C:\Users\mip-admin\Downloads\FRST64.exe
2014-05-10 15:13 - 2014-05-10 15:13 - 00380416 _____ () C:\Users\mip-admin\Downloads\Gmer-19357.exe
2014-05-10 15:11 - 2014-05-10 15:11 - 00050477 _____ () C:\Users\mip-admin\Downloads\Defogger.exe
2014-05-10 14:47 - 2014-05-10 14:47 - 00512784 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avastclear_9.0.2013.exe
2014-05-10 14:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-05-10 14:10 - 2014-05-10 14:10 - 00000000 ____D () C:\Quarantine
2014-05-10 14:08 - 2014-05-10 14:07 - 00000847 _____ () C:\Users\mip-admin\Downloads\Stinger_10052014_140737.html
2014-05-10 14:06 - 2014-05-10 13:50 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Google
2014-05-10 14:05 - 2014-05-10 14:05 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Macromedia
2014-05-10 14:04 - 2014-05-10 14:04 - 10653032 _____ (McAfee Inc) C:\Users\mip-admin\Downloads\stinger32.exe
2014-05-10 14:01 - 2013-05-02 15:00 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1001
2014-05-10 13:58 - 2014-05-10 13:57 - 88882192 _____ (AVAST Software) C:\Users\mip-admin\Downloads\avast_free_antivirus_setup.exe
2014-05-10 13:50 - 2014-05-10 13:45 - 00002259 _____ () C:\Users\mip-admin\Desktop\Google Chrome.lnk
2014-05-10 13:48 - 2014-05-10 13:48 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\bitcasa
2014-05-10 13:47 - 2014-05-10 13:47 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Intel Corporation
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Canon
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Samsung
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Power2Go8
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\ATI
2014-05-10 13:46 - 2014-05-10 13:46 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Adobe
2014-05-10 13:46 - 2013-05-02 13:55 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-05-10 13:45 - 2014-05-10 13:45 - 00001450 _____ () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 13:45 - 2014-05-10 13:45 - 00000000 ___RD () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-10 13:45 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\Packages
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Adobe
2014-05-10 13:44 - 2014-05-10 13:44 - 00000000 ____D () C:\Users\mip-admin\AppData\Local\VirtualStore
2014-05-10 13:43 - 2014-05-10 13:43 - 00000020 ___SH () C:\Users\mip-admin\ntuser.ini
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Vorlagen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Startmenü
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Netzwerkumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Lokale Einstellungen
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Eigene Dateien
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Druckumgebung
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Musik
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Documents\Eigene Bilder
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Verlauf
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\AppData\Local\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 _SHDL () C:\Users\mip-admin\Anwendungsdaten
2014-05-10 13:43 - 2014-05-10 13:43 - 00000000 ____D () C:\Users\mip-admin\AppData\Roaming\Synaptics
2014-05-10 13:43 - 2013-05-18 13:48 - 00000000 ___RD () C:\Users\Chef\Dropbox
2014-05-10 13:43 - 2013-05-18 13:46 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\Dropbox
2014-05-10 13:41 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-10 13:32 - 2014-05-10 13:20 - 00000000 ____D () C:\Users\Chef\AppData\Roaming\QuickScan
2014-05-10 13:23 - 2014-05-10 13:21 - 00000000 ___HD () C:\windows\AxInstSV
2014-05-10 13:21 - 2013-07-28 16:36 - 00000000 ____D () C:\Users\Chef\AppData\Local\CrashDumps
2014-05-10 13:19 - 2013-05-04 22:30 - 00004098 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 13:19 - 2013-05-04 22:30 - 00003862 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 20:15 - 2014-05-08 20:15 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-08 20:15 - 2013-01-25 04:47 - 00000000 ____D () C:\ProgramData\Intel
2014-05-08 19:53 - 2013-01-25 04:42 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-08 19:52 - 2014-05-08 19:52 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-08 19:52 - 2014-05-08 19:52 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-08 19:52 - 2013-01-25 04:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-04-29 16:14 - 2014-05-02 20:17 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-02 20:17 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-23 01:47 - 2014-05-02 20:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2014-05-02 20:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-19 19:06 - 2014-03-02 12:37 - 00000000 ____D () C:\Users\Chef\Documents\Arztadressen
2014-04-19 11:39 - 2014-05-06 21:38 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 21:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 21:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 21:38 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 21:38 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-15 11:11 - 2013-05-02 13:55 - 00000000 ___RD () C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-15 11:11 - 2013-05-02 13:55 - 00000000 ___RD () C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 20:18 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 20:17 - 2013-08-21 16:51 - 00000000 ____D () C:\windows\system32\MRT
2014-04-14 20:16 - 2013-05-03 10:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\mip-admin\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-17 19:52
==================== End Of Log ============================
--- --- --- Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-05-2014
Ran by mip-admin at 2014-05-10 22:24:58
Running from C:\Users\mip-admin\Desktop\Viren Heilung
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D1FE6D8B-E5EE-5205-3E53-CDA000257D99}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2011 - Avast Software)
Bitcasa version 0.9.20.4133 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4133 - Bitcasa Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP3300 Benutzerregistrierung (HKLM-x32\...\Canon iP3300 Benutzerregistrierung) (Version: - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Help Desk (HKLM\...\{3D85CD3F-00E0-4E14-82D6-1F9397DDD09B}) (Version: 1.0.8 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystic Gallery (HKLM-x32\...\Mystic Gallery) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.7.2 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{3EB3E946-FB88-45C2-A19B-410D254657D9}) (Version: 2.1.20 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{F5B5BA56-8FEB-494B-84E6-C8DA9C2BEE50}) (Version: 2.1.6 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
User Guide (HKLM-x32\...\{C7588111-1A12-4EFE-8CA0-DA4344480D92}) (Version: 1.4.00 - Samsung Electronics CO., LTD.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
==================== Restore Points =========================
22-03-2014 16:42:52 Windows Update
12-04-2014 10:12:36 Windows Update
02-05-2014 18:13:40 Windows Update
10-05-2014 11:39:43 Windows Update
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {04DEB689-306C-496A-9364-1CDF17180B35} - System32\Tasks\AdobeAAMUpdater-1.0-Esmeralda-Chef => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {06A4AD44-E164-481C-97E7-4FD0C13BE49F} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-11-30] (Samsung Electronics CO., LTD.)
Task: {12DF29B0-55C0-4F02-B631-39303CF52C98} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-18] (AVAST Software)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2033F2F4-84BB-4548-B145-D214EC365DC7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C06C0B3-58E7-4594-902F-FD6D297592DB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {4AA7E9A4-D73C-4C6B-B81F-A2852332C3C1} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16] (Synaptics Incorporated)
Task: {5346A36B-87BE-40E5-8722-B2BCD8FA1EA4} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {59ED68AC-CE6F-4B61-BE58-F596EDEDC4DE} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-10-25] (Samsung Electronics CO., LTD.)
Task: {69B5829A-2A3F-4578-9042-AEF18736F613} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-10-15] (SEC)
Task: {6E48F844-22D1-44F3-8857-7D0452415727} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {967D187D-5A2C-46BE-A6C3-30EFBA3E9BF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB3527A5-705D-4939-A605-964D0470BA71} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D5D7F3E5-83B7-4A72-A6BE-9922EEBF94D7} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F6296C50-6397-4C60-A2CF-0699E5738F57} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {FA1864BF-A4CB-4F4A-BB73-CEC9D8738308} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2013-05-02 17:43 - 2013-05-02 17:43 - 00040960 _____ () C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2012-11-30 09:26 - 2012-11-30 09:26 - 00082312 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-09-17 10:23 - 2012-09-17 10:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 04:54 - 2012-08-06 04:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-10 19:58 - 2014-05-10 19:02 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051001\algo.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 01068664 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00103032 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-01-25 05:11 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-02-15 20:25 - 2014-02-15 20:25 - 00017920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2013-01-25 04:47 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-30 16:21 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 20%
Total physical RAM: 8083.41 MB
Available physical RAM: 6395.91 MB
Total Pagefile: 9299.42 MB
Available Pagefile: 7463.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:436.5 GB) (Free:388.89 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
10.05.2014, 21:48
| #6 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B ... und noch tdssKiller: Code:
ATTFilter 22:28:28.0403 0x04cc TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
22:28:28.0403 0x04cc UEFI system
22:28:32.0182 0x04cc ============================================================
22:28:32.0182 0x04cc Current date / time: 2014/05/10 22:28:32.0182
22:28:32.0182 0x04cc SystemInfo:
22:28:32.0182 0x04cc
22:28:32.0183 0x04cc OS Version: 6.2.9200 ServicePack: 0.0
22:28:32.0183 0x04cc Product type: Workstation
22:28:32.0183 0x04cc ComputerName: ESMERALDA
22:28:32.0183 0x04cc UserName: mip-admin
22:28:32.0183 0x04cc Windows directory: C:\windows
22:28:32.0183 0x04cc System windows directory: C:\windows
22:28:32.0183 0x04cc Running under WOW64
22:28:32.0183 0x04cc Processor architecture: Intel x64
22:28:32.0183 0x04cc Number of processors: 4
22:28:32.0183 0x04cc Page size: 0x1000
22:28:32.0183 0x04cc Boot type: Normal boot
22:28:32.0183 0x04cc ============================================================
22:28:33.0209 0x04cc KLMD registered as C:\windows\system32\drivers\88001823.sys
22:28:33.0337 0x04cc System UUID: {D437BC67-7EAA-4E43-B6C5-68BD2648411C}
22:28:34.0049 0x04cc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:28:34.0052 0x04cc ============================================================
22:28:34.0052 0x04cc \Device\Harddisk0\DR0:
22:28:34.0052 0x04cc GPT partitions:
22:28:34.0053 0x04cc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8CCDCCCE-8BD0-443E-BDF2-98ECE4D2FFB9}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
22:28:34.0053 0x04cc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {1B8D22C5-B019-4128-B47F-B59716115348}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x96000
22:28:34.0053 0x04cc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1F32624D-B76F-4F7A-9407-205F662553F9}, Name: Microsoft reserved partition, StartLBA 0x190000, BlocksNum 0x40000
22:28:34.0053 0x04cc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0389BCD8-CEDF-471C-8B72-FE81979F1982}, Name: Basic data partition, StartLBA 0x1D0000, BlocksNum 0x368FF00F
22:28:34.0053 0x04cc \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A6CFD210-1368-4836-9BF3-73487BBF9FB0}, Name: Basic data partition, StartLBA 0x36ACF00F, BlocksNum 0x36B7000
22:28:34.0053 0x04cc \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C0730760-68B8-4370-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A18600F, BlocksNum 0x200000
22:28:34.0053 0x04cc MBR partitions:
22:28:34.0053 0x04cc ============================================================
22:28:34.0086 0x04cc C: <-> \Device\Harddisk0\DR0\Partition4
22:28:34.0086 0x04cc ============================================================
22:28:34.0086 0x04cc Initialize success
22:28:34.0086 0x04cc ============================================================
22:29:20.0631 0x0560 ============================================================
22:29:20.0631 0x0560 Scan started
22:29:20.0631 0x0560 Mode: Manual; SigCheck; TDLFS;
22:29:20.0631 0x0560 ============================================================
22:29:20.0631 0x0560 KSN ping started
22:29:23.0153 0x0560 KSN ping finished: true
22:29:23.0554 0x0560 ================ Scan system memory ========================
22:29:23.0554 0x0560 System memory - ok
22:29:23.0555 0x0560 ================ Scan services =============================
22:29:23.0696 0x0560 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
22:29:23.0843 0x0560 1394ohci - ok
22:29:23.0938 0x0560 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\windows\system32\drivers\3ware.sys
22:29:23.0962 0x0560 3ware - ok
22:29:24.0015 0x0560 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\windows\system32\drivers\ACPI.sys
22:29:24.0055 0x0560 ACPI - ok
22:29:24.0078 0x0560 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\windows\system32\Drivers\acpiex.sys
22:29:24.0098 0x0560 acpiex - ok
22:29:24.0113 0x0560 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
22:29:24.0146 0x0560 acpipagr - ok
22:29:24.0152 0x0560 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
22:29:24.0194 0x0560 AcpiPmi - ok
22:29:24.0199 0x0560 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\windows\System32\drivers\acpitime.sys
22:29:24.0236 0x0560 acpitime - ok
22:29:24.0352 0x0560 [ C4B1D322567F73BB5A687F907EA25507, CA11E9F5A6B70E0883B1AA75A3D03FE9112A7EC7B4BEFD9973B9A3457564FADF ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
22:29:24.0373 0x0560 AdobeActiveFileMonitor11.0 - ok
22:29:24.0475 0x0560 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:29:24.0490 0x0560 AdobeARMservice - ok
