| |
| |||||||
Log-Analyse und Auswertung: Hoch schädliche Malware infiziert PCWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
25.03.2015, 20:29
| #1 |
| |  Hoch schädliche Malware infiziert PC Guten Tag, Der PC meines Bruders ist in Wochen zu einer Viren verseuchten gift Schleuder mutiert. Gestern kam der totale absturz als er mich informierte. Malware Toolbars und Adware haben den gesammten PC geschädigt Vollendendes: -Browser durch (Luck seaches) blockiert. -Fehlermeldung beim deinstallieren von Programmen -Firewall deaktiviert -Avira deinstalliert -Rechte um Programme aus dem AS (RAM) zu entfernen genommen. -Über Skype versucht Viren zu versenden. -Systemwiederherstellung fehlgeschlagen Mein Vorgehen: -Über Gastkonto die Schadware aus dem RAM entfernt -Avira & Malwarebytes gedownloadet - In MSconfig Schadware aus dem Systemstart deaktiviert -Über 400 Viren bei Malbytes entdeckt und entfernt. -In Avira Systemdurchlauf immernoch Viren gefunden. - Firefox & Chrome neuinstalliert und Noscript installiert. Problem: Ich gehe davon aus das ein Teil erfolgreich gesäubert ist doch nicht alles, mir fehlen die Berechtigung um einige Programme in der Firewall zu deaktivieren. Außerdem startet der PC immer noch langsam neu und Avira kann keine Internetverbindung herstellen sprich keine Updates mehr installiern, außerdem wurde die Internetverbindung umgestellt von Privat auf öffentlich. Mir kommt es so vor als hätten die Angreifer immer noch die Kontrolle. Bitte um hilfe , danke ______________________________Daten__________________________ Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 25. März 2015 17:55
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : DOMINIC
Versionsinformationen:
BUILD.DAT : 15.0.8.656 91858 Bytes 17.03.2015 13:02:00
AVSCAN.EXE : 15.0.8.652 1014064 Bytes 17.03.2015 12:01:55
AVSCANRC.DLL : 15.0.8.652 63792 Bytes 17.03.2015 12:01:55
LUKE.DLL : 15.0.8.652 60664 Bytes 17.03.2015 12:02:00
AVSCPLR.DLL : 15.0.8.652 93488 Bytes 17.03.2015 12:01:55
REPAIR.DLL : 15.0.8.652 365360 Bytes 17.03.2015 12:01:55
REPAIR.RDF : 1.0.6.44 801970 Bytes 17.03.2015 12:02:03
AVREG.DLL : 15.0.8.652 265464 Bytes 17.03.2015 12:01:55
AVLODE.DLL : 15.0.8.656 645368 Bytes 17.03.2015 12:01:54
AVLODE.RDF : 14.0.4.54 78895 Bytes 17.03.2015 12:01:54
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:02:04
XBV00146.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00147.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00148.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00149.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00150.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00151.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00152.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00153.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00154.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00155.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00156.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00157.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00158.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00159.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00160.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00161.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00162.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00163.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00164.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00165.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00166.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00167.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00168.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00169.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00170.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00171.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00172.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00173.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00174.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00175.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00176.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00177.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00178.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00179.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00180.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00181.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00182.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00183.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00184.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00185.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00186.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00187.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00188.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00189.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00190.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00191.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00192.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00193.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00194.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00195.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00196.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00197.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00198.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00199.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00200.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00201.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00202.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00203.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00204.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00205.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00206.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00207.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00208.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00209.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00210.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00211.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00212.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00213.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00214.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00215.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00216.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00217.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00218.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00219.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00220.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00221.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00222.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00223.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00224.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00225.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00226.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00227.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00228.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00229.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00230.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00231.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00232.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00233.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00234.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00235.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00236.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00237.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00238.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00239.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00240.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00241.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00242.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00243.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00244.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00245.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00246.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00247.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00248.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00249.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00250.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00251.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00252.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00253.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00254.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00255.VDF : 8.11.213.176 2048 Bytes 05.03.2015 12:02:04
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 12:02:04
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 12:02:04
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 12:02:04
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 12:02:04
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 12:02:04
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 12:02:04
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 12:02:04
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 12:02:04
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 12:02:04
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 12:02:04
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 12:02:04
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 12:02:04
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 12:02:04
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 12:02:04
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 12:02:04
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 12:02:04
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 12:02:04
XBV00042.VDF : 8.11.213.202 3584 Bytes 05.03.2015 12:02:04
XBV00043.VDF : 8.11.213.204 2048 Bytes 05.03.2015 12:02:04
XBV00044.VDF : 8.11.213.230 40960 Bytes 05.03.2015 12:02:04
XBV00045.VDF : 8.11.214.2 29184 Bytes 05.03.2015 12:02:04
XBV00046.VDF : 8.11.214.28 25088 Bytes 05.03.2015 12:02:04
XBV00047.VDF : 8.11.214.30 14848 Bytes 05.03.2015 12:02:04
XBV00048.VDF : 8.11.214.32 3072 Bytes 05.03.2015 12:02:04
XBV00049.VDF : 8.11.214.34 2048 Bytes 06.03.2015 12:02:04
XBV00050.VDF : 8.11.214.38 39424 Bytes 06.03.2015 12:02:04
XBV00051.VDF : 8.11.214.40 6656 Bytes 06.03.2015 12:02:04
XBV00052.VDF : 8.11.214.42 4608 Bytes 06.03.2015 12:02:04
XBV00053.VDF : 8.11.214.44 5120 Bytes 06.03.2015 12:02:04
XBV00054.VDF : 8.11.214.46 23552 Bytes 06.03.2015 12:02:04
XBV00055.VDF : 8.11.214.48 3072 Bytes 06.03.2015 12:02:04
XBV00056.VDF : 8.11.214.50 25600 Bytes 06.03.2015 12:02:04
XBV00057.VDF : 8.11.214.72 2048 Bytes 06.03.2015 12:02:04
XBV00058.VDF : 8.11.214.92 48128 Bytes 06.03.2015 12:02:04
XBV00059.VDF : 8.11.214.112 12800 Bytes 06.03.2015 12:02:04
XBV00060.VDF : 8.11.214.114 2560 Bytes 06.03.2015 12:02:04
XBV00061.VDF : 8.11.214.136 32256 Bytes 06.03.2015 12:02:04
XBV00062.VDF : 8.11.214.138 2048 Bytes 06.03.2015 12:02:04
XBV00063.VDF : 8.11.214.140 2048 Bytes 07.03.2015 12:02:04
XBV00064.VDF : 8.11.214.144 34304 Bytes 07.03.2015 12:02:04
XBV00065.VDF : 8.11.214.146 2048 Bytes 07.03.2015 12:02:04
XBV00066.VDF : 8.11.214.168 33792 Bytes 07.03.2015 12:02:04
XBV00067.VDF : 8.11.214.188 71168 Bytes 08.03.2015 12:02:04
XBV00068.VDF : 8.11.214.190 2048 Bytes 08.03.2015 12:02:04
XBV00069.VDF : 8.11.214.192 2048 Bytes 08.03.2015 12:02:04
XBV00070.VDF : 8.11.214.212 2048 Bytes 08.03.2015 12:02:04
XBV00071.VDF : 8.11.214.232 28672 Bytes 08.03.2015 12:02:04
XBV00072.VDF : 8.11.214.252 69120 Bytes 09.03.2015 12:02:04
XBV00073.VDF : 8.11.215.14 3584 Bytes 09.03.2015 12:02:04
XBV00074.VDF : 8.11.215.32 7168 Bytes 09.03.2015 12:02:04
XBV00075.VDF : 8.11.215.50 12800 Bytes 09.03.2015 12:02:04
XBV00076.VDF : 8.11.215.52 5120 Bytes 09.03.2015 12:02:04
XBV00077.VDF : 8.11.215.70 17920 Bytes 09.03.2015 12:02:04
XBV00078.VDF : 8.11.215.90 2048 Bytes 09.03.2015 12:02:04
XBV00079.VDF : 8.11.215.110 2048 Bytes 09.03.2015 12:02:04
XBV00080.VDF : 8.11.215.132 29696 Bytes 09.03.2015 12:02:04
XBV00081.VDF : 8.11.215.134 11264 Bytes 09.03.2015 12:02:04
XBV00082.VDF : 8.11.215.136 11264 Bytes 09.03.2015 12:02:04
XBV00083.VDF : 8.11.215.138 12288 Bytes 10.03.2015 12:02:04
XBV00084.VDF : 8.11.215.140 35840 Bytes 10.03.2015 12:02:04
XBV00085.VDF : 8.11.215.158 6144 Bytes 10.03.2015 12:02:04
XBV00086.VDF : 8.11.215.174 5632 Bytes 10.03.2015 12:02:04
XBV00087.VDF : 8.11.215.190 8704 Bytes 10.03.2015 12:02:04
XBV00088.VDF : 8.11.215.206 19968 Bytes 10.03.2015 12:02:04
XBV00089.VDF : 8.11.215.222 12800 Bytes 10.03.2015 12:02:04
XBV00090.VDF : 8.11.215.226 2048 Bytes 10.03.2015 12:02:04
XBV00091.VDF : 8.11.215.230 14336 Bytes 10.03.2015 12:02:04
XBV00092.VDF : 8.11.215.234 26112 Bytes 10.03.2015 12:02:04
XBV00093.VDF : 8.11.215.236 11776 Bytes 10.03.2015 12:02:04
XBV00094.VDF : 8.11.215.240 22016 Bytes 11.03.2015 12:02:04
XBV00095.VDF : 8.11.215.242 2048 Bytes 11.03.2015 12:02:04
XBV00096.VDF : 8.11.215.244 2048 Bytes 11.03.2015 12:02:04
XBV00097.VDF : 8.11.216.4 7680 Bytes 11.03.2015 12:02:04
XBV00098.VDF : 8.11.216.20 12800 Bytes 11.03.2015 12:02:04