22:29:24.0541 0x0560 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
22:29:24.0583 0x0560 adp94xx - ok
22:29:24.0610 0x0560 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\windows\system32\drivers\adpahci.sys
22:29:24.0646 0x0560 adpahci - ok
22:29:24.0660 0x0560 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\windows\system32\drivers\adpu320.sys
22:29:24.0685 0x0560 adpu320 - ok
22:29:24.0723 0x0560 [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
22:29:24.0760 0x0560 AeLookupSvc - ok
22:29:24.0810 0x0560 [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD C:\windows\system32\drivers\afd.sys
22:29:24.0920 0x0560 AFD - ok
22:29:24.0938 0x0560 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\windows\system32\drivers\agp440.sys
22:29:24.0957 0x0560 agp440 - ok
22:29:24.0996 0x0560 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\windows\System32\alg.exe
22:29:25.0034 0x0560 ALG - ok
22:29:25.0068 0x0560 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
22:29:25.0153 0x0560 AllUserInstallAgent - ok
22:29:25.0186 0x0560 [ 1F500945F87AA517BD2F049256B304DD, AFAA5C58A516C63C5142798FAF5CA55AF14EF85BA6EF5E9657C8FF7B0F7311E7 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
22:29:25.0259 0x0560 AMD External Events Utility - ok
22:29:25.0306 0x0560 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\windows\System32\drivers\amdk8.sys
22:29:25.0348 0x0560 AmdK8 - ok
22:29:25.0814 0x0560 [ 2A831A7F9031B5BBA6EF189381D65228, 797FBD32F7514235293E003F0AE9F570173E7738251070879500C4F21F105C96 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
22:29:26.0355 0x0560 amdkmdag - ok
22:29:26.0410 0x0560 [ B9ACB2AA40709E060CDC34F13F1C9C8F, D483FCFC5EC76998DA4D0655ADCC5A5844E74FD5FB4B5862761B9FEAEFCFC6DB ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
22:29:26.0468 0x0560 amdkmdap - ok
22:29:26.0496 0x0560 [ 02CF5AD93538CCE63EB09364EDD3DCF9, A50EBC874966DDA8D209F102148BBD3C6BD5E0CB0DB23D22A99AC3AD3AACE17A ] amdkmpfd C:\windows\system32\drivers\amdkmpfd.sys
22:29:26.0519 0x0560 amdkmpfd - ok
22:29:26.0537 0x0560 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\windows\System32\drivers\amdppm.sys
22:29:26.0570 0x0560 AmdPPM - ok
22:29:26.0594 0x0560 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\windows\system32\drivers\amdsata.sys
22:29:26.0615 0x0560 amdsata - ok
22:29:26.0637 0x0560 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
22:29:26.0667 0x0560 amdsbs - ok
22:29:26.0675 0x0560 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\windows\system32\drivers\amdxata.sys
22:29:26.0692 0x0560 amdxata - ok
22:29:26.0701 0x0560 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\windows\system32\drivers\appid.sys
22:29:26.0746 0x0560 AppID - ok
22:29:26.0784 0x0560 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\windows\System32\appidsvc.dll
22:29:26.0853 0x0560 AppIDSvc - ok
22:29:26.0905 0x0560 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\windows\System32\appinfo.dll
22:29:26.0941 0x0560 Appinfo - ok
22:29:26.0966 0x0560 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\windows\system32\drivers\arc.sys
22:29:26.0988 0x0560 arc - ok
22:29:27.0005 0x0560 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\windows\system32\drivers\arcsas.sys
22:29:27.0027 0x0560 arcsas - ok
22:29:27.0057 0x0560 [ 9C2BEA3957EFFD45F352F0938DFB3721, 7006CC604C480CF512A29AD03BA17FFA564FDDF34CE768ACBD805611503D5012 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
22:29:27.0076 0x0560 aswMonFlt - ok
22:29:27.0108 0x0560 [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
22:29:27.0137 0x0560 aswRdr - ok
22:29:27.0195 0x0560 [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
22:29:27.0210 0x0560 aswRvrt - ok
22:29:27.0272 0x0560 [ 52B5F8FAF7E78C02D26B0B6E3A05F596, 7C45BA507529F822D4397BD5F001EC861C85E9CBB1F75927E48843B15D5C0B8E ] aswSnx C:\windows\system32\drivers\aswSnx.sys
22:29:27.0333 0x0560 aswSnx - ok
22:29:27.0373 0x0560 [ 251360C2FCA22BAFE0583314B3262F98, 1EB1B4620E3AFA8ACDDE5F1A6EC4AAEDD40AE2FC5C013AF1B13B03C4B60F6CEB ] aswSP C:\windows\system32\drivers\aswSP.sys
22:29:27.0405 0x0560 aswSP - ok
22:29:27.0442 0x0560 [ AAB5F5336EDBB5D99CC7E1A9F4D8F63F, 01B40475DCA40E7B426DB0578A33DB62D62640F3A7F9F95A6BBF0AD3CF0F2941 ] aswStm C:\windows\system32\drivers\aswStm.sys
22:29:27.0458 0x0560 aswStm - ok
22:29:27.0484 0x0560 [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
22:29:27.0506 0x0560 aswVmm - ok
22:29:27.0524 0x0560 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
22:29:27.0562 0x0560 AsyncMac - ok
22:29:27.0599 0x0560 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\windows\system32\drivers\atapi.sys
22:29:27.0617 0x0560 atapi - ok
22:29:27.0696 0x0560 [ AFF895D6FFA43B058ABFF27964083BBC, DD3A99B843EFB3D17784F420019B431A45C69822FF4CF05CF7B16BE9D5ABB2E0 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
22:29:27.0711 0x0560 AthBTPort - ok
22:29:27.0769 0x0560 [ 3283A0D40B330B930CD4596D0231D15F, A1691990929281C35116AF086B9F4246E78A9691D678B78A1B35EE14AE0ACD88 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
22:29:27.0790 0x0560 AtherosSvc - ok
22:29:27.0975 0x0560 [ 221F28472FB210E2D4A7B4488BC798F9, 1AB0224EBA40E3CA1347AAB571FE40D744F1F67851C660F9F25C5FEA1EF155C1 ] athr C:\windows\system32\DRIVERS\athw8x.sys
22:29:28.0163 0x0560 athr - ok
22:29:28.0196 0x0560 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
22:29:28.0226 0x0560 AudioEndpointBuilder - ok
22:29:28.0284 0x0560 [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\windows\System32\Audiosrv.dll
22:29:28.0367 0x0560 Audiosrv - ok
22:29:28.0458 0x0560 [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:29:28.0473 0x0560 avast! Antivirus - ok
22:29:28.0514 0x0560 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\windows\System32\AxInstSV.dll
22:29:28.0553 0x0560 AxInstSV - ok
22:29:28.0618 0x0560 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
22:29:28.0663 0x0560 b06bdrv - ok
22:29:28.0692 0x0560 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
22:29:28.0721 0x0560 BasicDisplay - ok
22:29:28.0744 0x0560 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
22:29:28.0777 0x0560 BasicRender - ok
22:29:28.0822 0x0560 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\windows\System32\bdesvc.dll
22:29:28.0859 0x0560 BDESVC - ok
22:29:28.0872 0x0560 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\windows\system32\drivers\Beep.sys
22:29:28.0909 0x0560 Beep - ok
22:29:28.0972 0x0560 [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\windows\System32\bfe.dll
22:29:29.0034 0x0560 BFE - ok
22:29:29.0107 0x0560 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\windows\System32\qmgr.dll
22:29:29.0183 0x0560 BITS - ok
22:29:29.0202 0x0560 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
22:29:29.0235 0x0560 bowser - ok
22:29:29.0277 0x0560 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
22:29:29.0321 0x0560 BrokerInfrastructure - ok
22:29:29.0359 0x0560 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\windows\System32\browser.dll
22:29:29.0454 0x0560 Browser - ok
22:29:29.0497 0x0560 [ 71EAE55AB4E8195E254C34DC2E13A15F, C00B88C4E2C4109C9FDA2E54D230A8EA6438BEB578FE0ED8280C2BC57E6FB9CD ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
22:29:29.0523 0x0560 BTATH_A2DP - ok
22:29:29.0543 0x0560 [ 86F9298BD580818EDFE84306F2681F3F, 13203F0F01CBEDC88904F9FBE81F2C95F1023E00EDE528F3CA54F3C5F68AEDCC ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
22:29:29.0558 0x0560 btath_avdt - ok
22:29:29.0617 0x0560 [ D5418AF1B9AC86D89C045026EFBD5FB7, A23B6EEB5779DEE146E12207E6ED68EA514673436A9FC1ECBAE46D586F02D468 ] BTATH_BUS C:\windows\System32\drivers\btath_bus.sys
22:29:29.0628 0x0560 BTATH_BUS - ok
22:29:29.0653 0x0560 [ DDA454A4D6F88C91ED931E7C7C524015, 28DA11000DA55A11D915AA416CC85616D673771FEE5F611D0E85CDD9AA989447 ] BTATH_HCRP C:\windows\System32\drivers\btath_hcrp.sys
22:29:29.0672 0x0560 BTATH_HCRP - ok
22:29:29.0705 0x0560 [ BE7BB6D1353E0434317C037C7DA9CD25, 14F41684FB4A1E30C414D0F2B2D6259D9305E91B5FE0C275D589BC58843D5323 ] BTATH_HID C:\windows\system32\DRIVERS\btath_hid.sys
22:29:29.0724 0x0560 BTATH_HID - ok
22:29:29.0742 0x0560 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
22:29:29.0755 0x0560 BTATH_LWFLT - ok
22:29:29.0782 0x0560 [ 9B58A32D0C39910361225995FA546776, B9F904CB88041EF5CE9CD377F46F8D104BDABF541B6D50638187FE1A5C684DF2 ] BTATH_RCP C:\windows\System32\drivers\btath_rcp.sys
22:29:29.0798 0x0560 BTATH_RCP - ok
22:29:29.0842 0x0560 [ 7E82C4E6D383B81522EE57F1916D8BDA, F1E04832E033D63CBA855E0AF0250F66721650720FDB9DAF7C069F9B7D666489 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
22:29:29.0923 0x0560 BtFilter - ok
22:29:29.0957 0x0560 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
22:29:29.0994 0x0560 BthAvrcpTg - ok
22:29:30.0024 0x0560 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\windows\System32\drivers\BthEnum.sys
22:29:30.0070 0x0560 BthEnum - ok
22:29:30.0099 0x0560 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
22:29:30.0185 0x0560 BthHFEnum - ok
22:29:30.0213 0x0560 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
22:29:30.0248 0x0560 bthhfhid - ok
22:29:30.0287 0x0560 [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys
22:29:30.0376 0x0560 BthLEEnum - ok
22:29:30.0400 0x0560 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
22:29:30.0455 0x0560 BTHMODEM - ok
22:29:30.0493 0x0560 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
22:29:30.0530 0x0560 BthPan - ok
22:29:30.0609 0x0560 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
22:29:30.0737 0x0560 BTHPORT - ok
22:29:30.0775 0x0560 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\windows\system32\bthserv.dll
22:29:30.0862 0x0560 bthserv - ok
22:29:30.0891 0x0560 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
22:29:30.0914 0x0560 BTHUSB - ok
22:29:30.0954 0x0560 [ D2AAC014F1888A58DBDA67FAA15ED6CB, DBD6F4C84956CE8A14D8321EF52798F5C88E991E79BB03433BB34C8881A21FC7 ] cbfs3 C:\windows\system32\drivers\cbfs3.sys
22:29:30.0983 0x0560 cbfs3 - ok
22:29:31.0023 0x0560 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
22:29:31.0059 0x0560 cdfs - ok
22:29:31.0088 0x0560 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\windows\System32\drivers\cdrom.sys
22:29:31.0128 0x0560 cdrom - ok
22:29:31.0201 0x0560 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\windows\System32\certprop.dll
22:29:31.0238 0x0560 CertPropSvc - ok
22:29:31.0252 0x0560 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\windows\System32\drivers\circlass.sys
22:29:31.0293 0x0560 circlass - ok
22:29:31.0329 0x0560 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\windows\system32\drivers\CLFS.sys
22:29:31.0365 0x0560 CLFS - ok
22:29:31.0409 0x0560 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys
22:29:31.0426 0x0560 CLVirtualDrive - ok
22:29:31.0443 0x0560 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\windows\System32\drivers\CmBatt.sys
22:29:31.0472 0x0560 CmBatt - ok
22:29:31.0533 0x0560 [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG C:\windows\system32\Drivers\cng.sys
22:29:31.0580 0x0560 CNG - ok
22:29:31.0613 0x0560 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
22:29:31.0659 0x0560 CompositeBus - ok
22:29:31.0665 0x0560 COMSysApp - ok
22:29:31.0681 0x0560 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\windows\system32\drivers\condrv.sys
22:29:31.0759 0x0560 condrv - ok
22:29:31.0840 0x0560 [ 070606BDB143CBD862F6587C49A4FD96, 9157BEAEE8EC36F2BB953C25C193462EF78A4B5D71E12AD391FAEB65582A4F1E ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
22:29:31.0866 0x0560 cphs - ok
22:29:31.0904 0x0560 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\windows\system32\cryptsvc.dll
22:29:31.0937 0x0560 CryptSvc - ok
22:29:31.0972 0x0560 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\windows\system32\drivers\dam.sys
22:29:31.0992 0x0560 dam - ok
22:29:32.0082 0x0560 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\windows\system32\rpcss.dll
22:29:32.0171 0x0560 DcomLaunch - ok
22:29:32.0234 0x0560 [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\windows\System32\defragsvc.dll
22:29:32.0314 0x0560 defragsvc - ok
22:29:32.0364 0x0560 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
22:29:32.0427 0x0560 DeviceAssociationService - ok
22:29:32.0461 0x0560 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
22:29:32.0503 0x0560 DeviceInstall - ok
22:29:32.0567 0x0560 [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
22:29:32.0610 0x0560 Dfsc - ok
22:29:32.0648 0x0560 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\windows\system32\dhcpcore.dll
22:29:32.0694 0x0560 Dhcp - ok
22:29:32.0728 0x0560 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\windows\system32\drivers\discache.sys
22:29:32.0760 0x0560 discache - ok
22:29:32.0795 0x0560 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\windows\system32\drivers\disk.sys
22:29:32.0817 0x0560 disk - ok
22:29:32.0828 0x0560 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\windows\System32\drivers\dmvsc.sys
22:29:32.0848 0x0560 dmvsc - ok
22:29:32.0884 0x0560 [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\windows\System32\dnsrslvr.dll
22:29:32.0945 0x0560 Dnscache - ok
22:29:32.0982 0x0560 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\windows\System32\dot3svc.dll
22:29:33.0033 0x0560 dot3svc - ok
22:29:33.0057 0x0560 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\windows\system32\dps.dll
22:29:33.0097 0x0560 DPS - ok
22:29:33.0131 0x0560 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
22:29:33.0205 0x0560 drmkaud - ok
22:29:33.0246 0x0560 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
22:29:33.0277 0x0560 DsmSvc - ok
22:29:33.0370 0x0560 [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
22:29:33.0493 0x0560 DXGKrnl - ok
22:29:33.0528 0x0560 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\windows\System32\eapsvc.dll
22:29:33.0570 0x0560 Eaphost - ok
22:29:33.0786 0x0560 [ E6649F1F23937411DF9BB02964C2A332, E33710623AACF71B301E97923241775358A981142804834B6D413D1DFC3B313B ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
22:29:33.0896 0x0560 Easy Launcher - detected UnsignedFile.Multi.Generic ( 1 )
22:29:36.0380 0x0560 Detect skipped due to KSN trusted
22:29:36.0381 0x0560 Easy Launcher - ok
22:29:36.0588 0x0560 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\windows\system32\drivers\evbda.sys
22:29:36.0777 0x0560 ebdrv - ok
22:29:36.0817 0x0560 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS C:\windows\System32\lsass.exe
22:29:36.0856 0x0560 EFS - ok
22:29:36.0878 0x0560 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
22:29:36.0902 0x0560 EhStorClass - ok
22:29:36.0927 0x0560 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
22:29:36.0950 0x0560 EhStorTcgDrv - ok
22:29:36.0969 0x0560 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\windows\System32\drivers\errdev.sys
22:29:36.0999 0x0560 ErrDev - ok
22:29:37.0064 0x0560 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\windows\system32\es.dll
22:29:37.0124 0x0560 EventSystem - ok
22:29:37.0150 0x0560 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\windows\system32\drivers\exfat.sys
22:29:37.0201 0x0560 exfat - ok
22:29:37.0230 0x0560 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\windows\system32\drivers\fastfat.sys
22:29:37.0258 0x0560 fastfat - ok
22:29:37.0312 0x0560 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\windows\system32\fxssvc.exe
22:29:37.0375 0x0560 Fax - ok
22:29:37.0382 0x0560 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\windows\System32\drivers\fdc.sys
22:29:37.0410 0x0560 fdc - ok
22:29:37.0466 0x0560 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\windows\system32\fdPHost.dll
22:29:37.0518 0x0560 fdPHost - ok
22:29:37.0542 0x0560 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\windows\system32\fdrespub.dll
22:29:37.0597 0x0560 FDResPub - ok
22:29:37.0636 0x0560 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\windows\system32\fhsvc.dll
22:29:37.0677 0x0560 fhsvc - ok
22:29:37.0701 0x0560 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
22:29:37.0722 0x0560 FileInfo - ok
22:29:37.0754 0x0560 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\windows\system32\drivers\filetrace.sys
22:29:37.0818 0x0560 Filetrace - ok
22:29:37.0836 0x0560 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\windows\System32\drivers\flpydisk.sys
22:29:37.0870 0x0560 flpydisk - ok
22:29:37.0903 0x0560 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
22:29:37.0941 0x0560 FltMgr - ok
22:29:38.0027 0x0560 [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\windows\system32\FntCache.dll
22:29:38.0110 0x0560 FontCache - ok
22:29:38.0265 0x0560 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:29:38.0285 0x0560 FontCache3.0.0.0 - ok
22:29:38.0309 0x0560 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
22:29:38.0336 0x0560 FsDepends - ok
22:29:38.0371 0x0560 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
22:29:38.0389 0x0560 Fs_Rec - ok
22:29:38.0452 0x0560 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
22:29:38.0493 0x0560 fvevol - ok
22:29:38.0524 0x0560 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\windows\System32\drivers\fxppm.sys
22:29:38.0559 0x0560 FxPPM - ok
22:29:38.0576 0x0560 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
22:29:38.0596 0x0560 gagp30kx - ok
22:29:38.0628 0x0560 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
22:29:38.0706 0x0560 gencounter - ok
22:29:38.0747 0x0560 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
22:29:38.0772 0x0560 GPIOClx0101 - ok
22:29:38.0850 0x0560 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\windows\System32\gpsvc.dll
22:29:38.0949 0x0560 gpsvc - ok
22:29:38.0992 0x0560 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:29:39.0009 0x0560 gupdate - ok
22:29:39.0016 0x0560 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:29:39.0031 0x0560 gupdatem - ok
22:29:39.0070 0x0560 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:29:39.0121 0x0560 HdAudAddService - ok
22:29:39.0191 0x0560 [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
22:29:39.0223 0x0560 HDAudBus - ok
22:29:39.0286 0x0560 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\windows\System32\drivers\HidBatt.sys
22:29:39.0338 0x0560 HidBatt - ok
22:29:39.0369 0x0560 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\windows\System32\drivers\hidbth.sys
22:29:39.0405 0x0560 HidBth - ok
22:29:39.0436 0x0560 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
22:29:39.0469 0x0560 hidi2c - ok
22:29:39.0490 0x0560 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\windows\System32\drivers\hidir.sys
22:29:39.0539 0x0560 HidIr - ok
22:29:39.0564 0x0560 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\windows\system32\hidserv.dll
22:29:39.0675 0x0560 hidserv - ok
22:29:39.0703 0x0560 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\windows\System32\drivers\hidusb.sys
22:29:39.0732 0x0560 HidUsb - ok
22:29:39.0797 0x0560 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\windows\system32\kmsvc.dll
22:29:39.0840 0x0560 hkmsvc - ok
22:29:39.0890 0x0560 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:29:39.0951 0x0560 HomeGroupListener - ok
22:29:40.0002 0x0560 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:29:40.0043 0x0560 HomeGroupProvider - ok
22:29:40.0080 0x0560 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
22:29:40.0100 0x0560 HpSAMD - ok
22:29:40.0166 0x0560 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\windows\system32\drivers\HTTP.sys
22:29:40.0232 0x0560 HTTP - ok
22:29:40.0247 0x0560 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
22:29:40.0265 0x0560 hwpolicy - ok
22:29:40.0285 0x0560 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
22:29:40.0334 0x0560 hyperkbd - ok
22:29:40.0355 0x0560 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
22:29:40.0388 0x0560 HyperVideo - ok
22:29:40.0407 0x0560 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\windows\System32\drivers\i8042prt.sys
22:29:40.0450 0x0560 i8042prt - ok
22:29:40.0532 0x0560 [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\windows\system32\drivers\iaStorA.sys
22:29:40.0572 0x0560 iaStorA - ok
22:29:40.0665 0x0560 [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:29:40.0677 0x0560 IAStorDataMgrSvc - ok
22:29:40.0708 0x0560 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
22:29:40.0746 0x0560 iaStorV - ok
22:29:40.0992 0x0560 [ 24B5EE5A17AD83427D9BDFCBF7C2C1B4, 371DE28F6DE442AD29EB59BFECD77579329F206D6EF2553E441CCFF48DA47E45 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
22:29:41.0331 0x0560 igfx - ok
22:29:41.0376 0x0560 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\windows\system32\drivers\iirsp.sys
22:29:41.0394 0x0560 iirsp - ok
22:29:41.0472 0x0560 [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\windows\System32\ikeext.dll
22:29:41.0562 0x0560 IKEEXT - ok
22:29:41.0781 0x0560 [ 5C20DBF6A00AF50C7CB74DB233E03AF0, 1AB043E8F08857D6A08D4EF8613C8B2ECB85364BAC0D485443D3ADDA8E6072AC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
22:29:42.0001 0x0560 IntcAzAudAddService - ok
22:29:42.0047 0x0560 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
22:29:42.0103 0x0560 IntcDAud - ok
22:29:42.0242 0x0560 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:29:42.0282 0x0560 Intel(R) Capability Licensing Service Interface - ok
22:29:42.0338 0x0560 [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
22:29:42.0354 0x0560 Intel(R) ME Service - ok
22:29:42.0375 0x0560 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\windows\system32\drivers\intelide.sys
22:29:42.0392 0x0560 intelide - ok
22:29:42.0641 0x0560 [ 24B5EE5A17AD83427D9BDFCBF7C2C1B4, 371DE28F6DE442AD29EB59BFECD77579329F206D6EF2553E441CCFF48DA47E45 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
22:29:42.0945 0x0560 intelkmd - ok
22:29:42.0994 0x0560 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\windows\System32\drivers\intelppm.sys
22:29:43.0072 0x0560 intelppm - ok
22:29:43.0098 0x0560 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
22:29:43.0140 0x0560 IpFilterDriver - ok
22:29:43.0197 0x0560 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\windows\System32\iphlpsvc.dll
22:29:43.0267 0x0560 iphlpsvc - ok
22:29:43.0277 0x0560 [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
22:29:43.0304 0x0560 IPMIDRV - ok
22:29:43.0315 0x0560 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\windows\system32\drivers\ipnat.sys
22:29:43.0350 0x0560 IPNAT - ok
22:29:43.0374 0x0560 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\windows\system32\drivers\irenum.sys
22:29:43.0397 0x0560 IRENUM - ok
22:29:43.0444 0x0560 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\windows\system32\drivers\isapnp.sys
22:29:43.0463 0x0560 isapnp - ok
22:29:43.0506 0x0560 [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
22:29:43.0538 0x0560 iScsiPrt - ok
22:29:43.0695 0x0560 [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
22:29:43.0713 0x0560 iumsvc - ok
22:29:43.0748 0x0560 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:29:43.0766 0x0560 jhi_service - ok
22:29:43.0782 0x0560 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
22:29:43.0801 0x0560 kbdclass - ok
22:29:43.0835 0x0560 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\windows\System32\drivers\kbdhid.sys
22:29:43.0902 0x0560 kbdhid - ok
22:29:43.0921 0x0560 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
22:29:43.0943 0x0560 kdnic - ok
22:29:43.0961 0x0560 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso C:\windows\system32\lsass.exe
22:29:43.0986 0x0560 KeyIso - ok
22:29:44.0024 0x0560 [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
22:29:44.0048 0x0560 KSecDD - ok
22:29:44.0090 0x0560 [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
22:29:44.0118 0x0560 KSecPkg - ok
22:29:44.0137 0x0560 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
22:29:44.0160 0x0560 ksthunk - ok
22:29:44.0206 0x0560 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\windows\system32\msdtckrm.dll
22:29:44.0273 0x0560 KtmRm - ok
22:29:44.0313 0x0560 [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\windows\system32\srvsvc.dll
22:29:44.0367 0x0560 LanmanServer - ok
22:29:44.0408 0x0560 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:29:44.0443 0x0560 LanmanWorkstation - ok
22:29:44.0462 0x0560 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
22:29:44.0532 0x0560 lltdio - ok
22:29:44.0575 0x0560 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\windows\System32\lltdsvc.dll
22:29:44.0615 0x0560 lltdsvc - ok
22:29:44.0634 0x0560 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\windows\System32\lmhsvc.dll
22:29:44.0671 0x0560 lmhosts - ok
22:29:44.0723 0x0560 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:29:44.0750 0x0560 LMS - ok
22:29:44.0781 0x0560 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
22:29:44.0803 0x0560 LSI_SAS - ok
22:29:44.0812 0x0560 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
22:29:44.0834 0x0560 LSI_SAS2 - ok
22:29:44.0844 0x0560 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
22:29:44.0867 0x0560 LSI_SCSI - ok
22:29:44.0887 0x0560 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
22:29:44.0908 0x0560 LSI_SSS - ok
22:29:44.0959 0x0560 [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\windows\System32\lsm.dll
22:29:45.0020 0x0560 LSM - ok
22:29:45.0045 0x0560 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\windows\system32\drivers\luafv.sys
22:29:45.0096 0x0560 luafv - ok
22:29:45.0103 0x0560 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\windows\system32\drivers\megasas.sys
22:29:45.0122 0x0560 megasas - ok
22:29:45.0147 0x0560 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
22:29:45.0183 0x0560 MegaSR - ok
22:29:45.0214 0x0560 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys
22:29:45.0227 0x0560 MEIx64 - ok
22:29:45.0283 0x0560 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\windows\system32\mmcss.dll
22:29:45.0317 0x0560 MMCSS - ok
22:29:45.0324 0x0560 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\windows\system32\drivers\modem.sys
22:29:45.0353 0x0560 Modem - ok
22:29:45.0392 0x0560 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\windows\System32\drivers\monitor.sys
22:29:45.0464 0x0560 monitor - ok
22:29:45.0491 0x0560 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\windows\System32\drivers\mouclass.sys
22:29:45.0510 0x0560 mouclass - ok
22:29:45.0546 0x0560 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\windows\System32\drivers\mouhid.sys
22:29:45.0581 0x0560 mouhid - ok
22:29:45.0633 0x0560 [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
22:29:45.0655 0x0560 mountmgr - ok
22:29:45.0688 0x0560 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
22:29:45.0725 0x0560 mpsdrv - ok
22:29:45.0789 0x0560 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\windows\system32\mpssvc.dll
22:29:45.0853 0x0560 MpsSvc - ok
22:29:45.0880 0x0560 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
22:29:45.0925 0x0560 MRxDAV - ok
22:29:45.0966 0x0560 [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
22:29:46.0014 0x0560 mrxsmb - ok
22:29:46.0039 0x0560 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
22:29:46.0127 0x0560 mrxsmb10 - ok
22:29:46.0151 0x0560 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
22:29:46.0181 0x0560 mrxsmb20 - ok
22:29:46.0219 0x0560 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
22:29:46.0305 0x0560 MsBridge - ok
22:29:46.0326 0x0560 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\windows\System32\msdtc.exe
22:29:46.0367 0x0560 MSDTC - ok
22:29:46.0409 0x0560 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\windows\system32\drivers\Msfs.sys
22:29:46.0438 0x0560 Msfs - ok
22:29:46.0467 0x0560 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
22:29:46.0485 0x0560 msgpiowin32 - ok
22:29:46.0503 0x0560 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
22:29:46.0534 0x0560 mshidkmdf - ok
22:29:46.0553 0x0560 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
22:29:46.0581 0x0560 mshidumdf - ok
22:29:46.0638 0x0560 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\windows\system32\drivers\msisadrv.sys
22:29:46.0655 0x0560 msisadrv - ok
22:29:46.0697 0x0560 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\windows\system32\iscsiexe.dll
22:29:46.0737 0x0560 MSiSCSI - ok
22:29:46.0743 0x0560 msiserver - ok
22:29:46.0761 0x0560 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
22:29:46.0796 0x0560 MSKSSRV - ok
22:29:46.0815 0x0560 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
22:29:46.0839 0x0560 MsLldp - ok
22:29:46.0858 0x0560 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
22:29:46.0884 0x0560 MSPCLOCK - ok
22:29:46.0901 0x0560 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
22:29:46.0934 0x0560 MSPQM - ok
22:29:46.0972 0x0560 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\windows\system32\drivers\MsRPC.sys
22:29:47.0010 0x0560 MsRPC - ok
22:29:47.0039 0x0560 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\windows\System32\drivers\mssmbios.sys
22:29:47.0058 0x0560 mssmbios - ok