XBV00099.VDF : 8.11.216.36 19968 Bytes 11.03.2015 12:02:04
XBV00100.VDF : 8.11.216.52 2560 Bytes 11.03.2015 12:02:04
XBV00101.VDF : 8.11.216.54 22016 Bytes 11.03.2015 12:02:04
XBV00102.VDF : 8.11.216.56 8192 Bytes 11.03.2015 12:02:04
XBV00103.VDF : 8.11.216.58 4608 Bytes 11.03.2015 12:02:04
XBV00104.VDF : 8.11.216.60 16896 Bytes 11.03.2015 12:02:04
XBV00105.VDF : 8.11.216.76 14336 Bytes 11.03.2015 12:02:04
XBV00106.VDF : 8.11.216.90 30208 Bytes 11.03.2015 12:02:04
XBV00107.VDF : 8.11.216.104 5632 Bytes 12.03.2015 12:02:04
XBV00108.VDF : 8.11.216.118 6656 Bytes 12.03.2015 12:02:04
XBV00109.VDF : 8.11.216.120 24576 Bytes 12.03.2015 12:02:04
XBV00110.VDF : 8.11.216.122 16896 Bytes 12.03.2015 12:02:04
XBV00111.VDF : 8.11.216.124 2048 Bytes 12.03.2015 12:02:04
XBV00112.VDF : 8.11.216.138 16896 Bytes 12.03.2015 12:02:04
XBV00113.VDF : 8.11.216.140 2048 Bytes 12.03.2015 12:02:04
XBV00114.VDF : 8.11.216.154 3584 Bytes 12.03.2015 12:02:04
XBV00115.VDF : 8.11.216.168 2048 Bytes 12.03.2015 12:02:04
XBV00116.VDF : 8.11.216.182 70144 Bytes 12.03.2015 12:02:04
XBV00117.VDF : 8.11.216.196 2048 Bytes 13.03.2015 12:02:04
XBV00118.VDF : 8.11.216.200 46080 Bytes 13.03.2015 12:02:04
XBV00119.VDF : 8.11.216.214 11776 Bytes 13.03.2015 12:02:04
XBV00120.VDF : 8.11.216.228 4096 Bytes 13.03.2015 12:02:04
XBV00121.VDF : 8.11.216.242 2560 Bytes 13.03.2015 12:02:04
XBV00122.VDF : 8.11.216.254 2560 Bytes 13.03.2015 12:02:04
XBV00123.VDF : 8.11.217.10 7680 Bytes 13.03.2015 12:02:04
XBV00124.VDF : 8.11.217.14 2048 Bytes 13.03.2015 12:02:04
XBV00125.VDF : 8.11.217.16 24576 Bytes 13.03.2015 12:02:04
XBV00126.VDF : 8.11.217.22 17408 Bytes 13.03.2015 12:02:04
XBV00127.VDF : 8.11.217.24 2048 Bytes 13.03.2015 12:02:04
XBV00128.VDF : 8.11.217.26 2048 Bytes 13.03.2015 12:02:04
XBV00129.VDF : 8.11.217.28 15872 Bytes 13.03.2015 12:02:04
XBV00130.VDF : 8.11.217.42 84480 Bytes 14.03.2015 12:02:04
XBV00131.VDF : 8.11.217.54 2048 Bytes 14.03.2015 12:02:04
XBV00132.VDF : 8.11.217.66 2048 Bytes 14.03.2015 12:02:04
XBV00133.VDF : 8.11.217.78 19456 Bytes 14.03.2015 12:02:04
XBV00134.VDF : 8.11.217.90 71680 Bytes 15.03.2015 12:02:04
XBV00135.VDF : 8.11.217.102 2048 Bytes 15.03.2015 12:02:04
XBV00136.VDF : 8.11.217.124 6656 Bytes 15.03.2015 12:02:04
XBV00137.VDF : 8.11.217.136 76800 Bytes 16.03.2015 12:02:04
XBV00138.VDF : 8.11.217.146 3584 Bytes 16.03.2015 12:02:04
XBV00139.VDF : 8.11.217.156 3584 Bytes 16.03.2015 12:02:04
XBV00140.VDF : 8.11.217.166 4096 Bytes 16.03.2015 12:02:04
XBV00141.VDF : 8.11.217.176 12288 Bytes 16.03.2015 12:02:04
XBV00142.VDF : 8.11.217.186 13312 Bytes 16.03.2015 12:02:04
XBV00143.VDF : 8.11.217.188 24064 Bytes 16.03.2015 12:02:04
XBV00144.VDF : 8.11.217.194 7680 Bytes 16.03.2015 12:02:04
XBV00145.VDF : 8.11.217.198 31232 Bytes 16.03.2015 12:02:04
LOCAL000.VDF : 8.11.217.198 124588544 Bytes 16.03.2015 19:18:33
Engineversion : 8.3.30.0
AEVDF.DLL : 8.3.1.6 133992 Bytes 17.03.2015 12:01:51
AESCRIPT.DLL : 8.2.2.56 554920 Bytes 17.03.2015 12:01:51
AESCN.DLL : 8.3.2.2 139456 Bytes 17.03.2015 12:01:51
AESBX.DLL : 8.2.20.34 1615784 Bytes 17.03.2015 12:01:51
AERDL.DLL : 8.2.1.20 731040 Bytes 17.03.2015 12:01:51
AEPACK.DLL : 8.4.0.62 793456 Bytes 17.03.2015 12:01:51
AEOFFICE.DLL : 8.3.1.14 354216 Bytes 17.03.2015 12:01:51
AEMOBILE.DLL : 8.1.7.0 281456 Bytes 17.03.2015 12:01:51
AEHEUR.DLL : 8.1.4.1578 8137584 Bytes 17.03.2015 12:01:51
AEHELP.DLL : 8.3.1.0 278728 Bytes 17.03.2015 12:01:51
AEGEN.DLL : 8.1.7.40 456608 Bytes 17.03.2015 12:01:51
AEEXP.DLL : 8.4.2.70 255904 Bytes 17.03.2015 12:01:51
AEEMU.DLL : 8.1.3.4 399264 Bytes 17.03.2015 12:01:51
AEDROID.DLL : 8.4.3.116 1050536 Bytes 17.03.2015 12:01:51
AECORE.DLL : 8.3.4.0 243624 Bytes 17.03.2015 12:01:51
AEBB.DLL : 8.1.2.0 60448 Bytes 17.03.2015 12:01:51
AVWINLL.DLL : 15.0.8.652 25904 Bytes 17.03.2015 12:01:56
AVPREF.DLL : 15.0.8.652 53248 Bytes 17.03.2015 12:01:55
AVREP.DLL : 15.0.8.652 221432 Bytes 17.03.2015 12:01:55
AVARKT.DLL : 15.0.8.652 228088 Bytes 17.03.2015 12:01:52
AVEVTLOG.DLL : 15.0.8.652 183600 Bytes 17.03.2015 12:01:53
SQLITE3.DLL : 15.0.8.652 456440 Bytes 17.03.2015 12:02:03
AVSMTP.DLL : 15.0.8.652 79360 Bytes 17.03.2015 12:01:56
NETNT.DLL : 15.0.8.652 17352 Bytes 17.03.2015 12:02:01
RCIMAGE.DLL : 15.0.8.652 4864816 Bytes 17.03.2015 12:02:02
RCTEXT.DLL : 15.0.8.652 75056 Bytes 17.03.2015 12:02:02
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, Q:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
|
|
25.03.2015, 20:30
| #2 |
| | Hoch schädliche Malware infiziert PCCode:
ATTFilter Beginn des Suchlaufs: Mittwoch, 25. März 2015 17:55
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:, Q:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '158' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACService.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '147' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASGT.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsusProductRegisterService.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETService.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'GREGsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelMeFWService.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMIGuardianSvc.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'IScheduleSvc.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrB.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'USBS3S4Detection.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'vmware-usbarbitrator64.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'vmnat.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'vmware-authd.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'vmnetdhcp.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '232' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer.exe' - '141' Modul(e) wurden durchsucht
Durchsuche Prozess 'tv_w32.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'tv_x64.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'iusb3mon.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'BackupManagerTray.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '144' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '124' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskmgr.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '245' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'HydraDM.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'NASvc.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'PrivacyIconClient.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '143' Modul(e) wurden durchsucht
Durchsuche Prozess 'Unchecky_svc.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'Unchecky_bg.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avconfig.exe' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '27801' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Acer>
C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\_CommonRedist\DotNet\4.5.1\NDP451-KB2872776-x86-x64-AllOS-ENU.exe
[0] Archivtyp: 7-Zip SFX (self extracting)
--> netfx_core_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_core_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_extended_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_extended_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> header.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SplashScreen.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> watermark.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> DisplayIcon.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Print.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate1.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate2.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate3.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate4.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate5.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate6.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate7.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate8.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Save.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Setup.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/stop.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/SysReqMet.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/SysReqNotMet.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/warn.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> ParameterInfo.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Strings.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> UiInfo.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUi.xsd
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> DHtmlHeader.html
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Setup.exe
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUtility.exe
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupEngine.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUi.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> sqmapi.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.0-KB956250-v6001-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.0-KB956250-v6001-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.1-KB958488-v6001-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.1-KB958488-v6001-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows8-RT-KB2872772-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows8-RT-KB2872772-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR.mzz
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR.mzz
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\FreemakeVideoConverterSetup.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\Setup (1).exe
[FUND] Ist das Trojanische Pferd TR/Drop.Softomat.AN
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (2).exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (3).exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (4).exe
[0] Archivtyp: ZIP
--> Setup.exe
[1] Archivtyp: NSIS
--> ProgramFilesDir/qq49.dbicabfhhcdg
[FUND] Enthält Muster der Software PUA/Outbrowse.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup.exe
[FUND] Ist das Trojanische Pferd TR/Drop.Softomat.AN
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\SoftonicDownloader_fuer_modloader-for-minecraft.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
Beginne mit der Suche in 'D:\' <DATA>
Beginne mit der Suche in 'Q:\'
Der zu durchsuchende Pfad Q:\ konnte nicht geöffnet werden!
Systemfehler [5]: Zugriff verweigert
Beginne mit der Desinfektion:
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\SoftonicDownloader_fuer_modloader-for-minecraft.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup.exe
[FUND] Ist das Trojanische Pferd TR/Drop.Softomat.AN
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (4).exe
[FUND] Enthält Muster der Software PUA/Outbrowse.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (3).exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (2).exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\Setup (1).exe
[FUND] Ist das Trojanische Pferd TR/Drop.Softomat.AN
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\FreemakeVideoConverterSetup.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
Ende des Suchlaufs: Mittwoch, 25. März 2015 20:07
Benötigte Zeit: 2:12:10 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
50231 Verzeichnisse wurden überprüft
1937579 Dateien wurden geprüft
7 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
7 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1937572 Dateien ohne Befall
36614 Archive wurden durchsucht
2 Warnungen
7 Hinweise
1046931 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Avira Free Antivirus Updater
Engine/VDF Update
Erstellungszeitpunkt: Dienstag, 24. März 2015 20:19:21
Betriebssystem:
Windows 7 Professional (Service Pack 1) [6.1.7601] 64 bit
Produktinformationen:
Produktversion: 15.0.8.656
Updater: C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe 15.0.8.652
Updaterresource: C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll 15.0.8.652
Bibliothek: C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll 15.0.8.656
Plugin: C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll 15.0.8.652
GUI: C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll 15.0.8.652
Temporäres Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\
Backupverzeichnis: C:\ProgramData\Avira\AntiVir Desktop\BACKUP\
Installationsverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
Updaterverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
AppData Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\
Verbindungseinstellungen:
- Verbindungsart: Webserver
- Übertragungstyp: Vorhandene Verbindung
- Proxyeinstellungen: Verwende Systemeinstellungen
20:19:54 [UPD] [ERROR] Konnte keine Daten von der Update-Bridge abrufen: WinHTTP: Failed to receive response (ErrorCode: 12152)
20:19:54 [UPD] [ERROR] Fehlende Einstellungen von Updater-Bridge: Server '' Datei ''
Zusammenfassung:
****************
0 Dateien heruntergeladen
0 Dateien installiert
Dienstag, 24. März 2015 20:19:54
Das Update ist fehlgeschlagen!
20:19:55 [UPD] [INFO] Der Job 'C:\ProgramData\Avira\AntiVir Desktop\JOBS\b7309ae9.avj' wurde erfolgreich zur sofortigen Ausführung markiert.