22:29:47.0098 0x0560 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
22:29:47.0136 0x0560 MSTEE - ok
22:29:47.0156 0x0560 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\windows\System32\drivers\MTConfig.sys
22:29:47.0191 0x0560 MTConfig - ok
22:29:47.0212 0x0560 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\windows\system32\Drivers\mup.sys
22:29:47.0232 0x0560 Mup - ok
22:29:47.0240 0x0560 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\windows\system32\drivers\mvumis.sys
22:29:47.0261 0x0560 mvumis - ok
22:29:47.0316 0x0560 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\windows\system32\qagentRT.dll
22:29:47.0381 0x0560 napagent - ok
22:29:47.0418 0x0560 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
22:29:47.0469 0x0560 NativeWifiP - ok
22:29:47.0513 0x0560 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\windows\System32\ncasvc.dll
22:29:47.0557 0x0560 NcaSvc - ok
22:29:47.0580 0x0560 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
22:29:47.0619 0x0560 NcdAutoSetup - ok
22:29:47.0685 0x0560 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\windows\system32\drivers\ndis.sys
22:29:47.0755 0x0560 NDIS - ok
22:29:47.0786 0x0560 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
22:29:47.0813 0x0560 NdisCap - ok
22:29:47.0844 0x0560 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
22:29:47.0879 0x0560 NdisImPlatform - ok
22:29:47.0909 0x0560 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
22:29:47.0947 0x0560 NdisTapi - ok
22:29:47.0969 0x0560 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
22:29:48.0019 0x0560 Ndisuio - ok
22:29:48.0038 0x0560 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
22:29:48.0079 0x0560 NdisWan - ok
22:29:48.0089 0x0560 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
22:29:48.0121 0x0560 NDISWANLEGACY - ok
22:29:48.0150 0x0560 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\windows\system32\drivers\NDProxy.sys
22:29:48.0186 0x0560 NDProxy - ok
22:29:48.0224 0x0560 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\windows\system32\drivers\Ndu.sys
22:29:48.0299 0x0560 Ndu - ok
22:29:48.0319 0x0560 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
22:29:48.0358 0x0560 NetBIOS - ok
22:29:48.0387 0x0560 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
22:29:48.0423 0x0560 NetBT - ok
22:29:48.0442 0x0560 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon C:\windows\system32\lsass.exe
22:29:48.0467 0x0560 Netlogon - ok
22:29:48.0501 0x0560 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\windows\System32\netman.dll
22:29:48.0606 0x0560 Netman - ok
22:29:48.0660 0x0560 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\windows\System32\netprofmsvc.dll
22:29:48.0707 0x0560 netprofm - ok
22:29:48.0773 0x0560 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:29:48.0799 0x0560 NetTcpPortSharing - ok
22:29:48.0840 0x0560 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
22:29:48.0860 0x0560 nfrd960 - ok
22:29:48.0902 0x0560 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\windows\System32\nlasvc.dll
22:29:48.0943 0x0560 NlaSvc - ok
22:29:48.0965 0x0560 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\windows\system32\drivers\Npfs.sys
22:29:48.0995 0x0560 Npfs - ok
22:29:49.0005 0x0560 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
22:29:49.0050 0x0560 npsvctrig - ok
22:29:49.0105 0x0560 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\windows\system32\nsisvc.dll
22:29:49.0143 0x0560 nsi - ok
22:29:49.0181 0x0560 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
22:29:49.0209 0x0560 nsiproxy - ok
22:29:49.0320 0x0560 [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\windows\system32\drivers\Ntfs.sys
22:29:49.0441 0x0560 Ntfs - ok
22:29:49.0461 0x0560 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\windows\system32\drivers\Null.sys
22:29:49.0489 0x0560 Null - ok
22:29:50.0043 0x0560 [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
22:29:50.0709 0x0560 nvlddmkm - ok
22:29:50.0766 0x0560 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
22:29:50.0787 0x0560 nvraid - ok
22:29:50.0797 0x0560 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\windows\system32\drivers\nvstor.sys
22:29:50.0819 0x0560 nvstor - ok
22:29:50.0828 0x0560 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
22:29:50.0851 0x0560 nv_agp - ok
22:29:50.0889 0x0560 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\windows\system32\pnrpsvc.dll
22:29:50.0932 0x0560 p2pimsvc - ok
22:29:50.0967 0x0560 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\windows\system32\p2psvc.dll
22:29:51.0016 0x0560 p2psvc - ok
22:29:51.0026 0x0560 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\windows\System32\drivers\parport.sys
22:29:51.0052 0x0560 Parport - ok
22:29:51.0082 0x0560 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\windows\system32\drivers\partmgr.sys
22:29:51.0104 0x0560 partmgr - ok
22:29:51.0165 0x0560 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\windows\System32\pcasvc.dll
22:29:51.0231 0x0560 PcaSvc - ok
22:29:51.0260 0x0560 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\windows\system32\drivers\pci.sys
22:29:51.0290 0x0560 pci - ok
22:29:51.0302 0x0560 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\windows\system32\drivers\pciide.sys
22:29:51.0319 0x0560 pciide - ok
22:29:51.0341 0x0560 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
22:29:51.0371 0x0560 pcmcia - ok
22:29:51.0391 0x0560 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\windows\system32\drivers\pcw.sys
22:29:51.0411 0x0560 pcw - ok
22:29:51.0450 0x0560 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\windows\system32\drivers\pdc.sys
22:29:51.0470 0x0560 pdc - ok
22:29:51.0539 0x0560 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\windows\system32\drivers\peauth.sys
22:29:51.0595 0x0560 PEAUTH - ok
22:29:51.0714 0x0560 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\windows\SysWow64\perfhost.exe
22:29:51.0751 0x0560 PerfHost - ok
22:29:51.0845 0x0560 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\windows\system32\pla.dll
22:29:51.0948 0x0560 pla - ok
22:29:51.0985 0x0560 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\windows\system32\umpnpmgr.dll
22:29:52.0014 0x0560 PlugPlay - ok
22:29:52.0027 0x0560 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
22:29:52.0052 0x0560 PNRPAutoReg - ok
22:29:52.0088 0x0560 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\windows\system32\pnrpsvc.dll
22:29:52.0124 0x0560 PNRPsvc - ok
22:29:52.0171 0x0560 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\windows\System32\ipsecsvc.dll
22:29:52.0220 0x0560 PolicyAgent - ok
22:29:52.0255 0x0560 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\windows\system32\umpo.dll
22:29:52.0300 0x0560 Power - ok
22:29:52.0330 0x0560 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
22:29:52.0405 0x0560 PptpMiniport - ok
22:29:52.0582 0x0560 [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE, 878E46E308BC3AC689CFC401BAA12D217BFB9911C29A10DB5DFFAC250A58CE55 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
22:29:52.0731 0x0560 PrintNotify - ok
22:29:52.0764 0x0560 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\windows\System32\drivers\processr.sys
22:29:52.0798 0x0560 Processor - ok
22:29:52.0870 0x0560 [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\windows\system32\profsvc.dll
22:29:52.0902 0x0560 ProfSvc - ok
22:29:52.0919 0x0560 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\windows\system32\DRIVERS\pacer.sys
22:29:52.0957 0x0560 Psched - ok
22:29:52.0996 0x0560 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
22:29:53.0010 0x0560 PxHlpa64 - ok
22:29:53.0038 0x0560 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\windows\system32\qwave.dll
22:29:53.0091 0x0560 QWAVE - ok
22:29:53.0126 0x0560 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
22:29:53.0162 0x0560 QWAVEdrv - ok
22:29:53.0222 0x0560 [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\windows\System32\drivers\RadioHIDMini.sys
22:29:53.0256 0x0560 RadioHIDMini - ok
22:29:53.0272 0x0560 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
22:29:53.0310 0x0560 RasAcd - ok
22:29:53.0347 0x0560 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
22:29:53.0374 0x0560 RasAgileVpn - ok
22:29:53.0411 0x0560 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\windows\System32\rasauto.dll
22:29:53.0518 0x0560 RasAuto - ok
22:29:53.0557 0x0560 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
22:29:53.0588 0x0560 Rasl2tp - ok
22:29:53.0615 0x0560 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\windows\System32\rasmans.dll
22:29:53.0676 0x0560 RasMan - ok
22:29:53.0694 0x0560 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
22:29:53.0738 0x0560 RasPppoe - ok
22:29:53.0779 0x0560 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
22:29:53.0817 0x0560 RasSstp - ok
22:29:53.0864 0x0560 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
22:29:53.0902 0x0560 rdbss - ok
22:29:53.0937 0x0560 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
22:29:53.0958 0x0560 rdpbus - ok
22:29:53.0985 0x0560 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
22:29:54.0076 0x0560 RDPDR - ok
22:29:54.0112 0x0560 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
22:29:54.0130 0x0560 RdpVideoMiniport - ok
22:29:54.0150 0x0560 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
22:29:54.0186 0x0560 RDPWD - ok
22:29:54.0216 0x0560 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\windows\system32\drivers\rdyboost.sys
22:29:54.0246 0x0560 rdyboost - ok
22:29:54.0293 0x0560 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\windows\System32\mprdim.dll
22:29:54.0334 0x0560 RemoteAccess - ok
22:29:54.0368 0x0560 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\windows\system32\regsvc.dll
22:29:54.0472 0x0560 RemoteRegistry - ok
22:29:54.0512 0x0560 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
22:29:54.0550 0x0560 RFCOMM - ok
22:29:54.0580 0x0560 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
22:29:54.0615 0x0560 RpcEptMapper - ok
22:29:54.0646 0x0560 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\windows\system32\locator.exe
22:29:54.0730 0x0560 RpcLocator - ok
22:29:54.0801 0x0560 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\windows\system32\rpcss.dll
22:29:54.0858 0x0560 RpcSs - ok
22:29:54.0894 0x0560 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
22:29:54.0936 0x0560 rspndr - ok
22:29:55.0002 0x0560 [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR C:\windows\System32\Drivers\RtsUVStor.sys
22:29:55.0026 0x0560 RSUSBVSTOR - ok
22:29:55.0076 0x0560 [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
22:29:55.0117 0x0560 RTL8168 - ok
22:29:55.0145 0x0560 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\windows\System32\drivers\vms3cap.sys
22:29:55.0173 0x0560 s3cap - ok
22:29:55.0209 0x0560 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs C:\windows\system32\lsass.exe
22:29:55.0233 0x0560 SamSs - ok
22:29:55.0268 0x0560 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
22:29:55.0291 0x0560 sbp2port - ok
22:29:55.0323 0x0560 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\windows\System32\SCardSvr.dll
22:29:55.0361 0x0560 SCardSvr - ok
22:29:55.0377 0x0560 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
22:29:55.0464 0x0560 scfilter - ok
22:29:55.0551 0x0560 [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\windows\system32\schedsvc.dll
22:29:55.0641 0x0560 Schedule - ok
22:29:55.0683 0x0560 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\windows\System32\certprop.dll
22:29:55.0715 0x0560 SCPolicySvc - ok
22:29:55.0747 0x0560 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\windows\System32\drivers\sdbus.sys
22:29:55.0774 0x0560 sdbus - ok
22:29:55.0810 0x0560 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\windows\System32\SDRSVC.dll
22:29:55.0855 0x0560 SDRSVC - ok
22:29:55.0884 0x0560 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\windows\System32\drivers\sdstor.sys
22:29:55.0905 0x0560 sdstor - ok
22:29:56.0040 0x0560 [ 0F4A80438E7286A0E623582F5F2395BD, 72310FA5A9D3D35ABE6AD65DF8E55D52537C8387AF1A92F677CD31EA8C08D502 ] SearchAnonymizer C:\Users\Chef\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
22:29:56.0057 0x0560 SearchAnonymizer - detected UnsignedFile.Multi.Generic ( 1 )
22:29:58.0485 0x0560 Detect skipped due to KSN trusted
22:29:58.0485 0x0560 SearchAnonymizer - ok
22:29:58.0520 0x0560 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
22:29:58.0542 0x0560 secdrv - ok
22:29:58.0563 0x0560 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\windows\system32\seclogon.dll
22:29:58.0609 0x0560 seclogon - ok
22:29:58.0629 0x0560 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\windows\System32\sens.dll
22:29:58.0667 0x0560 SENS - ok
22:29:58.0685 0x0560 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\windows\system32\sensrsvc.dll
22:29:58.0718 0x0560 SensrSvc - ok
22:29:58.0732 0x0560 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\windows\system32\drivers\SerCx.sys
22:29:58.0767 0x0560 SerCx - ok
22:29:58.0773 0x0560 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\windows\System32\drivers\serenum.sys
22:29:58.0799 0x0560 Serenum - ok
22:29:58.0807 0x0560 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\windows\System32\drivers\serial.sys
22:29:58.0842 0x0560 Serial - ok
22:29:58.0849 0x0560 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\windows\System32\drivers\sermouse.sys
22:29:58.0871 0x0560 sermouse - ok
22:29:58.0911 0x0560 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\windows\system32\sessenv.dll
22:29:58.0965 0x0560 SessionEnv - ok
22:29:58.0983 0x0560 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\windows\System32\drivers\sfloppy.sys
22:29:59.0006 0x0560 sfloppy - ok
22:29:59.0071 0x0560 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\windows\System32\ipnathlp.dll
22:29:59.0176 0x0560 SharedAccess - ok
22:29:59.0249 0x0560 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:29:59.0325 0x0560 ShellHWDetection - ok
22:29:59.0346 0x0560 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
22:29:59.0366 0x0560 SiSRaid2 - ok
22:29:59.0418 0x0560 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
22:29:59.0439 0x0560 SiSRaid4 - ok
22:29:59.0462 0x0560 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\windows\System32\snmptrap.exe
22:29:59.0500 0x0560 SNMPTRAP - ok
22:29:59.0543 0x0560 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\windows\system32\drivers\spaceport.sys
22:29:59.0619 0x0560 spaceport - ok
22:29:59.0641 0x0560 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\windows\system32\drivers\SpbCx.sys
22:29:59.0680 0x0560 SpbCx - ok
22:29:59.0742 0x0560 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\windows\System32\spoolsv.exe
22:29:59.0818 0x0560 Spooler - ok
22:30:00.0050 0x0560 [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\windows\system32\sppsvc.exe
22:30:00.0355 0x0560 sppsvc - ok
22:30:00.0400 0x0560 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\windows\system32\DRIVERS\srv.sys
22:30:00.0452 0x0560 srv - ok
22:30:00.0516 0x0560 [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
22:30:00.0617 0x0560 srv2 - ok
22:30:00.0669 0x0560 [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
22:30:00.0735 0x0560 srvnet - ok
22:30:00.0784 0x0560 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
22:30:00.0835 0x0560 SSDPSRV - ok
22:30:00.0869 0x0560 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\windows\system32\sstpsvc.dll
22:30:00.0911 0x0560 SstpSvc - ok
22:30:00.0951 0x0560 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\windows\system32\drivers\stexstor.sys
22:30:00.0969 0x0560 stexstor - ok
22:30:01.0049 0x0560 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\windows\System32\wiaservc.dll
22:30:01.0114 0x0560 stisvc - ok
22:30:01.0146 0x0560 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\windows\system32\drivers\storahci.sys
22:30:01.0167 0x0560 storahci - ok
22:30:01.0192 0x0560 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
22:30:01.0211 0x0560 storflt - ok
22:30:01.0244 0x0560 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\windows\system32\storsvc.dll
22:30:01.0281 0x0560 StorSvc - ok
22:30:01.0310 0x0560 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\windows\system32\drivers\storvsc.sys
22:30:01.0328 0x0560 storvsc - ok
22:30:01.0343 0x0560 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\windows\system32\svsvc.dll
22:30:01.0387 0x0560 svsvc - ok
22:30:01.0405 0x0560 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\windows\System32\drivers\swenum.sys
22:30:01.0424 0x0560 swenum - ok
22:30:01.0468 0x0560 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\windows\System32\swprv.dll
22:30:01.0534 0x0560 swprv - ok
22:30:01.0584 0x0560 SWUpdateService - ok
22:30:01.0636 0x0560 [ D068E3E8AA9951D1E051E20300260E7B, 2BAE1F40A5D3F20E5D066AEBAFA4A018A3AD76116F93A30B637DDE12BA457D8C ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
22:30:01.0668 0x0560 SynTP - ok
22:30:01.0755 0x0560 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\windows\system32\sysmain.dll
22:30:01.0856 0x0560 SysMain - ok
22:30:01.0899 0x0560 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
22:30:01.0941 0x0560 SystemEventsBroker - ok
22:30:01.0978 0x0560 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
22:30:02.0016 0x0560 TabletInputService - ok
22:30:02.0054 0x0560 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\windows\System32\tapisrv.dll
22:30:02.0141 0x0560 TapiSrv - ok
22:30:02.0270 0x0560 [ B23882881EFD9404B62993906BC38709, C3F7A4E5155336BF1B3375423C98308268B56B3B834EB2BF10467B7CC4EE18D5 ] Tcpip C:\windows\system32\drivers\tcpip.sys
22:30:02.0406 0x0560 Tcpip - ok
22:30:02.0518 0x0560 [ B23882881EFD9404B62993906BC38709, C3F7A4E5155336BF1B3375423C98308268B56B3B834EB2BF10467B7CC4EE18D5 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
22:30:02.0672 0x0560 TCPIP6 - ok
22:30:02.0716 0x0560 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
22:30:02.0745 0x0560 tcpipreg - ok
22:30:02.0769 0x0560 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\windows\system32\DRIVERS\tdx.sys
22:30:02.0806 0x0560 tdx - ok
22:30:03.0119 0x0560 [ 775A7C4B689C0F112A12AD62064E57D1, C9E9B0F89AEA660CA80F8CC1C9E7116E199B267700265BB47640B0A9341C52FF ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
22:30:03.0343 0x0560 TeamViewer8 - ok
22:30:03.0425 0x0560 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\windows\System32\drivers\terminpt.sys
22:30:03.0443 0x0560 terminpt - ok
22:30:03.0548 0x0560 [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\windows\System32\termsrv.dll
22:30:03.0639 0x0560 TermService - ok
22:30:03.0655 0x0560 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\windows\system32\themeservice.dll
22:30:03.0707 0x0560 Themes - ok
22:30:03.0742 0x0560 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\windows\system32\mmcss.dll
22:30:03.0769 0x0560 THREADORDER - ok
22:30:03.0813 0x0560 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
22:30:03.0869 0x0560 TimeBroker - ok
22:30:03.0901 0x0560 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\windows\system32\drivers\tpm.sys
22:30:03.0926 0x0560 TPM - ok
22:30:03.0952 0x0560 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\windows\System32\trkwks.dll
22:30:03.0985 0x0560 TrkWks - ok
22:30:04.0041 0x0560 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:30:04.0074 0x0560 TrustedInstaller - ok
22:30:04.0134 0x0560 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
22:30:04.0156 0x0560 TsUsbFlt - ok
22:30:04.0164 0x0560 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
22:30:04.0205 0x0560 TsUsbGD - ok
22:30:04.0235 0x0560 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
22:30:04.0336 0x0560 tunnel - ok
22:30:04.0360 0x0560 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\windows\system32\drivers\uagp35.sys
22:30:04.0379 0x0560 uagp35 - ok
22:30:04.0389 0x0560 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\windows\System32\drivers\uaspstor.sys
22:30:04.0411 0x0560 UASPStor - ok
22:30:04.0447 0x0560 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
22:30:04.0477 0x0560 UCX01000 - ok
22:30:04.0518 0x0560 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\windows\system32\DRIVERS\udfs.sys
22:30:04.0608 0x0560 udfs - ok
22:30:04.0642 0x0560 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\windows\system32\UI0Detect.exe
22:30:04.0674 0x0560 UI0Detect - ok
22:30:04.0707 0x0560 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
22:30:04.0727 0x0560 uliagpkx - ok
22:30:04.0746 0x0560 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\windows\System32\drivers\umbus.sys
22:30:04.0776 0x0560 umbus - ok
22:30:04.0799 0x0560 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\windows\System32\drivers\umpass.sys
22:30:04.0820 0x0560 UmPass - ok
22:30:04.0847 0x0560 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\windows\System32\umrdp.dll
22:30:04.0889 0x0560 UmRdpService - ok
22:30:05.0021 0x0560 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:30:05.0048 0x0560 UNS - ok
22:30:05.0083 0x0560 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\windows\System32\upnphost.dll
22:30:05.0155 0x0560 upnphost - ok
22:30:05.0212 0x0560 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\windows\System32\drivers\usbccgp.sys
22:30:05.0238 0x0560 usbccgp - ok
22:30:05.0271 0x0560 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\windows\System32\drivers\usbcir.sys
22:30:05.0295 0x0560 usbcir - ok
22:30:05.0309 0x0560 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\windows\System32\drivers\usbehci.sys
22:30:05.0330 0x0560 usbehci - ok
22:30:05.0371 0x0560 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\windows\System32\drivers\usbhub.sys
22:30:05.0422 0x0560 usbhub - ok
22:30:05.0469 0x0560 [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
22:30:05.0509 0x0560 USBHUB3 - ok
22:30:05.0539 0x0560 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\windows\System32\drivers\usbohci.sys
22:30:05.0573 0x0560 usbohci - ok
22:30:05.0594 0x0560 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\windows\System32\drivers\usbprint.sys
22:30:05.0667 0x0560 usbprint - ok
22:30:05.0692 0x0560 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
22:30:05.0715 0x0560 USBSTOR - ok
22:30:05.0736 0x0560 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\windows\System32\drivers\usbuhci.sys
22:30:05.0758 0x0560 usbuhci - ok
22:30:05.0782 0x0560 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
22:30:05.0811 0x0560 usbvideo - ok
22:30:05.0854 0x0560 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
22:30:05.0889 0x0560 USBXHCI - ok
22:30:05.0903 0x0560 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc C:\windows\system32\lsass.exe
22:30:05.0929 0x0560 VaultSvc - ok
22:30:05.0968 0x0560 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
22:30:05.0986 0x0560 vdrvroot - ok
22:30:06.0064 0x0560 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\windows\System32\vds.exe
22:30:06.0130 0x0560 vds - ok
22:30:06.0177 0x0560 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
22:30:06.0200 0x0560 VerifierExt - ok
22:30:06.0248 0x0560 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\windows\System32\drivers\vhdmp.sys
22:30:06.0292 0x0560 vhdmp - ok
22:30:06.0320 0x0560 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\windows\system32\drivers\viaide.sys
22:30:06.0338 0x0560 viaide - ok
22:30:06.0361 0x0560 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\windows\system32\drivers\vmbus.sys
22:30:06.0383 0x0560 vmbus - ok
22:30:06.0390 0x0560 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
22:30:06.0423 0x0560 VMBusHID - ok
22:30:06.0464 0x0560 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\windows\System32\ICSvc.dll
22:30:06.0517 0x0560 vmicheartbeat - ok
22:30:06.0534 0x0560 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
22:30:06.0570 0x0560 vmickvpexchange - ok
22:30:06.0586 0x0560 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\windows\System32\ICSvc.dll
22:30:06.0623 0x0560 vmicrdv - ok
22:30:06.0640 0x0560 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\windows\System32\ICSvc.dll
22:30:06.0675 0x0560 vmicshutdown - ok
22:30:06.0691 0x0560 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\windows\System32\ICSvc.dll
22:30:06.0727 0x0560 vmictimesync - ok
22:30:06.0744 0x0560 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\windows\System32\ICSvc.dll
22:30:06.0780 0x0560 vmicvss - ok
22:30:06.0798 0x0560 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\windows\system32\drivers\volmgr.sys
22:30:06.0819 0x0560 volmgr - ok
22:30:06.0854 0x0560 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
22:30:06.0890 0x0560 volmgrx - ok
22:30:06.0932 0x0560 [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\windows\system32\drivers\volsnap.sys
22:30:06.0967 0x0560 volsnap - ok
22:30:06.0987 0x0560 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\windows\System32\drivers\vpci.sys
22:30:07.0008 0x0560 vpci - ok
22:30:07.0021 0x0560 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\windows\system32\drivers\vsmraid.sys
22:30:07.0046 0x0560 vsmraid - ok
22:30:07.0140 0x0560 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\windows\system32\vssvc.exe
22:30:07.0257 0x0560 VSS - ok
22:30:07.0290 0x0560 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
22:30:07.0325 0x0560 VSTXRAID - ok
22:30:07.0338 0x0560 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
22:30:07.0359 0x0560 vwifibus - ok
22:30:07.0390 0x0560 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
22:30:07.0415 0x0560 vwififlt - ok
22:30:07.0445 0x0560 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
22:30:07.0480 0x0560 vwifimp - ok
22:30:07.0531 0x0560 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\windows\system32\w32time.dll
22:30:07.0592 0x0560 W32Time - ok
22:30:07.0599 0x0560 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\windows\System32\drivers\wacompen.sys
22:30:07.0629 0x0560 WacomPen - ok
22:30:07.0668 0x0560 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
22:30:07.0694 0x0560 Wanarp - ok
22:30:07.0701 0x0560 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
22:30:07.0724 0x0560 Wanarpv6 - ok
22:30:07.0814 0x0560 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\windows\system32\wbengine.exe
22:30:07.0926 0x0560 wbengine - ok
22:30:07.0954 0x0560 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\windows\System32\wbiosrvc.dll
22:30:08.0009 0x0560 WbioSrvc - ok
22:30:08.0060 0x0560 [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\windows\System32\wcmsvc.dll
22:30:08.0115 0x0560 Wcmsvc - ok
22:30:08.0169 0x0560 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\windows\System32\wcncsvc.dll
22:30:08.0223 0x0560 wcncsvc - ok
22:30:08.0245 0x0560 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:30:08.0282 0x0560 WcsPlugInService - ok
22:30:08.0317 0x0560 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\windows\system32\drivers\wd.sys
22:30:08.0336 0x0560 Wd - ok
22:30:08.0382 0x0560 [ 07D19A55CD27B330534D2DDEA60D5FC6, 9C9441EA6943481838F61FD929F88FE25DC60BB8513A2C01CB4712918A883E3F ] WdBoot C:\windows\system32\drivers\WdBoot.sys
22:30:08.0401 0x0560 WdBoot - ok
22:30:08.0458 0x0560 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
22:30:08.0511 0x0560 Wdf01000 - ok
22:30:08.0544 0x0560 [ CEBD9CDAADA11FAECCA82E4C06BCDD8E, 6D6E4BF0EB97004F9C07327923C9BD2B451FDDA567FAF39556595302EE5A1A54 ] WdFilter C:\windows\system32\drivers\WdFilter.sys
22:30:08.0573 0x0560 WdFilter - ok
22:30:08.0590 0x0560 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\windows\system32\wdi.dll
22:30:08.0640 0x0560 WdiServiceHost - ok
22:30:08.0650 0x0560 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\windows\system32\wdi.dll
22:30:08.0690 0x0560 WdiSystemHost - ok
22:30:08.0728 0x0560 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\windows\System32\webclnt.dll
22:30:08.0772 0x0560 WebClient - ok
22:30:08.0807 0x0560 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\windows\system32\wecsvc.dll
22:30:08.0845 0x0560 Wecsvc - ok
22:30:08.0875 0x0560 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\windows\System32\wercplsupport.dll
22:30:08.0937 0x0560 wercplsupport - ok
22:30:08.0986 0x0560 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\windows\System32\WerSvc.dll
22:30:09.0067 0x0560 WerSvc - ok
22:30:09.0101 0x0560 [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
22:30:09.0123 0x0560 WFPLWFS - ok
22:30:09.0146 0x0560 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\windows\System32\wiarpc.dll
22:30:09.0232 0x0560 WiaRpc - ok
22:30:09.0264 0x0560 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\windows\system32\drivers\wimmount.sys
22:30:09.0284 0x0560 WIMMount - ok
22:30:09.0305 0x0560 WinDefend - ok
22:30:09.0399 0x0560 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
22:30:09.0470 0x0560 WinHttpAutoProxySvc - ok
22:30:09.0578 0x0560 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
22:30:09.0612 0x0560 Winmgmt - ok
22:30:09.0756 0x0560 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\windows\system32\WsmSvc.dll