______________________________________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 24.03.2015
Suchlauf-Zeit: 19:03:44
Logdatei:
Administrator: Ja
Version: 2.01.4.1018
Malware Datenbank: v2015.03.24.07
Rootkit Datenbank: v2015.02.25.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Joel
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 452918
Verstrichene Zeit: 11 Min, 59 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 12
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.exe, 4884, Löschen bei Neustart, [56019faaa1e90a2cfe12b480ce34738d]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.exe, 5784, Löschen bei Neustart, [3027ec5dc3c7fb3b25ebcf653ec4a45c]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 6316, Löschen bei Neustart, [40178dbccfbb0333648337d8e220c23e]
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, 4408, Löschen bei Neustart, [60f751f87d0d30062bc686aac939f60a]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, 4204, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe, 6076, Löschen bei Neustart, [1a3de762f4964aecb36e00b2758e26da]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe, 3296, Löschen bei Neustart, [94c39faa7d0db0864fd38f23e023ed13]
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 5096, Löschen bei Neustart, [98bfd772cbbf12245492596be71cb050]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowse64.exe, 3572, Löschen bei Neustart, [332450f92961f046e830bff19d660ef2]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz32.exe, 6124, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz64.exe, 5856, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzdap.exe, 3896, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f]
Module: 36
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Löschen bei Neustart, [71e659f0b1d950e685802945837d43bd],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, Löschen bei Neustart, [2631c6833c4e59ddac593c3251af07f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, Löschen bei Neustart, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, Löschen bei Neustart, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowserAction.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoomutil32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
Registrierungsschlüssel: 49
PUP.Optional.AirGlobe.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Air Globe, In Quarantäne, [56019faaa1e90a2cfe12b480ce34738d],
PUP.Optional.AirGlobe.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Air Globe, In Quarantäne, [3027ec5dc3c7fb3b25ebcf653ec4a45c],
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [40178dbccfbb0333648337d8e220c23e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [2f286adffe8c86b0ed703928f40f23dd],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [2f286adffe8c86b0ed703928f40f23dd],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [2f286adffe8c86b0ed703928f40f23dd],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4c54ce3d-6b7d-4f21-9e69-200632a98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4c54ce3d-6b7d-4f21-9e69-200632a98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{692f6862-1b0c-4c25-85bb-adade34051f4}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{692f6862-1b0c-4c25-85bb-adade34051f4}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{692f6862-1b0c-4c25-85bb-adade34051f4}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4C54CE3D-6B7D-4F21-9E69-200632A98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4C54CE3D-6B7D-4F21-9E69-200632A98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4C54CE3D-6B7D-4F21-9E69-200632A98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64, In Quarantäne, [17402f1aaae085b16754726add26df21],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [075098b1a6e45adcc324d4520500ad53],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\Air Globe, In Quarantäne, [cc8bbc8de5a539fd609fd0e345beff01],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [de790b3eb0dae84eaf81556cce3511ef],
PUP.Optional.LuckSearches.A, HKLM\SOFTWARE\WOW6432NODE\luckysearchesSoftware, In Quarantäne, [e27588c19eecfc3a4f346053e51e3cc4],
PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\RocketTab, In Quarantäne, [ef686cddbdcdcc6aadc67f55897ae21e],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [99befe4bf3979d99fbec2df936cfe51b],
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\luckysearches uninstall, In Quarantäne, [5700b099593122146d0d00b5b15215eb],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [7add2b1e0783181e5e902caa0ef5db25],
PUP.Optional.Bobyzoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bobyzoom, In Quarantäne, [1a3de762f4964aecb36e00b2758e26da],
PUP.Optional.Bobyzoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bzwdg, In Quarantäne, [94c39faa7d0db0864fd38f23e023ed13],
PUP.Optional.ZoomPic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tammgF119, Löschen bei Neustart, [a4b39faab7d36fc71adeeec328dbac54],
PUP.Optional.ZoomPic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tammgR119, Löschen bei Neustart, [91c6fb4e23672214c930525fd52e6c94],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [98bfd772cbbf12245492596be71cb050],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [77e0ce7bc1c91422da4f2ba132d1e917],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\Air Globe, In Quarantäne, [68ef46035f2bae8821df852f0af9e31d],
PUP.Optional.RocketTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\RocketTabInstalled, In Quarantäne, [8acde9600288d066cda7a034030006fa],
PUP.Optional.Qone8, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [80d7ff4ad0baf046a73fd45227de43bd],
PUP.Optional.IStart.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [e17688c13555e94d0f6202b46c97fb05],
PUP.Optional.RocketTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\SEARCH EXTENSIONS, In Quarantäne, [f760ed5c513987af47acc57c907557a9],
PUP.Optional.Bobyzoom.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C49B251C-B3AE-4F7E-aB3C-7E5C293E94C0}, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
Registrierungswerte: 4
PUP.Optional.IStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|istart_ffnt@gmail.com, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com, In Quarantäne, [c1968abfd2b83204dfc96154b54e2bd5]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, 2sq, In Quarantäne, [7add2b1e0783181e5e902caa0ef5db25]
PUP.Optional.IStart.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MOZILLA\EXTENDS|appid, istart_ffnt@gmail.com, In Quarantäne, [e17688c13555e94d0f6202b46c97fb05]
PUP.Optional.RocketTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\SEARCH EXTENSIONS|RocketTab, 1, In Quarantäne, [f760ed5c513987af47acc57c907557a9]
Registrierungsdaten: 18
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[0e49c287e0aab1856e00a543c5407c84]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[8ec994b5ff8b11258ce5dc0cd53039c7]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[26314207652502349dd2be2adc2931cf]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}),Ersetzt,[d582ed5c226839fdfe6b39af0302b44c]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[e96e59f0fd8d171fa9c034b4050007f9]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[a8af7fcaf595251124452abe64a1f808]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}),Ersetzt,[e96ece7b2862aa8c6dfc0eda8283d62a]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[3a1d65e482080f27030b866fd5304eb2]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[d780ff4a9af068ceb5b9aa3ecf36c838]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[51069eabbcceaf87472a38b00bfae41c]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[8acdc5840b7f37ffed8229bf719421df]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}),Ersetzt,[480fe465c2c877bfbaaf1dcb49bce51b]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[1344b693f397b97dc3a600e8de277a86]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[77e0460303874fe7e3860bdd7c89ca36]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}),Ersetzt,[d48311386228b4824524697ff114847c]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[cc8bae9bcac08caab15d92635ca9ac54]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[cf88df6a8802da5c4624dd0bce37f30d]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[4314f950107a3df93337a8409e67a25e]
Ordner: 80
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [c394a7a27e0cf5416518e3a959aa29d7],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [c394a7a27e0cf5416518e3a959aa29d7],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [7fd8ec5d3b4f52e40a09109929da3dc3],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [7fd8ec5d3b4f52e40a09109929da3dc3],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\lib, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\pack, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\en, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\en-US, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\es, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\es-419, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\it, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\pl, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\ru, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\tr, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\vi, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\defaults, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\defaults\preferences, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe, Löschen bei Neustart, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin, Löschen bei Neustart, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\TEMP, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Users\Joel\AppData\Local\Temp\Air Globe, In Quarantäne, [33241c2d533711259d7c3d739e6535cb],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\components, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
Dateien: 256
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.exe, Löschen bei Neustart, [56019faaa1e90a2cfe12b480ce34738d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.exe, Löschen bei Neustart, [3027ec5dc3c7fb3b25ebcf653ec4a45c],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Löschen bei Neustart, [40178dbccfbb0333648337d8e220c23e],
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, In Quarantäne, [60f751f87d0d30062bc686aac939f60a],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, In Quarantäne, [71e659f0b1d950e685802945837d43bd],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, In Quarantäne, [2631c6833c4e59ddac593c3251af07f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\AirGlobebho.dll, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
Trojan.Dropper.NS, C:\Users\Joel\Desktop\PlayerStubWrapper1.exe, In Quarantäne, [6dead079d2b834026897320d59a9e818],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.64\OptProSchedule.exe, In Quarantäne, [4e09ea5fec9ebb7b4531064e5ea3fc04],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.64\OptProSmartScan.exe, In Quarantäne, [b7a059f058322511cdaa252f847df50b],
PUP.Optional.OpenCandy, C:\Users\Joel\AppData\Local\Temp\FreemakeVideoConverter_4.1.1.1.exe, In Quarantäne, [50074306abdf0036ec4797a326dbdd23],
PUP.Optional.BrowserWatch, C:\Users\Joel\AppData\Local\Temp\Wtmp9299203\tmp\XTab_Setup2021.exe, In Quarantäne, [ef681b2e41498bab6a9bd29c59a7af51],
PUP.Optional.OpenCandy, C:\Users\Joel\Downloads\FreemakeVideoConverterSetup.exe, In Quarantäne, [6ee950f94248a98daa89bd7dd62b3bc5],
PUP.Optional.DigitalPlugin.C, C:\Users\Joel\Downloads\Setup (1).exe, In Quarantäne, [60f7a3a63b4f79bd91b66ec601019868],
PUP.Optional.BundleInstaller, C:\Users\Joel\Downloads\setup (2).exe, In Quarantäne, [e96e31182a603df96d6866b1ac56af51],
PUP.Optional.BundleInstaller, C:\Users\Joel\Downloads\setup (3).exe, In Quarantäne, [33241c2dff8b0c2a9f3613040cf6f50b],
PUP.Optional.OutBrowse, C:\Users\Joel\Downloads\setup (4).exe, In Quarantäne, [99bed27717734beb588c51e79171619f],
PUP.Optional.OutBrowse, C:\Users\Joel\Downloads\setup (5).exe, In Quarantäne, [ca8d98b14743e254d311b88061a112ee],
PUP.Optional.SoftPulse, C:\Users\Joel\Downloads\setup.exe, In Quarantäne, [084fe7623e4c7fb735b5b776c53d9a66],
PUP.Optional.OutBrowse, C:\Users\Joel\Downloads\Nicht bestätigt 153621.crdownload, In Quarantäne, [7bdcc287741646f0a83ca0980101e31d],
PUP.Optional.Bundlore.C, C:\Users\Joel\Downloads\Nicht bestätigt 31949.crdownload, In Quarantäne, [2a2d6fdad1b9e4523115ec48729008f8],
PUP.Optional.OutBrowse, C:\Users\Joel\Downloads\Nicht bestätigt 998914.crdownload, In Quarantäne, [a7b067e2b2d873c3a53feb4db052f010],
PUP.Optional.Softonic.A, C:\Users\Joel\Downloads\SoftonicDownloader_fuer_modloader-for-minecraft.exe, In Quarantäne, [eb6cdc6dbad054e26b2875d7778a13ed],
PUP.Optional.ZoomPic.A, c:\windows\system32\drivers\tammgf119.sys, Löschen bei Neustart, [fb5cb495c5c531050de9bff2748f2fd1],
PUP.Optional.ZoomPic.A, c:\windows\system32\drivers\tammgr119.sys, Löschen bei Neustart, [8ccb57f2dab0b4825c9b397844bf659b],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.luckysearches.com_0.localstorage, In Quarantäne, [cc8b2029206a6ec8621911a439ca6d93],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.luckysearches.com_0.localstorage-journal, In Quarantäne, [cb8c7acf2961b0862358645102018e72],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowserAction.dll, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\conf, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.RocketTab.A, C:\Windows\System32\Tasks\RocketTab, In Quarantäne, [72e570d97c0e59dd9cda7b59946f9e62],
PUP.Optional.RocketTab.A, C:\Windows\System32\Tasks\RocketTab Update Task, In Quarantäne, [7cdb8cbdbbcf32044630e3f181826a96],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64.sys, In Quarantäne, [17402f1aaae085b16754726add26df21],
PUP.Optional.MindSpark.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage, In Quarantäne, [342385c44e3c2214f265cb258281f20e],
PUP.Optional.MindSpark.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [de794603bad01d193c1b32be6b9830d0],
PUP.Optional.MindSpark.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage, In Quarantäne, [54033e0b32589b9bbc98de1333d026da],
PUP.Optional.MindSpark.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [74e36ddcc8c28aac431126cb8f747789],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe, Löschen bei Neustart, [1a3de762f4964aecb36e00b2758e26da],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe, Löschen bei Neustart, [94c39faa7d0db0864fd38f23e023ed13],
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [98bfd772cbbf12245492596be71cb050],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [c394a7a27e0cf5416518e3a959aa29d7],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, In Quarantäne, [7fd8ec5d3b4f52e40a09109929da3dc3],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome.manifest, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\install.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\index.html, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\js.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\icon.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\loading.gif, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\logo.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\simple.css, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\style.css, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\addonmanager.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\aes.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\config.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\dialogs.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\last_tab.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\misc.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\properties.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\remoterequest.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\restoreprefs.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\settings.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\faststart.update.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\ff.update.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\istart.update.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt#5.3.6.xpi, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt.xpi, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\lightning.update.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\511.json, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\MessageBox.xml, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\uninstallDlg2.xml, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\UninstallManager.exe, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\bg.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\bg1.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\bk_shadow.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\button.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\button1.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\checkbox.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\checkbox_select.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\checked.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\close.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\loading_bg.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\loading_light.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\min.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\scrollbar.bmp, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\Thumbs.db, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\unchecked.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code1.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code2.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code3.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code4.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code5.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code6.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\Thumbs.db, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\0, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\AirGlobe.ico, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.InstallState, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a635.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a63564.