22:30:09.0931 0x0560 WinRM - ok
22:30:10.0054 0x0560 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\windows\System32\wlansvc.dll
22:30:10.0156 0x0560 WlanSvc - ok
22:30:10.0376 0x0560 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\windows\system32\wlidsvc.dll
22:30:10.0502 0x0560 wlidsvc - ok
22:30:10.0530 0x0560 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
22:30:10.0551 0x0560 WmiAcpi - ok
22:30:10.0620 0x0560 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
22:30:10.0681 0x0560 wmiApSrv - ok
22:30:10.0721 0x0560 WMPNetworkSvc - ok
22:30:10.0797 0x0560 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
22:30:10.0836 0x0560 wpcfltr - ok
22:30:10.0871 0x0560 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\windows\System32\wpcsvc.dll
22:30:10.0898 0x0560 WPCSvc - ok
22:30:10.0927 0x0560 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
22:30:10.0958 0x0560 WPDBusEnum - ok
22:30:10.0974 0x0560 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
22:30:10.0996 0x0560 WpdUpFltr - ok
22:30:11.0021 0x0560 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
22:30:11.0059 0x0560 ws2ifsl - ok
22:30:11.0091 0x0560 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\windows\System32\wscsvc.dll
22:30:11.0121 0x0560 wscsvc - ok
22:30:11.0153 0x0560 [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\windows\System32\drivers\WSDPrint.sys
22:30:11.0193 0x0560 WSDPrintDevice - ok
22:30:11.0216 0x0560 [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
22:30:11.0240 0x0560 WSDScan - ok
22:30:11.0246 0x0560 WSearch - ok
22:30:11.0388 0x0560 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\windows\System32\WSService.dll
22:30:11.0543 0x0560 WSService - ok
22:30:11.0750 0x0560 [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\windows\system32\wuaueng.dll
22:30:12.0016 0x0560 wuauserv - ok
22:30:12.0055 0x0560 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
22:30:12.0090 0x0560 WudfPf - ok
22:30:12.0118 0x0560 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP C:\windows\system32\DRIVERS\WUDFRd.sys
22:30:12.0188 0x0560 WUDFSensorLP - ok
22:30:12.0222 0x0560 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
22:30:12.0267 0x0560 wudfsvc - ok
22:30:12.0281 0x0560 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
22:30:12.0310 0x0560 WUDFWpdFs - ok
22:30:12.0356 0x0560 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\windows\System32\wwansvc.dll
22:30:12.0419 0x0560 WwanSvc - ok
22:30:12.0522 0x0560 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
22:30:12.0558 0x0560 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
22:30:14.0990 0x0560 Detect skipped due to KSN trusted
22:30:14.0990 0x0560 ZAtheros Bt and Wlan Coex Agent - ok
22:30:15.0011 0x0560 ================ Scan global ===============================
22:30:15.0067 0x0560 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
22:30:15.0104 0x0560 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
22:30:15.0150 0x0560 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
22:30:15.0206 0x0560 [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
22:30:15.0225 0x0560 [ Global ] - ok
22:30:15.0225 0x0560 ================ Scan MBR ==================================
22:30:15.0242 0x0560 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:30:15.0398 0x0560 \Device\Harddisk0\DR0 - ok
22:30:15.0399 0x0560 ================ Scan VBR ==================================
22:30:15.0427 0x0560 [ C59829875EA55B48FDCBB88AC31195A0 ] \Device\Harddisk0\DR0\Partition1
22:30:15.0435 0x0560 \Device\Harddisk0\DR0\Partition1 - ok
22:30:15.0449 0x0560 [ 127452AEA3CD5AEBE9C54BC4FAB93432 ] \Device\Harddisk0\DR0\Partition2
22:30:15.0461 0x0560 \Device\Harddisk0\DR0\Partition2 - ok
22:30:15.0473 0x0560 [ 56D5D2E7EDDF4A72608A68FB258A8D17 ] \Device\Harddisk0\DR0\Partition3
22:30:15.0473 0x0560 \Device\Harddisk0\DR0\Partition3 - ok
22:30:15.0486 0x0560 [ A990D0DAB4D294BFA86536C4206DAF53 ] \Device\Harddisk0\DR0\Partition4
22:30:15.0495 0x0560 \Device\Harddisk0\DR0\Partition4 - ok
22:30:15.0524 0x0560 [ AC330A682505943AD246489966BBDE64 ] \Device\Harddisk0\DR0\Partition5
22:30:15.0538 0x0560 \Device\Harddisk0\DR0\Partition5 - ok
22:30:15.0551 0x0560 [ 7FCCB692F2E33BE6E091AD539912E4FA ] \Device\Harddisk0\DR0\Partition6
22:30:15.0553 0x0560 \Device\Harddisk0\DR0\Partition6 - ok
22:30:15.0553 0x0560 Waiting for KSN requests completion. In queue: 38
22:30:16.0553 0x0560 Waiting for KSN requests completion. In queue: 38
22:30:17.0554 0x0560 Waiting for KSN requests completion. In queue: 38
22:30:18.0597 0x0560 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
22:30:18.0613 0x0560 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x41000 ( enabled : updated )
22:30:18.0629 0x0560 Win FW state via NFP2: enabled
22:30:21.0052 0x0560 ============================================================
22:30:21.0052 0x0560 Scan finished
22:30:21.0052 0x0560 ============================================================
22:30:21.0062 0x0d10 Detected object count: 0
22:30:21.0062 0x0d10 Actual detected object count: 0
22:30:30.0856 0x07d0 Deinitialize success
nach einem Neustart wurde ich von Avast mit einer Updateaufforderung begrüßt. Habe dieses Update auch durchgeführt. Avast erscheint jetzt auch wieder rechts unten in der Liste. Gefühlt ist das ja schon mal ganz gut, oder? Grüße Christian |
|
10.05.2014, 22:25
| #7 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Hey, schaut viel besser aus!  Schritt 1: Adwarecleaner Löschen Bitte lass noch alle Funde von Adwarecleaner entfernen.
Schritt 2: Malwarebytes Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3: EmsiSoft Lade Dir bitte  Emsisoft MBR Master herunter und speichere es auf den Desktop.
Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
Schritt 4: Security Check Downloade Dir bitte  SecurityCheck und:
Schritt 5: Frage Wie läuft das System nun? |
|
10.05.2014, 22:45
| #8 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Hier die Logdatei von ADWCleaner: Code:
ATTFilter # AdwCleaner v3.207 - Bericht erstellt am 10/05/2014 um 21:58:13
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : mip-admin - ESMERALDA
# Gestartet von : C:\Users\mip-admin\Desktop\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : SearchAnonymizer
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gefunden : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Ordner Gefunden : C:\Program Files (x86)\Iminent
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\DesktopIconForAmazon
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\file scout
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\Iminent
Ordner Gefunden : C:\Users\Chef\AppData\Roaming\OCS
Ordner Gefunden : C:\Users\mip-admin\AppData\LocalLow\Delta
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : HKLM\SOFTWARE\80dc8fb73bec48
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Speedchecker Limited
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Google Chrome v34.0.1847.131
[ Datei : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Startup_urls] : hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91
Gefunden [Homepage] : hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91
Gefunden [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gefunden [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
[ Datei : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
*************************
AdwCleaner[R0].txt - [12086 octets] - [10/05/2014 21:58:13]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12147 octets] ##########
|
|
10.05.2014, 22:50
| #9 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Bitte achte auf meinen Anweisungen. Wenn Du mit Adwarecleaner suchst, musst Du dann auch auf Löschen klicken. So mache Schritt #1 nochmal und das ganz genau Was ist mit den anderen Logs? |
|
10.05.2014, 22:53
| #10 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 10.05.2014 Suchlauf-Zeit: 23:26:10 Logdatei: mbam.txt Administrator: Nein Version: 2.00.1.1004 Malware Datenbank: v2014.05.10.10 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: mip-admin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 295030 Verstrichene Zeit: 22 Min, 49 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 18 PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [5270bf90c3b8b383c3c6223621e1bd43], PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [5270bf90c3b8b383c3c6223621e1bd43], PUP.Optional.Iminent.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [ab1707480576e74f669086d20ff37a86], PUP.Optional.Iminent.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [ab1707480576e74f669086d20ff37a86], PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [665cc88735462a0c74145efa14ee03fd], PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [665cc88735462a0c74145efa14ee03fd], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [408248079eddef47a12edc7db64c867a], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [cff38dc2ea91d363ece4154455ad8f71], PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, In Quarantäne, [3c867cd3c6b5979f93dccdc8aa589e62], PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BabylonToolbar, In Quarantäne, [a81a86c96f0ce45253f95d5124df6c94], PUP.Optional.DataMngr.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, In Quarantäne, [2f93bf9052292f075a19c6e4f70c37c9], PUP.Optional.DataMngr.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [952dc08fdf9c7abc4032545620e334cc], PUP.Optional.Iminent.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [863c99b63e3d91a55a16a1f413ef10f0], PUP.Optional.Babylon.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, In Quarantäne, [734fda75403b62d4d7a4a407e023dc24], PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA, In Quarantäne, [c200d679bcbf40f6af616b3ec63de11f], PUP.Optional.Iminent.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, In Quarantäne, [408285ca5e1d4de9fa01bcc2dc26b64a], PUP.Optional.Iminent, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, In Quarantäne, [e7db4e013c3f7cba6629cdf3739012ee], PUP.Optional.BProtector.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, In Quarantäne, [437f89c6aad1a2948549911c4cb7c53b], Registrierungswerte: 4 PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|tlbrSrchUrl, In Quarantäne, [c200d679bcbf40f6af616b3ec63de11f], PUP.Optional.Delta.A, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|lastB, hxxp://www2.delta-search.com/?affID=119828&babsrc=HP_ss&mntrId=C62F2A67B06ED77F, In Quarantäne, [4b77b897700bc2744245a11054aff40c] PUP.BProtector, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www2.delta-search.com/?affID=119828&babsrc=HP_ss&mntrId=C62F2A67B06ED77F, In Quarantäne, [cef4ce8189f288aef282fdadf11209f7] PUP.BProtector, HKU\S-1-5-21-2669165515-361187302-876288576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [1da5a7a8a2d986b00a6b1d8d26dd8e72] Registrierungsdaten: 0 (No malicious items detected) Ordner: 33 PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Roaming\Iminent\Mediator, In Quarantäne, [b909450a0f6c93a395ba3d2f877bb64a], PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Roaming\Iminent\Mediator\Datas, In Quarantäne, [b909450a0f6c93a395ba3d2f877bb64a], PUP.Optional.FileScout.A, C:\Users\Chef\AppData\Roaming\FILE SCOUT, In Quarantäne, [665cd877780371c51a82224aff037c84], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\images, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\lib, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\1, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\1\de, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\1\Webmail, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\28, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\28\de, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\28\Webmail, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\default, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\default\de, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\default\Webmail, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\adapters\default\Webmail\Webmail, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\advertising, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\fx2, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\fx2\off, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\fx2\on, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\images, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\images\emoji, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\content\images\ql, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\games, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\scripts\minibar\menu_page, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\_locales, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\_locales\en, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.16.5.1_0\_locales\fr, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], Dateien: 431 PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\CHROME-EXTENSION_IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL_0.LOCALSTORAGE, In Quarantäne, [b70be56ab6c5d561e2c663199a68d32d], PUP.Optional.Iminent.A, C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\CHROME-EXTENSION_IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL_0.LOCALSTORAGE, In Quarantäne, [cbf71f308bf0989ec2e694e8a26025db], PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat, In Quarantäne, [b909450a0f6c93a395ba3d2f877bb64a], PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Roaming\Iminent\Mediator\Datas\user.dat, In Quarantäne, [b909450a0f6c93a395ba3d2f877bb64a], PUP.Optional.FileScout.A, C:\Users\Chef\AppData\Roaming\File Scout\uninst.exe, In Quarantäne, [665cd877780371c51a82224aff037c84], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\manifest.json, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\images\icon_19.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\images\logo128.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\images\logo16.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\images\logo48.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\background.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\contentScript.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\SOAP.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\lib\base64.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\lib\jquery.min.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\config.xml, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\minibar.min.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\template.