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.zip, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expextdll.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowse64.exe, Löschen bei Neustart, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowseG.zip, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\BrowserAdapter.7z, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\eula.txt, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\sqlite3.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.InstallState, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.BrowserAdapter.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.CompatibilityChecker.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.ExpExt.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.FFUpdate.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.GCUpdate.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.PurBrowseG.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoom.dat, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoom.xpi, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml64.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoomutil32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz32.exe, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz64.exe, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzdap.exe, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\logo.ico, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammg.sys, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammgf.sys, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammgr.sys, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\uninstaller.exe, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\utils.exe, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgapi.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain_app_bg.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain_app_cs.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\jquery4toolbar.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome.manifest, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\install.rdf, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\bubble.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\bubble.xul, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\icon.png, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\jquery4toolbar.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\style.xul, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\witapi.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\witmain.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\witutils.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9_expire, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9_gb, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f_expire, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f_gb, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde_expire, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde_gb, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\components\handleProtocol.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: (), Schlecht: ( "homepage": "hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W",), Ersetzt,[c097e26752389b9b6d72e7488e7857a9]
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W");), Ersetzt,[3b1c45041d6da195a33858d7a6607888]
PUP.Optional.QuickStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Ersetzt,[2c2bee5bd7b343f34bb85cd6cd39c040]
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
|
|
25.03.2015, 20:31
| #3 |
| | Hoch schädliche Malware infiziert PCCode:
ATTFilter Beginn des Suchlaufs: Mittwoch, 25. März 2015 17:55
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:, Q:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '158' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACService.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '147' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASGT.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsusProductRegisterService.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETService.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'GREGsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelMeFWService.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMIGuardianSvc.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'IScheduleSvc.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrB.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'USBS3S4Detection.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'vmware-usbarbitrator64.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'vmnat.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'vmware-authd.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'vmnetdhcp.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '232' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer.exe' - '141' Modul(e) wurden durchsucht
Durchsuche Prozess 'tv_w32.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'tv_x64.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'iusb3mon.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'BackupManagerTray.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '144' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '124' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskmgr.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '245' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'HydraDM.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'NASvc.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'PrivacyIconClient.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '143' Modul(e) wurden durchsucht
Durchsuche Prozess 'Unchecky_svc.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'Unchecky_bg.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avconfig.exe' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '27801' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Acer>
C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\_CommonRedist\DotNet\4.5.1\NDP451-KB2872776-x86-x64-AllOS-ENU.exe
[0] Archivtyp: 7-Zip SFX (self extracting)
--> netfx_core_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_core_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_extended_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_extended_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> header.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SplashScreen.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> watermark.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> DisplayIcon.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Print.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate1.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate2.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate3.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate4.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate5.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate6.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate7.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate8.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Save.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Setup.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/stop.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/SysReqMet.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/SysReqNotMet.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/warn.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> ParameterInfo.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Strings.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> UiInfo.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUi.xsd
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> DHtmlHeader.html
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Setup.exe
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUtility.exe
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupEngine.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUi.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> sqmapi.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.0-KB956250-v6001-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.0-KB956250-v6001-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.1-KB958488-v6001-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.1-KB958488-v6001-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows8-RT-KB2872772-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows8-RT-KB2872772-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR.mzz
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR.mzz
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\FreemakeVideoConverterSetup.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\Setup (1).exe
[FUND] Ist das Trojanische Pferd TR/Drop.Softomat.AN
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (2).exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (3).exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (4).exe
[0] Archivtyp: ZIP
--> Setup.exe
[1] Archivtyp: NSIS
--> ProgramFilesDir/qq49.dbicabfhhcdg
[FUND] Enthält Muster der Software PUA/Outbrowse.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup.exe
[FUND] Ist das Trojanische Pferd TR/Drop.Softomat.AN
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\SoftonicDownloader_fuer_modloader-for-minecraft.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
Beginne mit der Suche in 'D:\' <DATA>
Beginne mit der Suche in 'Q:\'
Der zu durchsuchende Pfad Q:\ konnte nicht geöffnet werden!
Systemfehler [5]: Zugriff verweigert
Beginne mit der Desinfektion:
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\SoftonicDownloader_fuer_modloader-for-minecraft.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup.exe
[FUND] Ist das Trojanische Pferd TR/Drop.Softomat.AN
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (4).exe
[FUND] Enthält Muster der Software PUA/Outbrowse.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (3).exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\setup (2).exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\Setup (1).exe
[FUND] Ist das Trojanische Pferd TR/Drop.Softomat.AN
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
C:\System Volume Information\SystemRestore\FRStaging\Users\Joel\Downloads\FreemakeVideoConverterSetup.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde erfolgreich überschrieben!
[HINWEIS] Die Datei wurde gelöscht.
Ende des Suchlaufs: Mittwoch, 25. März 2015 20:07
Benötigte Zeit: 2:12:10 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
50231 Verzeichnisse wurden überprüft
1937579 Dateien wurden geprüft
7 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
7 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1937572 Dateien ohne Befall
36614 Archive wurden durchsucht
2 Warnungen
7 Hinweise
1046931 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Avira Free Antivirus Updater
Engine/VDF Update
Erstellungszeitpunkt: Dienstag, 24. März 2015 20:19:21
Betriebssystem:
Windows 7 Professional (Service Pack 1) [6.1.7601] 64 bit
Produktinformationen:
Produktversion: 15.0.8.656
Updater: C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe 15.0.8.652
Updaterresource: C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll 15.0.8.652
Bibliothek: C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll 15.0.8.656
Plugin: C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll 15.0.8.652
GUI: C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll 15.0.8.652
Temporäres Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\
Backupverzeichnis: C:\ProgramData\Avira\AntiVir Desktop\BACKUP\
Installationsverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
Updaterverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
AppData Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\
Verbindungseinstellungen:
- Verbindungsart: Webserver
- Übertragungstyp: Vorhandene Verbindung
- Proxyeinstellungen: Verwende Systemeinstellungen
20:19:54 [UPD] [ERROR] Konnte keine Daten von der Update-Bridge abrufen: WinHTTP: Failed to receive response (ErrorCode: 12152)
20:19:54 [UPD] [ERROR] Fehlende Einstellungen von Updater-Bridge: Server '' Datei ''
Zusammenfassung:
****************
0 Dateien heruntergeladen
0 Dateien installiert
Dienstag, 24. März 2015 20:19:54
Das Update ist fehlgeschlagen!
20:19:55 [UPD] [INFO] Der Job 'C:\ProgramData\Avira\AntiVir Desktop\JOBS\b7309ae9.avj' wurde erfolgreich zur sofortigen Ausführung markiert.
______________________________________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 24.03.2015
Suchlauf-Zeit: 19:03:44
Logdatei:
Administrator: Ja
Version: 2.01.4.1018
Malware Datenbank: v2015.03.24.07
Rootkit Datenbank: v2015.02.25.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Joel
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 452918
Verstrichene Zeit: 11 Min, 59 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 12
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.exe, 4884, Löschen bei Neustart, [56019faaa1e90a2cfe12b480ce34738d]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.exe, 5784, Löschen bei Neustart, [3027ec5dc3c7fb3b25ebcf653ec4a45c]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 6316, Löschen bei Neustart, [40178dbccfbb0333648337d8e220c23e]
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, 4408, Löschen bei Neustart, [60f751f87d0d30062bc686aac939f60a]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, 4204, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe, 6076, Löschen bei Neustart, [1a3de762f4964aecb36e00b2758e26da]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe, 3296, Löschen bei Neustart, [94c39faa7d0db0864fd38f23e023ed13]
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 5096, Löschen bei Neustart, [98bfd772cbbf12245492596be71cb050]
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowse64.exe, 3572, Löschen bei Neustart, [332450f92961f046e830bff19d660ef2]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz32.exe, 6124, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz64.exe, 5856, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f]
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzdap.exe, 3896, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f]
Module: 36
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Löschen bei Neustart, [71e659f0b1d950e685802945837d43bd],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, Löschen bei Neustart, [2631c6833c4e59ddac593c3251af07f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, Löschen bei Neustart, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, Löschen bei Neustart, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowserAction.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoomutil32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
Registrierungsschlüssel: 49
PUP.Optional.AirGlobe.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Air Globe, In Quarantäne, [56019faaa1e90a2cfe12b480ce34738d],
PUP.Optional.AirGlobe.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Air Globe, In Quarantäne, [3027ec5dc3c7fb3b25ebcf653ec4a45c],
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [40178dbccfbb0333648337d8e220c23e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.SupTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [2f286adffe8c86b0ed703928f40f23dd],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [2f286adffe8c86b0ed703928f40f23dd],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [2f286adffe8c86b0ed703928f40f23dd],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4c54ce3d-6b7d-4f21-9e69-200632a98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4c54ce3d-6b7d-4f21-9e69-200632a98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{692f6862-1b0c-4c25-85bb-adade34051f4}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{231022F1-BDDF-4AA9-B01F-87A7D6FB6CAF}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{692f6862-1b0c-4c25-85bb-adade34051f4}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{692f6862-1b0c-4c25-85bb-adade34051f4}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4C54CE3D-6B7D-4F21-9E69-200632A98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4C54CE3D-6B7D-4F21-9E69-200632A98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4C54CE3D-6B7D-4F21-9E69-200632A98540}, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64, In Quarantäne, [17402f1aaae085b16754726add26df21],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [075098b1a6e45adcc324d4520500ad53],
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\Air Globe, In Quarantäne, [cc8bbc8de5a539fd609fd0e345beff01],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [de790b3eb0dae84eaf81556cce3511ef],
PUP.Optional.LuckSearches.A, HKLM\SOFTWARE\WOW6432NODE\luckysearchesSoftware, In Quarantäne, [e27588c19eecfc3a4f346053e51e3cc4],
PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\RocketTab, In Quarantäne, [ef686cddbdcdcc6aadc67f55897ae21e],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [99befe4bf3979d99fbec2df936cfe51b],
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\luckysearches uninstall, In Quarantäne, [5700b099593122146d0d00b5b15215eb],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [7add2b1e0783181e5e902caa0ef5db25],
PUP.Optional.Bobyzoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bobyzoom, In Quarantäne, [1a3de762f4964aecb36e00b2758e26da],
PUP.Optional.Bobyzoom.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bzwdg, In Quarantäne, [94c39faa7d0db0864fd38f23e023ed13],
PUP.Optional.ZoomPic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tammgF119, Löschen bei Neustart, [a4b39faab7d36fc71adeeec328dbac54],
PUP.Optional.ZoomPic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tammgR119, Löschen bei Neustart, [91c6fb4e23672214c930525fd52e6c94],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [98bfd772cbbf12245492596be71cb050],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [77e0ce7bc1c91422da4f2ba132d1e917],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\Air Globe, In Quarantäne, [68ef46035f2bae8821df852f0af9e31d],
PUP.Optional.RocketTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\RocketTabInstalled, In Quarantäne, [8acde9600288d066cda7a034030006fa],
PUP.Optional.Qone8, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [80d7ff4ad0baf046a73fd45227de43bd],
PUP.Optional.IStart.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [e17688c13555e94d0f6202b46c97fb05],