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\translations.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\drivingitalia.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\guiadohardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\meebo.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\poptropica.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\01net.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\amazon.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\antronio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ask.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\autoscout.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\avmagazine.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\banners-test.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\basecamphq.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\blog.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\blogger.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\bomnegocio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ciao.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\conduit.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\craigslist.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\dailymotion.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\dailymotion.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\diretta.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ebay.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ebayit.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ehow.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\everyeye.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\facebook.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\facebook.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\flickr.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\forum.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\forumVB.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\foxsports.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\france_hardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\friv.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\funutilities.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\gamekult.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\gamesvillage.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\globo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\google-map.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\google-map.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\gumtree.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\hardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\hi5.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\hi5.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ilmeteo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\imdb.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\imdb.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\iminent_default.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\inbox.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\indeed.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\infos_du_net.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\jappy.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\leboncoin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\libero.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\linkedin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\lokalisten.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\macitynet.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\marca.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\meebo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\meteonetwork.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\milanuncios.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\movie2k.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\mundoanuncio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\myspace.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\myspace.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\netlog.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\nexopia.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\nexopia.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\nirvam.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ohmydollz.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\orkut.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\orkut.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\pagesjaunes.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\photobucket.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\pinterest.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\pof.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\prodigy_msn.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\roblox.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\schueler.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\segundamano.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\shopping.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\skype.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\skyrock.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\subito.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\t-online.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\t-online.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\tagged.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\taringa.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\taringa.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\terra.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\tibiabr.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\tiscali.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\tripadvisor.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\twitter.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\twitter.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\ultrasurf.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\uol.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\v9.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\virgilio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\voila.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\walmart.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\weather.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\web.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\wordpress.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\wp-admin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\xvideos.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yahoo.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yahoo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yammer.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yellowpages.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\yelp.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\youtube.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\youtube.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\lokalisten.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\lokalisten.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\schueler.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\schueler.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\stayfriends.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\stayfriends.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\studivz.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\studivz.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\wer-kennt-wen.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\de\wer-kennt-wen.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\aol.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\aol.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\gmail.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\gmail.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\hotmail.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\hotmail.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\orange.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\1\Webmail\outlook.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\drivingitalia.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\guiadohardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\meebo.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\poptropica.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\01net.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\amazon.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\antronio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ask.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\autoscout.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\avmagazine.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\banners-test.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\basecamphq.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\blog.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\blogger.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\bomnegocio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ciao.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\conduit.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\craigslist.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\dailymotion.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\dailymotion.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\diretta.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ebay.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ebayit.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ehow.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\everyeye.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\facebook.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\facebook.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\flickr.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\forum.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\forumVB.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\foxsports.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\france_hardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\friv.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\funutilities.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\gamekult.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\gamesvillage.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\globo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\google-map.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\google-map.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\gumtree.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\hardware.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\hi5.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\hi5.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ilmeteo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\imdb.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\imdb.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\iminent_default.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\inbox.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\indeed.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\infos_du_net.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\jappy.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\leboncoin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\libero.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\linkedin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\lokalisten.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\macitynet.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\marca.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\meebo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\meteonetwork.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\milanuncios.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\movie2k.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\mundoanuncio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\myspace.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\myspace.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\netlog.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\nexopia.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\nexopia.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\nirvam.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ohmydollz.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\orkut.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\orkut.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\pagesjaunes.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\photobucket.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\pinterest.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\pof.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\prodigy_msn.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\roblox.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\schueler.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\segundamano.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\shopping.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\skype.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\skyrock.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\subito.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\t-online.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\t-online.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\tagged.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\taringa.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\taringa.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\terra.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\tibiabr.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\tiscali.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\tripadvisor.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\twitter.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\twitter.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\ultrasurf.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\uol.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\v9.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\virgilio.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\voila.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\walmart.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\weather.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\web.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\wordpress.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\wp-admin.