PUP.Optional.RocketTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\SEARCH EXTENSIONS, In Quarantäne, [f760ed5c513987af47acc57c907557a9],
PUP.Optional.Bobyzoom.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C49B251C-B3AE-4F7E-aB3C-7E5C293E94C0}, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
Registrierungswerte: 4
PUP.Optional.IStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|istart_ffnt@gmail.com, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com, In Quarantäne, [c1968abfd2b83204dfc96154b54e2bd5]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, 2sq, In Quarantäne, [7add2b1e0783181e5e902caa0ef5db25]
PUP.Optional.IStart.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MOZILLA\EXTENDS|appid, istart_ffnt@gmail.com, In Quarantäne, [e17688c13555e94d0f6202b46c97fb05]
PUP.Optional.RocketTab.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\SEARCH EXTENSIONS|RocketTab, 1, In Quarantäne, [f760ed5c513987af47acc57c907557a9]
Registrierungsdaten: 18
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[0e49c287e0aab1856e00a543c5407c84]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[8ec994b5ff8b11258ce5dc0cd53039c7]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[26314207652502349dd2be2adc2931cf]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}),Ersetzt,[d582ed5c226839fdfe6b39af0302b44c]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[e96e59f0fd8d171fa9c034b4050007f9]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[a8af7fcaf595251124452abe64a1f808]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}),Ersetzt,[e96ece7b2862aa8c6dfc0eda8283d62a]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[3a1d65e482080f27030b866fd5304eb2]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[d780ff4a9af068ceb5b9aa3ecf36c838]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[51069eabbcceaf87472a38b00bfae41c]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.luckysearches.com/?type=sc&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[8acdc5840b7f37ffed8229bf719421df]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}),Ersetzt,[480fe465c2c877bfbaaf1dcb49bce51b]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[1344b693f397b97dc3a600e8de277a86]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[77e0460303874fe7e3860bdd7c89ca36]
PUP.Optional.LuckySearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/web/?type=ds&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W&q={searchTerms}),Ersetzt,[d48311386228b4824524697ff114847c]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[cc8bae9bcac08caab15d92635ca9ac54]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[cf88df6a8802da5c4624dd0bce37f30d]
PUP.Optional.LuckySearches.A, HKU\S-1-5-21-1455717823-835188907-681337027-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W, Gut: (www.google.com), Schlecht: (hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W),Ersetzt,[4314f950107a3df93337a8409e67a25e]
Ordner: 80
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [c394a7a27e0cf5416518e3a959aa29d7],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [c394a7a27e0cf5416518e3a959aa29d7],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [7fd8ec5d3b4f52e40a09109929da3dc3],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [7fd8ec5d3b4f52e40a09109929da3dc3],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\lib, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\pack, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\en, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\en-US, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\es, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\es-419, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\it, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\pl, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\ru, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\tr, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\vi, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\defaults, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\defaults\preferences, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe, Löschen bei Neustart, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin, Löschen bei Neustart, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\TEMP, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Users\Joel\AppData\Local\Temp\Air Globe, In Quarantäne, [33241c2d533711259d7c3d739e6535cb],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\components, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
Dateien: 256
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.exe, Löschen bei Neustart, [56019faaa1e90a2cfe12b480ce34738d],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.exe, Löschen bei Neustart, [3027ec5dc3c7fb3b25ebcf653ec4a45c],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Löschen bei Neustart, [40178dbccfbb0333648337d8e220c23e],
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, In Quarantäne, [60f751f87d0d30062bc686aac939f60a],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, In Quarantäne, [71e659f0b1d950e685802945837d43bd],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, In Quarantäne, [2631c6833c4e59ddac593c3251af07f9],
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, In Quarantäne, [ea6dd277d2b8dd59983fed48669aed13],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\AirGlobebho.dll, In Quarantäne, [5106b4952b5f55e16c60481d7c87a45c],
Trojan.Dropper.NS, C:\Users\Joel\Desktop\PlayerStubWrapper1.exe, In Quarantäne, [6dead079d2b834026897320d59a9e818],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.64\OptProSchedule.exe, In Quarantäne, [4e09ea5fec9ebb7b4531064e5ea3fc04],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.64\OptProSmartScan.exe, In Quarantäne, [b7a059f058322511cdaa252f847df50b],
PUP.Optional.OpenCandy, C:\Users\Joel\AppData\Local\Temp\FreemakeVideoConverter_4.1.1.1.exe, In Quarantäne, [50074306abdf0036ec4797a326dbdd23],
PUP.Optional.BrowserWatch, C:\Users\Joel\AppData\Local\Temp\Wtmp9299203\tmp\XTab_Setup2021.exe, In Quarantäne, [ef681b2e41498bab6a9bd29c59a7af51],
PUP.Optional.OpenCandy, C:\Users\Joel\Downloads\FreemakeVideoConverterSetup.exe, In Quarantäne, [6ee950f94248a98daa89bd7dd62b3bc5],
PUP.Optional.DigitalPlugin.C, C:\Users\Joel\Downloads\Setup (1).exe, In Quarantäne, [60f7a3a63b4f79bd91b66ec601019868],
PUP.Optional.BundleInstaller, C:\Users\Joel\Downloads\setup (2).exe, In Quarantäne, [e96e31182a603df96d6866b1ac56af51],
PUP.Optional.BundleInstaller, C:\Users\Joel\Downloads\setup (3).exe, In Quarantäne, [33241c2dff8b0c2a9f3613040cf6f50b],
PUP.Optional.OutBrowse, C:\Users\Joel\Downloads\setup (4).exe, In Quarantäne, [99bed27717734beb588c51e79171619f],
PUP.Optional.OutBrowse, C:\Users\Joel\Downloads\setup (5).exe, In Quarantäne, [ca8d98b14743e254d311b88061a112ee],
PUP.Optional.SoftPulse, C:\Users\Joel\Downloads\setup.exe, In Quarantäne, [084fe7623e4c7fb735b5b776c53d9a66],
PUP.Optional.OutBrowse, C:\Users\Joel\Downloads\Nicht bestätigt 153621.crdownload, In Quarantäne, [7bdcc287741646f0a83ca0980101e31d],
PUP.Optional.Bundlore.C, C:\Users\Joel\Downloads\Nicht bestätigt 31949.crdownload, In Quarantäne, [2a2d6fdad1b9e4523115ec48729008f8],
PUP.Optional.OutBrowse, C:\Users\Joel\Downloads\Nicht bestätigt 998914.crdownload, In Quarantäne, [a7b067e2b2d873c3a53feb4db052f010],
PUP.Optional.Softonic.A, C:\Users\Joel\Downloads\SoftonicDownloader_fuer_modloader-for-minecraft.exe, In Quarantäne, [eb6cdc6dbad054e26b2875d7778a13ed],
PUP.Optional.ZoomPic.A, c:\windows\system32\drivers\tammgf119.sys, Löschen bei Neustart, [fb5cb495c5c531050de9bff2748f2fd1],
PUP.Optional.ZoomPic.A, c:\windows\system32\drivers\tammgr119.sys, Löschen bei Neustart, [8ccb57f2dab0b4825c9b397844bf659b],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.luckysearches.com_0.localstorage, In Quarantäne, [cc8b2029206a6ec8621911a439ca6d93],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.luckysearches.com_0.localstorage-journal, In Quarantäne, [cb8c7acf2961b0862358645102018e72],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowserAction.dll, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\conf, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, In Quarantäne, [e671d574b9d1a393052cecd53bc825db],
PUP.Optional.RocketTab.A, C:\Windows\System32\Tasks\RocketTab, In Quarantäne, [72e570d97c0e59dd9cda7b59946f9e62],
PUP.Optional.RocketTab.A, C:\Windows\System32\Tasks\RocketTab Update Task, In Quarantäne, [7cdb8cbdbbcf32044630e3f181826a96],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw64.sys, In Quarantäne, [17402f1aaae085b16754726add26df21],
PUP.Optional.MindSpark.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage, In Quarantäne, [342385c44e3c2214f265cb258281f20e],
PUP.Optional.MindSpark.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [de794603bad01d193c1b32be6b9830d0],
PUP.Optional.MindSpark.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage, In Quarantäne, [54033e0b32589b9bbc98de1333d026da],
PUP.Optional.MindSpark.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [74e36ddcc8c28aac431126cb8f747789],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzagnt.exe, Löschen bei Neustart, [1a3de762f4964aecb36e00b2758e26da],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzwdg.exe, Löschen bei Neustart, [94c39faa7d0db0864fd38f23e023ed13],
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [98bfd772cbbf12245492596be71cb050],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [c394a7a27e0cf5416518e3a959aa29d7],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, In Quarantäne, [7fd8ec5d3b4f52e40a09109929da3dc3],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome.manifest, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\install.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\index.html, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\js.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\icon.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\loading.gif, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\logo.png, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\simple.css, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\chrome\skin\style.css, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\addonmanager.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\aes.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\config.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\dialogs.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\last_tab.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\misc.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\properties.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\remoterequest.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\restoreprefs.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\modules\settings.js, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\faststart.update.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\ff.update.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\istart.update.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt#5.3.6.xpi, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt.xpi, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.IStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\istart_ffnt@gmail.com\updateinfo\lightning.update.rdf, In Quarantäne, [2b2c9bae3e4c0f2728d4bbf39073b050],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\511.json, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\MessageBox.xml, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\uninstallDlg2.xml, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\UninstallManager.exe, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\bg.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\bg1.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\bk_shadow.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\button.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\button1.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\checkbox.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\checkbox_select.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\checked.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\close.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\loading_bg.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\loading_light.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\min.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\scrollbar.bmp, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\Thumbs.db, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\unchecked.png, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code1.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code2.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code3.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code4.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code5.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\code6.jpg, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\luckysearches\images\code\Thumbs.db, In Quarantäne, [59fe5ced5e2c77bf531ead024eb5f60a],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\0, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\AirGlobe.ico, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\updateAirGlobe.InstallState, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a635.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\957716417d7b46d9a63564.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.zip, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.expextdll.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowse64.exe, Löschen bei Neustart, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\AirGlobe.PurBrowseG.zip, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\BrowserAdapter.7z, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\eula.txt, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\sqlite3.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\utilAirGlobe.InstallState, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.BrowserAdapter.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.CompatibilityChecker.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.ExpExt.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.FFUpdate.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.GCUpdate.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.AirGlobe.A, C:\Program Files (x86)\Air Globe\bin\plugins\AirGlobe.PurBrowseG.dll, In Quarantäne, [332450f92961f046e830bff19d660ef2],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoom.dat, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoom.xpi, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzooml64.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bobyzoomutil32.dll, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz32.exe, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bz64.exe, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\bzdap.exe, Löschen bei Neustart, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\logo.ico, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammg.sys, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammgf.sys, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\tammgr.sys, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\uninstaller.exe, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\programdata\bobyzoom\1.1.0.30\utils.exe, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgapi.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain_app_bg.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\dgmain_app_cs.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, c:\ProgramData\bobyzoom\1.1.0.30\content\jquery4toolbar.js, In Quarantäne, [e17614358cfeb0864391248c18ebe11f],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome.manifest, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\install.rdf, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\bubble.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\bubble.xul, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\icon.png, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\jquery4toolbar.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\style.xul, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\witapi.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\witmain.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\witutils.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9_expire, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9_gb, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f_expire, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f_gb, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde_expire, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde_gb, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.Bobyzoom.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\extensions\bbz@bobyzoom.com\components\handleProtocol.js, In Quarantäne, [a9aed871deaca393c4229e129f6424dc],
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: (), Schlecht: ( "homepage": "hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W",), Ersetzt,[c097e26752389b9b6d72e7488e7857a9]
PUP.Optional.LuckySearches.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.luckysearches.com/?type=hp&ts=1427218112&from=2sq&uid=ST1000DM003-1CH162_Z1D3H42WXXXXZ1D3H42W");), Ersetzt,[3b1c45041d6da195a33858d7a6607888]
PUP.Optional.QuickStart.A, C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\1zmee2m8.default-1393801206808\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Ersetzt,[2c2bee5bd7b343f34bb85cd6cd39c040]
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
|
|
28.03.2015, 19:46
| #4 |
| /// the machine /// TB-Ausbilder    | Hoch schädliche Malware infiziert PC hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.03.2015, 16:14
| #5 |
| | Hoch schädliche Malware infiziert PCFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Newtest (administrator) on DOMINIC on 31-03-2015 17:13:40 Running from C:\Users\Newtest\Downloads Loaded Profiles: Newtest (Available profiles: Joel & Newtest & Gast) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe () C:\Windows\SysWOW64\ASGT.exe () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe () C:\OEM\USBDECTION\USBS3S4Detection.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (AMD) C:\Windows\System32\atieclxx.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE () C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-05] (Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-03-06] (Intel Corporation) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-17] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1455717823-835188907-681337027-1006\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-06-11] (AMD) ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-1455717823-835188907-681337027-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-02-19] (DVDVideoSoft Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-02-19] (DVDVideoSoft Ltd.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-24] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR Profile: C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25] CHR Extension: (Google Docs) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25] CHR Extension: (Google Drive) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25] CHR Extension: (YouTube) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25] CHR Extension: (Google Search) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25] CHR Extension: (Google Sheets) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25] CHR Extension: (Avira Browser Safety) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-25] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25] CHR Extension: (Google Wallet) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25] CHR Extension: (µMatrix) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2015-03-25] CHR Extension: (Gmail) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-17] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-17] (Avira Operations GmbH & Co. KG) R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] () R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-08-15] () R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [30080 2011-06-14] () S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-06] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-25] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-01-01] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-01-01] () S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2899968 2013-08-22] (Microsoft Corporation) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5447952 2015-03-25] (TeamViewer GmbH) R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [161744 2015-03-25] (RaMMicHaeL) R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] () R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79360 2013-03-01] (VMware, Inc.) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.) S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-16] (Disc Soft Ltd) S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] () [File not signed] R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-31] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation) S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [238096 2012-05-21] (REALTEK SEMICONDUCTOR Corp.) S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39016 2011-12-29] (REALTEK SEMICONDUCTOR Corp.) S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [48488 2011-06-13] (Realtek) R3 SaiK1107; C:\Windows\System32\DRIVERS\SaiK1107.sys [180584 2012-12-05] (Saitek) S3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [47168 2012-09-20] (Saitek) R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-03-01] (VMware, Inc.) S3 cpuz134; \??\C:\Users\Joel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] S3 GPUZ; \??\C:\Users\Joel\AppData\Local\Temp\GPUZ.sys [X] S3 pmem; \??\C:\Users\Joel\AppData\Local\Temp\_MEI20842\drivers\winpmem64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-31 16:35 - 2015-03-31 16:35 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\SoftGrid Client 2015-03-31 16:35 - 2015-03-31 16:35 - 00000000 ____D () C:\Users\Newtest\AppData\Local\SoftGrid Client 2015-03-30 17:51 - 2015-03-30 17:51 - 00043502 _____ () C:\Users\Newtest\Downloads\Addition.txt 2015-03-30 17:48 - 2015-03-31 17:13 - 00020366 _____ () C:\Users\Newtest\Downloads\FRST.txt 2015-03-30 17:48 - 2015-03-31 17:13 - 00000000 ____D () C:\FRST 2015-03-30 17:47 - 2015-03-30 17:48 - 02095616 _____ (Farbar) C:\Users\Newtest\Downloads\FRST64.exe 2015-03-28 16:22 - 2015-03-30 15:38 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\TS3Client 2015-03-28 16:21 - 2015-03-28 16:25 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Arma 3 Launcher 2015-03-28 16:21 - 2015-03-28 16:21 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Bohemia_Interactive 2015-03-26 00:11 - 2015-03-30 15:06 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Arma 3 2015-03-26 00:11 - 2015-03-26 00:48 - 00000000 ____D () C:\Users\Newtest\Documents\Arma 3 2015-03-26 00:09 - 2015-03-26 00:09 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Steam 2015-03-25 21:31 - 2015-03-25 21:31 - 00000000 ____D () C:\Users\Newtest\Tracing 2015-03-25 21:06 - 2015-03-30 01:57 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Skype 2015-03-25 21:06 - 2015-03-25 21:06 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Skype 2015-03-25 19:50 - 2015-03-25 19:50 - 00001215 _____ () C:\Users\Newtest\Desktop\malbytes.txt 2015-03-25 18:18 - 2015-03-25 18:18 - 00001023 _____ () C:\Users\Public\Desktop\Unchecky.lnk 2015-03-25 18:18 - 2015-03-25 18:18 - 00000000 ____D () C:\ProgramData\Unchecky 2015-03-25 18:18 - 2015-03-25 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky 2015-03-25 18:18 - 2015-03-25 18:18 - 00000000 ____D () C:\Program Files (x86)\Unchecky 2015-03-25 18:18 - 2015-03-25 18:17 - 00986472 _____ (RaMMicHaeL) C:\Users\Newtest\Desktop\unchecky_setup.exe 2015-03-25 18:17 - 2015-03-25 18:17 - 00986472 _____ (RaMMicHaeL) C:\Users\Newtest\Downloads\unchecky_setup.exe 2015-03-25 18:13 - 2015-03-25 18:13 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\WinRAR 2015-03-25 18:01 - 2015-03-25 18:01 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Avira 2015-03-25 17:57 - 2015-03-25 17:57 - 00000000 __SHD () C:\Users\Newtest\AppData\Local\EmieUserList 2015-03-25 17:57 - 2015-03-25 17:57 - 00000000 __SHD () C:\Users\Newtest\AppData\Local\EmieSiteList 2015-03-25 17:57 - 2015-03-25 17:57 - 00000000 __SHD () C:\Users\Newtest\AppData\Local\EmieBrowserModeList 2015-03-25 17:57 - 2015-03-25 17:57 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Macromedia 2015-03-25 17:56 - 2015-03-25 17:56 - 00068352 _____ () C:\Users\Newtest\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-25 17:56 - 2015-03-25 17:56 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\ATI 2015-03-25 17:56 - 2015-03-25 17:56 - 00000000 ____D () C:\Users\Newtest\AppData\Local\ATI 2015-03-25 17:55 - 2015-03-25 17:55 - 00001425 _____ () C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-25 17:55 - 2015-03-25 17:55 - 00000000 ___RD () C:\Users\Newtest\Virtual Machines 2015-03-25 17:55 - 2015-03-25 17:55 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Adobe 2015-03-25 17:55 - 2015-03-25 17:55 - 00000000 ____D () C:\Users\Newtest\AppData\Local\VirtualStore 2015-03-25 17:55 - 2015-03-25 17:55 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Google 2015-03-25 17:41 - 2015-03-25 19:27 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Origin 2015-03-25 17:41 - 2015-03-25 19:27 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Origin 2015-03-25 17:37 - 2015-03-25 21:31 - 00000000 ____D () C:\Users\Newtest 2015-03-25 17:37 - 2015-03-25 17:37 - 00000020 ___SH () C:\Users\Newtest\ntuser.ini 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Vorlagen 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Startmenü 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Netzwerkumgebung 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Lokale Einstellungen 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Eigene Dateien 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Druckumgebung 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Documents\Eigene Musik 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Documents\Eigene Bilder 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\AppData\Local\Verlauf 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\AppData\Local\Anwendungsdaten 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Anwendungsdaten 2015-03-25 17:37 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-25 17:37 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-25 01:20 - 2015-03-25 01:20 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Avira 2015-03-24 23:49 - 2015-03-24 23:51 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Origin 2015-03-24 23:48 - 2015-03-24 23:51 - 00000000 ____D () C:\Users\Gast\AppData\Local\Origin 2015-03-24 23:14 - 2015-03-24 23:14 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia 2015-03-24 21:24 - 2015-03-24 21:24 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Avira 2015-03-24 21:18 - 2015-03-17 14:01 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-03-24 21:18 - 2015-03-17 14:01 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-03-24 21:18 - 2015-03-17 14:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-03-24 21:06 - 2015-03-25 01:12 - 00000000 ____D () C:\Users\Gast\AppData\Local\Arma 3 2015-03-24 21:06 - 2015-03-24 21:08 - 00000000 ____D () C:\Users\Gast\Documents\Arma 3 2015-03-24 21:05 - 2015-03-24 23:53 - 00000000 ____D () C:\Users\Gast\AppData\Local\CrashDumps 2015-03-24 21:05 - 2015-03-24 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-03-24 21:05 - 2015-03-24 21:18 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-03-24 21:05 - 2015-03-24 21:05 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Gast\Desktop\avira_de_av_5511b50e9be56__ws (1).exe 2015-03-24 21:05 - 2015-03-24 21:05 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk 2015-03-24 21:04 - 2015-03-24 21:05 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Gast\Downloads\avira_de_av_5511b50e9be56__ws (1).exe 2015-03-24 21:04 - 2015-03-24 21:04 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Gast\Downloads\avira_de_av_5511b50e9be56__ws.exe 2015-03-24 21:01 - 2015-03-24 21:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Steam 2015-03-24 20:58 - 2015-03-25 00:06 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Skype 2015-03-24 20:58 - 2015-03-24 20:58 - 00000000 ____D () C:\Users\Gast\AppData\Local\Skype 2015-03-24 20:57 - 2015-03-24 20:56 - 00243648 _____ () C:\Users\Gast\Desktop\Firefox Setup Stub 36.0.4.exe 2015-03-24 20:56 - 2015-03-24 20:56 - 00243648 _____ () C:\Users\Gast\Downloads\Firefox Setup Stub 36.0.4.exe 2015-03-24 20:55 - 2015-03-24 20:55 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-24 20:55 - 2015-03-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-03-24 20:53 - 2015-03-31 16:59 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-24 20:53 - 2015-03-31 16:34 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-24 20:53 - 2015-03-24 20:53 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-03-24 20:53 - 2015-03-24 20:53 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-03-24 20:52 - 2015-03-24 20:52 - 00880208 _____ (Google Inc.) C:\Users\Gast\Desktop\ChromeSetup.exe 2015-03-24 20:46 - 2015-03-24 20:46 - 00000000 ____D () C:\ProgramData\92ad4b3000001026 2015-03-24 20:39 - 2015-03-24 20:39 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla 2015-03-24 20:39 - 2015-03-24 20:39 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla 2015-03-24 20:16 - 2015-03-24 20:16 - 00000298 _____ () C:\Windows\Tasks\Tempo Runner bzdap.job 2015-03-24 20:16 - 2015-03-24 20:16 - 00000296 _____ () C:\Windows\Tasks\Tempo Runner bz64.job 2015-03-24 20:16 - 2015-03-24 20:16 - 00000296 _____ () C:\Windows\Tasks\Tempo Runner bz32.job 2015-03-24 20:05 - 2015-03-24 20:05 - 00000000 ____D () C:\Users\Joel\SupTab 2015-03-24 20:02 - 2015-03-31 17:13 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-24 20:02 - 2015-03-24 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-24 20:02 - 2015-03-24 20:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-24 20:02 - 2015-03-24 20:02 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-24 20:02 - 2015-03-24 20:02 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-24 20:02 - 2015-03-17 07:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-24 20:02 - 2015-03-17 07:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-24 20:02 - 2015-03-17 07:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-24 20:01 - 2015-03-24 20:02 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Joel\Downloads\mbam-setup-2.1.4.1018.exe 2015-03-24 19:31 - 2015-03-24 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream 2015-03-24 19:31 - 2015-03-24 19:31 - 00001032 _____ () C:\Users\Joel\Desktop\Liveistream.lnk 2015-03-24 19:31 - 2015-03-24 19:31 - 00001032 _____ () C:\Users\Gast\Desktop\Liveistream.lnk 2015-03-24 19:31 - 2015-03-24 19:31 - 00000000 ____D () C:\Users\Joel\Documents\Optimizer Pro 2015-03-24 19:31 - 2015-03-24 19:31 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Liveistream 2015-03-24 19:28 - 2015-03-24 20:46 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Opera Software 2015-03-24 19:28 - 2015-03-24 20:46 - 00000000 ____D () C:\Users\Joel\AppData\Local\Opera Software 2015-03-24 19:26 - 2015-03-24 20:47 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-03-23 20:45 - 2015-03-23 20:45 - 00029420 _____ () C:\Users\Joel\Desktop\S36rZFMfHvKARfRdAABy7GAR3GA00.jpeg 2015-03-21 05:59 - 2015-03-24 21:05 - 00000000 ____D () C:\OETemp 2015-03-15 06:00 - 2015-03-15 06:00 - 02195088 _____ (SoftCity ) C:\Users\Joel\Downloads\Nicht bestätigt 253661.crdownload 2015-03-12 03:20 - 2015-03-12 03:52 - 00000540 _____ () C:\Users\Joel\Downloads\Setup (4).website 2015-03-12 03:15 - 2015-03-12 03:15 - 00000538 _____ () C:\Users\Joel\Downloads\Setup (3).website 2015-03-12 03:13 - 2015-03-12 03:14 - 00000535 _____ () C:\Users\Joel\Downloads\Setup (2).website 2015-03-12 01:28 - 2015-03-12 01:28 - 00000534 _____ () C:\Users\Joel\Downloads\Setup (1).website 2015-03-11 20:21 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 20:21 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 20:21 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 20:21 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 20:21 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 20:21 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 20:21 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 20:21 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-11 20:21 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-11 20:21 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-11 20:21 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-11 20:21 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-11 20:21 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-11 20:21 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 20:21 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 20:21 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 20:21 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 20:21 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-11 20:21 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-11 20:21 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-11 20:21 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-11 20:21 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 20:21 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-11 20:21 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-11 20:21 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 20:21 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 20:21 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-11 20:21 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 20:21 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-11 20:21 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 20:21 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 20:21 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 20:21 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 20:21 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 20:21 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-11 20:21 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 20:21 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 20:21 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 20:21 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 20:21 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 20:21 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 20:21 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 20:21 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 20:21 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-11 20:21 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-11 20:21 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 20:21 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 20:21 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 20:21 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 20:21 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-11 20:21 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 20:21 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-03-11 20:21 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-03-11 20:20 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 20:20 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 20:20 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-11 20:20 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 20:20 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-11 20:20 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-11 20:20 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-11 20:20 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-11 20:20 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 20:20 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-11 20:20 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 20:20 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 20:20 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 20:20 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 20:20 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 20:20 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 20:20 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 20:20 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 20:20 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 