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\xvideos.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yahoo.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yahoo.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yammer.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yellowpages.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\yelp.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\youtube.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\youtube.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\lokalisten.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\lokalisten.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\schueler.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\schueler.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\stayfriends.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\stayfriends.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\studivz.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\studivz.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\wer-kennt-wen.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\de\wer-kennt-wen.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\aol.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\aol.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\gmail.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\gmail.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\hotmail.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\hotmail.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\orange.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\adapters\28\Webmail\outlook.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\advertising\AdFrame.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\advertising\adsmanagement.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\advertising\rmx.js, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\led_background.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\blink.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\flip.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\led.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\rainbow.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\typed.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\off\wave.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\blink.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\flip.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\led.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\rainbow.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\typed.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\fx2\on\wave.gif, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\googleimagesbuttonNEW.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\arrow.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ArrowExpandBar.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\BkgExpandBar.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\btnPinterest.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\close.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\default_icon.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\default_icon_states.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\Expand-26x24.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\fb-bg-sprite.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\fbcoverimage.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\fbimagenotheater.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\fbimageview.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\FB_Share.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\FB_Share_Tiny.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\gifts.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\googleimagesbutton.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\help.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\home.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin1_409daae67f73f4fb84c27d6d70463f2b.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin_bg.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin_hf.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\imbwin_vf.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\iminentbutton.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\iminentbutton_bg.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\InviteFriends.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\LeftExpandBar.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\leftTooltip.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\Line.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\Line2.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\logo48.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\mailfooter.jpg, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\Minibar_buttons.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\new.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\notification.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ql_popup3.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\RightExpandBar.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\rightTooltip.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\s10.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\search.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\separator.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\social_games.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\TellAFriendBackground.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\toolbarbutton_bg.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\toolbar_bg.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\tooltipArrow.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ui-check-box-checked.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ui-check-box.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B0.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9299.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\E29ABD.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\E29BB5.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8C99.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8C9F.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8CB9.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8D80.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8DBB.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8E81.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8E89.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8EB1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8EB6.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F8EB8.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F908D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90A7.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90AC.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90AE.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90AF.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B4.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B6.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B7.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F90B9.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F918C.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F918D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F918E.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F91BD.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9280.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9284.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F928B.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F928D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F928F.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9293.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9294.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9297.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F929B.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F929C.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F929D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F92A4.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F92A9.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F92AA.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F93B1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F94A5.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9881.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9882.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9884.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9889.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F988A.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F988C.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F988D.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9892.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9893.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9894.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9896.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9898.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F989A.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F989C.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F98A1.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F98AD.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F98B2.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F98B3.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9A97.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\emoji\F09F9ABD.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ql\add-icon.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ql\close-icon.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\content\images\ql\logo.png, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\gameiframe1.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\gameiframe2.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\gameiframe3.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\gameiframe4.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\games.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\games\games.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1031.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1033.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1036.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1040.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1048.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\1055.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\2070.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\3082.html, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\scripts\minibar\menu_page\ShareMenu.css, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\_locales\en\messages.json, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Conduit, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\_locales\fr\messages.json, In Quarantäne, [2c96bc93e398c670103cacc2fd05bf41], PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "homepage": "hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91",), Ersetzt,[0fb3b49b572483b3ec1aa7c82fd5fb05] PUP.Optional.Iminent.A, C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "startup_urls": [ "hxxp://start.iminent.com/?appId=288A8A51-74B4-4609-8847-01605AEE5E91", "hxxp://www.google.com" ],), Ersetzt,[caf8e06f5e1ddb5b1523fe71f60eb44c] Physische Sektoren: 0 (No malicious items detected) (end) Geändert von trojakick (10.05.2014 um 22:55 Uhr) Grund: ... hat irgenwie nicht funktioniert... |
|
10.05.2014, 22:56
| #11 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B MBR Master: Code:
ATTFilter Detected Windows version: 6.2 Build 9200
Installing direct disk access driver ...
Driver connection handle: 0x00000154
1 valid drive(s) found.
Details for Disk 0 - ST500LM012 HN-M500MBB Rev 2AR10002:
Device name : \\.\PhysicalDrive0
Geometry (C/H/S) : 60801/255/63
Boot loader reputation : Unknown
Cross view comparison : Passed
Partition table integrity: Passed
Boot loader hashes
SHA-1 : 639AC5CDF8A5CF3245975932C6A4215450A7B98F
MD5 : 5FB38429D5D77768867C76DCBDB35194
checkup.txt: Code:
ATTFilter Results of screen317's Security Check version 0.99.82
x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader 10.1.9 Adobe Reader out of Date!
Google Chrome 34.0.1847.116
Google Chrome 34.0.1847.131
````````Process Check: objlist.exe by Laurent````````
Intel iCLS Client AvastSvc.exe -?-
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
|
10.05.2014, 23:02
| #12 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Du solltest noch das Adwarecleaner Lösch Log posten, es sollte hier zu finden sein: C:\AdwCleaner\AdwCleaner[Sx].txt Wenn nicht, mache das nochmal, und beachte die Anweisungen gründlich:
Wie läuft Dein PC? |
|
10.05.2014, 23:03
| #13 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Sorry, da hab ich vorhin wohl nicht richtig aufgepasst... Hier nun die ADW-Logdatei nach dem soeben erfolgten Neustart: Code:
ATTFilter # AdwCleaner v3.207 - Bericht erstellt am 10/05/2014 um 23:59:07
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : mip-admin - ESMERALDA
# Gestartet von : C:\Users\mip-admin\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : SearchAnonymizer
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Chef\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Chef\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Chef\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Chef\AppData\Roaming\OCS
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\80dc8fb73bec48
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Google Chrome v34.0.1847.131
[ Datei : C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gelöscht [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
[ Datei : C:\Users\mip-admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
*************************
AdwCleaner[R0].txt - [12428 octets] - [10/05/2014 21:58:45]
AdwCleaner[R1].txt - [10523 octets] - [10/05/2014 23:58:11]
AdwCleaner[S0].txt - [10255 octets] - [10/05/2014 23:59:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10316 octets] ##########
|
|
10.05.2014, 23:06
| #14 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Wie läuft der PC? |
|
10.05.2014, 23:12
| #15 |
| | Windows 8: Trojaner gefunden Trojan-FDXU!4F37BB0A5E3B Ich würde sagen aktuell keine Auffälligkeiten. Avast ist auch noch vorhanden. Vorhin (einige Zeit vor dem Neustart) hatte ich eine Phase von ein paar Minuten, da gab griff der PC sehr viel auf die Platte zu, obwohl weder ein Scan, noch sonst irgendwas lief. Momentan ist diesbezüglich aber keine erhöhte Aktivität festzustellen. |
|
Adwarecleaner.
Linear-Darstellung