20:20 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 20:20 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 20:20 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 20:20 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 20:20 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 20:20 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 20:20 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-11 20:20 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 20:20 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 20:20 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-11 20:20 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 20:20 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-11 20:20 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-11 20:20 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-11 20:20 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 20:20 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-11 20:20 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-11 20:20 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-11 20:20 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-11 20:20 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-11 20:20 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 20:20 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 20:20 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 20:20 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 20:20 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 20:20 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 20:20 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-11 20:20 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-11 20:20 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-11 20:20 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 20:20 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-11 20:20 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-11 20:20 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-11 20:20 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 20:20 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 20:20 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-11 20:20 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-11 20:20 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-11 20:20 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 20:20 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 20:20 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 20:20 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-11 20:18 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 20:18 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-11 01:08 - 2015-03-11 01:08 - 00000536 _____ () C:\Users\Joel\Downloads\Setup .website 2015-03-10 20:17 - 2015-03-10 20:17 - 00239953 _____ () C:\Users\Joel\Desktop\ts3_clientui-win64-1407159763-2015-03-10 19_17_25.206536.dmp 2015-03-08 16:46 - 2015-03-22 22:46 - 00072967 _____ () C:\Windows\system32\ScanResults.xml 2015-03-08 16:38 - 2015-03-22 22:39 - 00000464 _____ () C:\Windows\system32\ScannerSettings 2015-03-08 05:40 - 2015-03-08 05:40 - 00889080 _____ () C:\Users\Joel\Downloads\installer_google_chrome_German.exe 2015-03-07 23:41 - 2015-03-07 23:41 - 00000000 ____D () C:\Users\Joel\AppData\Local\Ubisoft ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-31 17:01 - 2014-02-06 21:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-31 16:39 - 2009-07-14 06:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-31 16:39 - 2009-07-14 06:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-31 16:37 - 2013-03-23 19:17 - 01064272 _____ () C:\Windows\WindowsUpdate.log 2015-03-31 16:35 - 2013-03-20 11:32 - 00701940 _____ () C:\Windows\system32\perfh007.dat 2015-03-31 16:35 - 2013-03-20 11:32 - 00150452 _____ () C:\Windows\system32\perfc007.dat 2015-03-31 16:35 - 2009-07-14 07:13 - 01629178 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-31 16:34 - 2014-01-20 21:42 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-03-31 16:32 - 2013-07-06 19:31 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Skype 2015-03-31 16:31 - 2013-12-05 22:22 - 00000000 ____D () C:\ProgramData\VMware 2015-03-31 16:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-31 16:30 - 2009-07-14 06:51 - 00112280 _____ () C:\Windows\setupact.log 2015-03-28 16:55 - 2014-03-01 02:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-03-28 15:47 - 2014-01-20 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-03-26 20:26 - 2014-11-16 14:57 - 00000975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-03-26 20:26 - 2014-11-16 14:57 - 00000963 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-03-26 19:47 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-03-26 19:46 - 2014-12-13 04:17 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-26 19:46 - 2014-05-01 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-26 00:03 - 2013-07-07 20:43 - 00000000 ____D () C:\ProgramData\Origin 2015-03-25 21:31 - 2014-10-14 04:49 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-03-25 21:30 - 2012-05-21 14:10 - 00000000 ____D () C:\ProgramData\Skype 2015-03-25 17:41 - 2014-01-20 22:16 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-03-25 01:17 - 2013-07-11 21:24 - 00000000 ____D () C:\Users\Joel\AppData\Local\Arma 3 2015-03-25 01:15 - 2013-11-23 17:37 - 00000000 ____D () C:\Users\Joel\AppData\Local\Google 2015-03-25 00:06 - 2010-11-21 05:47 - 00385360 _____ () C:\Windows\PFRO.log 2015-03-25 00:01 - 2014-01-20 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-03-24 23:53 - 2014-08-08 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Red Alert 2 2015-03-24 23:53 - 2014-08-07 00:04 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TS3Client 2015-03-24 21:18 - 2013-07-07 20:33 - 00000000 ____D () C:\ProgramData\Avira 2015-03-24 21:05 - 2013-09-07 00:13 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-24 20:55 - 2013-11-23 17:37 - 00000000 ____D () C:\Program Files (x86)\Google 2015-03-24 20:49 - 2013-07-02 10:42 - 00000000 ____D () C:\Users\Joel 2015-03-24 20:49 - 2012-05-21 14:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-24 20:38 - 2014-08-07 00:03 - 00000000 ___RD () C:\Users\Gast\Virtual Machines 2015-03-24 20:37 - 2014-08-10 23:16 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2015-03-24 20:37 - 2014-04-05 19:04 - 00000000 ____D () C:\Users\Joel\AppData\Local\LogMeIn Hamachi 2015-03-24 20:37 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV 2015-03-24 20:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-03-24 20:17 - 2012-05-21 14:22 - 00000000 ____D () C:\Windows\it 2015-03-24 20:12 - 2015-01-18 15:19 - 00000000 ____D () C:\Users\Joel\Desktop\Neuer Ordner 2015-03-24 20:05 - 2014-05-31 01:17 - 00000000 ____D () C:\Users\Joel\AppData\Local\CrashDumps 2015-03-24 19:28 - 2014-08-10 23:16 - 00001315 _____ () C:\Users\Public\Desktop\WarThunder.lnk 2015-03-24 19:28 - 2013-07-02 10:43 - 00001647 _____ () C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-24 19:27 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini 2015-03-24 02:57 - 2013-07-27 23:53 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\TS3Client 2015-03-23 20:35 - 2015-01-27 23:25 - 00000000 ____D () C:\Users\Joel\Desktop\Meine 2015-03-17 14:58 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-03-15 07:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-03-14 13:48 - 2015-02-20 00:24 - 00000000 ____D () C:\Windows\pss 2015-03-13 14:05 - 2013-07-02 10:43 - 00000000 ___RD () C:\Users\Joel\Virtual Machines 2015-03-13 14:02 - 2009-07-14 06:45 - 00281240 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 04:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 04:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-12 03:53 - 2015-02-15 02:30 - 00000000 ____D () C:\Users\Joel\AppData\Local\Deployment 2015-03-07 23:44 - 2015-02-15 02:32 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-03-02 01:18 - 2015-02-24 00:23 - 00000165 _____ () C:\Windows\Reimage.ini ==================== Files in the root of some directories ======= 2014-10-02 20:52 - 2014-10-02 20:52 - 0212992 _____ (Martin Pfeiffer) C:\Program Files (x86)\MetroSuite.dll 2014-10-02 20:52 - 2014-10-02 20:52 - 1058816 _____ () C:\Program Files (x86)\[IBG] Gamelauncher.exe 2014-01-21 18:07 - 2014-01-21 18:07 - 0000040 _____ () C:\ProgramData\ra3.ini Some content of TEMP: ==================== C:\Users\Gast\AppData\Local\Temp\avgnt.exe C:\Users\Gast\AppData\Local\Temp\SkypeSetup.exe C:\Users\Joel\AppData\Local\Temp\13-4_win7_win8_64_dd_ccc_whql.exe C:\Users\Joel\AppData\Local\Temp\avgnt.exe C:\Users\Joel\AppData\Local\Temp\bdfilters.dll C:\Users\Joel\AppData\Local\Temp\drm_dyndata_7370014.dll C:\Users\Joel\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Joel\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Joel\AppData\Local\Temp\i4jdel0.exe C:\Users\Joel\AppData\Local\Temp\install_flashplayer14x32au_mssd_aaa_aih.exe C:\Users\Joel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Joel\AppData\Local\Temp\ReimagePackage.exe C:\Users\Joel\AppData\Local\Temp\ReiSysUpdate.exe C:\Users\Joel\AppData\Local\Temp\SkypeSetup.exe C:\Users\Joel\AppData\Local\Temp\sonarinst.exe C:\Users\Joel\AppData\Local\Temp\sqlite-3.7.8-sqlitejdbc.dll C:\Users\Joel\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Joel\AppData\Local\Temp\System.Data.SQLite157bae8c-2fbe-496c-9e04-0f1db314fca1.dll C:\Users\Joel\AppData\Local\Temp\xmlUpdater.exe C:\Users\Joel\AppData\Local\Temp\Zzoomit_uninstall.exe C:\Users\Newtest\AppData\Local\Temp\avgnt.exe C:\Users\Newtest\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-25 04:48 ==================== End Of Log ============================ |
|
01.04.2015, 05:20
| #6 |
| /// the machine /// TB-Ausbilder | Hoch schädliche Malware infiziert PC Fehlt noch die Addition.txt 
__________________ --> Hoch schädliche Malware infiziert PC |
|
01.04.2015, 14:32
| #7 |
| | Hoch schädliche Malware infiziert PC Ups sorry, ----------------------------------------- Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Newtest (administrator) on DOMINIC on 01-04-2015 15:26:25 Running from C:\Users\Newtest\Downloads Loaded Profiles: Newtest (Available profiles: Joel & Newtest & Gast) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (All) ========================= (Microsoft Corporation) C:\Windows\System32\smss.exe (Microsoft Corporation) C:\Windows\System32\csrss.exe (Microsoft Corporation) C:\Windows\System32\wininit.exe (Microsoft Corporation) C:\Windows\System32\csrss.exe (Microsoft Corporation) C:\Windows\System32\services.exe (Microsoft Corporation) C:\Windows\System32\lsass.exe (Microsoft Corporation) C:\Windows\System32\lsm.exe (Microsoft Corporation) C:\Windows\System32\winlogon.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\spoolsv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe () C:\Windows\SysWOW64\ASGT.exe () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe () C:\OEM\USBDECTION\USBS3S4Detection.exe (VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\dwm.exe (Microsoft Corporation) C:\Windows\System32\taskhost.exe (Microsoft Corporation) C:\Windows\explorer.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\sppsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\servicing\TrustedInstaller.exe () C:\Users\Newtest\Downloads\Firefox Setup Stub 37.0.exe (Mozilla Corporation) C:\Users\Newtest\AppData\Local\Temp\7zSC9E3.tmp\setup-stub.exe (Mozilla Corporation) C:\Users\Newtest\AppData\Local\Temp\7zSC9E3.tmp\setup-stub.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe (Farbar) C:\Users\Newtest\Downloads\FRST64.exe ==================== Registry (All) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [170264 2011-12-21] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [398104 2011-12-21] (Intel Corporation) HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [440600 2011-12-21] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-05] (Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-03-06] (Intel Corporation) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-17] (Avira Operations GmbH & Co. KG) HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe, [30720 2010-11-21] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation) HKLM\...\Winlogon: [Shell] explorer.exe [2871808 2011-07-14] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-07-14] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-1455717823-835188907-681337027-1006\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-06-11] (AMD) Lsa: [Authentication Packages] msv1_0 Lsa: [Notification Packages] scecli SecurityProviders: credssp.dll SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Offline Files] -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll () ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation) BootExecute: autocheck autochk * AlternateShell: cmd.exe ==================== Internet (All) =========================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm HKU\S-1-5-21-1455717823-835188907-681337027-1006\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm HKU\S-1-5-21-1455717823-835188907-681337027-1006\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-1455717823-835188907-681337027-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKU\S-1-5-21-1455717823-835188907-681337027-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp URLSearchHook: HKU\S-1-5-21-1455717823-835188907-681337027-1006 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-1455717823-835188907-681337027-1006 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {953ADCAD-8681-466E-80F6-A062B8C2519F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MAARJS SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {953ADCAD-8681-466E-80F6-A062B8C2519F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MAARJS SearchScopes: HKU\S-1-5-21-1455717823-835188907-681337027-1006 -> DefaultScope {953ADCAD-8681-466E-80F6-A062B8C2519F} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-1455717823-835188907-681337027-1006 -> {953ADCAD-8681-466E-80F6-A062B8C2519F} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-02-19] (DVDVideoSoft Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-02-19] (DVDVideoSoft Ltd.) Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2010-11-21] (Microsoft Corporation) Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-21] (Microsoft Corporation) Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-14] (Microsoft Corporation) Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-14] (Microsoft Corporation) Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2011-05-14] (Microsoft Corporation) Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll [2011-07-14] (Microsoft Corporation) Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2011-07-14] (Microsoft Corporation) Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-02-20] (Microsoft Corporation) Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-14] (Microsoft Corporation) Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-14] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2011-05-14] (Microsoft Corporation) Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2010-11-21] (Microsoft Corporation) Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-21] (Microsoft Corporation) Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-02-21] (Microsoft Corporation) Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll [2011-05-14] (Microsoft Corporation) Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [2011-05-14] (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 11 C:\Windows\SysWOW64\vsocklib.dll [63128] (VMware, Inc.) Winsock: Catalog9 12 C:\Windows\SysWOW64\vsocklib.dll [63128] (VMware, Inc.) Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [70656] (Microsoft Corporation) Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [68096] (Microsoft Corporation) Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016] (Microsoft Corporation) Winsock: Catalog5-x64 04 C:\Windows\system32\pnrpnsp.dll [86016] (Microsoft Corporation) Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.) Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 11 C:\Windows\system32\vsocklib.dll [67224] (VMware, Inc.) Winsock: Catalog9-x64 12 C:\Windows\system32\vsocklib.dll [67224] (VMware, Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-24] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR Profile: C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25] CHR Extension: (Google Docs) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25] CHR Extension: (Google Drive) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25] CHR Extension: (YouTube) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25] CHR Extension: (Google Search) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25] CHR Extension: (Google Sheets) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25] CHR Extension: (Avira Browser Safety) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-25] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25] CHR Extension: (Google Wallet) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25] CHR Extension: (µMatrix) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2015-03-25] CHR Extension: (Gmail) - C:\Users\Newtest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" ==================== Services (All) ======================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2014-12-19] (Adobe Systems Incorporated) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2015-02-05] (Adobe Systems Incorporated) R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [241152 2013-03-29] (AMD) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-17] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-17] (Avira Operations GmbH & Co. KG) S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2015-02-03] (Microsoft Corporation) R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation) S3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-14] (Microsoft Corporation) S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation) R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] S4 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [50864 2014-04-11] (Microsoft Corporation) R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] () R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680960 2015-02-03] (Microsoft Corporation) R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680960 2015-02-03] (Microsoft Corporation) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG) S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-21] (Microsoft Corporation) S4 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-08-15] () R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-21] (Microsoft Corporation) R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-21] (Microsoft Corporation) S4 Browser; C:\Windows\System32\browser.dll [136704 2012-07-05] (Microsoft Corporation) S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation) S3 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-21] (Microsoft Corporation) S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-12] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] (Microsoft Corporation) S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [274200 2011-12-21] (Intel Corporation) R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [187904 2015-02-03] (Microsoft Corporation) R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2015-02-03] (Microsoft Corporation) R2 CscService; C:\Windows\System32\cscsvc.dll [692224 2010-11-21] (Microsoft Corporation) R2 cvhsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [822504 2013-04-22] (Microsoft Corporation) R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation) S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-21] (Microsoft Corporation) R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-21] (Microsoft Corporation) R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-07-14] (Microsoft Corporation) S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-21] (Microsoft Corporation) R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-21] (Microsoft Corporation) S3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) S3 EFS; C:\Windows\System32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-21] (Microsoft Corporation) S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [30080 2011-06-14] () R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-21] (Microsoft Corporation) R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-21] (Microsoft Corporation) S3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-07-02] (Microsoft Corporation) S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation) R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-21] (Microsoft Corporation) R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated) S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-24] (Google Inc.) S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-24] (Google Inc.) S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2490216 2015-02-17] (LogMeIn Inc.) R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-21] (Microsoft Corporation) S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-21] (Microsoft Corporation) S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-21] (Microsoft Corporation) S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-21] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592 2011-11-29] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-07-01] (Microsoft Corporation) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-02-20] (Microsoft Corporation) S3 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [628448 2012-02-02] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-06] () S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation) S3 KeyIso; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-21] (Microsoft Corporation) R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-21] (Microsoft Corporation) R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated) S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.) R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784 2012-03-06] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-21] (Microsoft Corporation) R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-21] (Microsoft Corporation) S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-21] (Microsoft Corporation) S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation) S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-21] (Microsoft Corporation) R2 NAUpdate; C:\Program Files (x86)\Nero\Update\NASvc.exe [690472 2011-07-22] (Nero AG) S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation) S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation) R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation) S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303616 2014-12-06] (Microsoft Corporation) R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-25] (Electronic Arts) S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation) S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation) S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) R2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2015-02-03] (Microsoft Corporation) S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation) S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-21] (Microsoft Corporation) S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-21] (Microsoft Corporation) R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-09-21] (Microsoft Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-01-01] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-01-01] () S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-21] (Microsoft Corporation) R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2899968 2013-08-22] (Microsoft Corporation) [File not signed] R2 ProfSvc; C:\Windows\system32\profsvc.dll [210432 2014-12-19] (Microsoft Corporation) S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-21] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation) R2 SamSs; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-21] (Microsoft Corporation) S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation) S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-21] (Microsoft Corporation) S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-21] (Microsoft Corporation) R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-21] (Microsoft Corporation) S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-21] (Microsoft Corporation) R2 sftlist; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944 2013-06-26] (Microsoft Corporation) R3 sftvsa; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528 2013-06-26] (Microsoft Corporation) S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-21] (Microsoft Corporation) R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-21] (Microsoft Corporation) S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [315488 2015-01-02] (Skype Technologies) S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation) R2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-21] (Microsoft Corporation) S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [836288 2015-03-30] (Valve Corporation) R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-21] (Microsoft Corporation) S3 StorSvc; C:\Windows\system32\storsvc.dll [17920 2009-07-14] (Microsoft Corporation) S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-21] (Microsoft Corporation) S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-21] (Microsoft Corporation) S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-21] (Microsoft Corporation) S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-21] (Microsoft Corporation) S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5447952 2015-03-25] (TeamViewer GmbH) S3 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-14] (Microsoft Corporation) R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) R3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-21] (Microsoft Corporation) S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) S3 UmRdpService; C:\Windows\System32\umrdp.dll [214528 2010-11-21] (Microsoft Corporation) R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [161744 2015-03-25] (RaMMicHaeL) R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800 2012-03-06] (Intel Corporation) R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] () R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-21] (Microsoft Corporation) R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79360 2013-03-01] (VMware, Inc.) [File not signed] R2 VMnetDHCP; C:\Windows\SysWOW64\vmnetdhcp.exe [354896 2013-03-01] (VMware, Inc.) R2 VMUSBArbService; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [846448 2011-08-29] (VMware, Inc.) R2 VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [434256 2013-03-01] (VMware, Inc.) S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-21] (Microsoft Corporation) S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-21] (Microsoft Corporation) S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-21] (Microsoft Corporation) S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-21] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) R3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2015-01-09] (Microsoft Corporation) R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-09] (Microsoft Corporation) R3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2015-01-09] (Microsoft Corporation) R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-09] (Microsoft Corporation) S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation) S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) R3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-21] (Microsoft Corporation) R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-21] (Microsoft Corporation) R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) S3 WinRM; C:\Windows\system32\WsmSvc.dll [2020352 2014-10-03] (Microsoft Corporation) S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1177088 2014-10-03] (Microsoft Corporation) S3 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) S4 wlcrasvc; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-23] (Microsoft Corporation) S3 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corp.) S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) S2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation) S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-21] (Microsoft Corporation) R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-09-21] (Microsoft Corporation) R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-09-21] (Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng.dll [2477536 2014-05-14] (Microsoft Corporation) S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation) S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} ==================== Drivers (All) ========================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-21] (Microsoft Corporation) R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation) S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation) S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.) S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.) S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.) S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [507392 2009-06-03] (ITETech ) R3 Afc; C:\Windows\SysWow64\drivers\Afc.sys [22784 2006-09-18] (Arcsoft, Inc.) R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation) S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation) S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.) S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation) S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11658752 2013-03-29] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581120 2013-03-29] (Advanced Micro Devices, Inc.) S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-07-14] (Advanced Micro Devices) S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-07-14] (Advanced Micro Devices) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.) S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.) S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2015-02-03] (Microsoft Corporation) S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Adaptec, Inc.) S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.) S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) S3 atapi; C:\Windows\system32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation) R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96768 2013-02-14] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation) R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) R1 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-07-14] (Microsoft Corporation) S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation) S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation) R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation) S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.) R0 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation) S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation) R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation) S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation) R1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] (Microsoft Corporation) R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] (Microsoft Corporation) R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation) S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] (Microsoft Corporation) S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-16] (Disc Soft Ltd) R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [985536 2014-06-16] (Microsoft Corporation) R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c62x64.sys [482128 2012-08-10] (Intel Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Emulex) S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation) R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2014-08-05] (Eugene V. Muzychenko) S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] () [File not signed] S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] (Microsoft Corporation) R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation) S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation) S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation) U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation) R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation) S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.) R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [39024 2011-08-29] (VMware, Inc.) S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] (Microsoft Corporation) R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] (Microsoft Corporation) S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation) R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] (Microsoft Corporation) S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] (Hewlett-Packard Company) R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] (Microsoft Corporation) R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation) S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) R0 iaStor; C:\Windows\System32\drivers\iaStor.sys [568600 2011-11-29] (Intel Corporation) S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-07-14] (Intel Corporation) S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14646560 2011-12-15] (Intel Corporation) S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH) R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [4716904 2011-12-06] (Realtek Semiconductor Corp.) S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel(R) Corporation) S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation) R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.) S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation) S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] (Microsoft Corporation) S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation) S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-04] (Microsoft Corporation) R0 iusb3hcs; C:\Windows\System32\drivers\iusb3hcs.sys [19224 2012-03-26] (Intel Corporation) R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [356632 2012-03-26] (Intel Corporation) R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [789272 2012-03-26] (Intel Corporation) R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation) R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-21] (Microsoft Corporation) R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-03-06] (Microsoft Corporation) R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155576 2015-03-06] (Microsoft Corporation) R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] (LSI Corporation) S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] (LSI Corporation) S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation) S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation) R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation) S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] (LSI Corporation) S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.) R3 MEIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [62784 2012-07-17] (Intel Corporation) S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] (Microsoft Corporation) R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-02-03] (Microsoft Corporation) S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] (Microsoft Corporation) R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [141312 2014-12-19] (Microsoft Corporation) |
|
01.04.2015, 14:35
| #8 |
| | Hoch schädliche Malware infiziert PCCode:
ATTFilter R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-07-14] (Microsoft Corporation) R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-09-21] (Microsoft Corporation) R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-07-14] (Microsoft Corporation) S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation) S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] (Microsoft Corporation) R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation) S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] (Microsoft Corporation) R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation) S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation) S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation) S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation) R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] (Microsoft Corporation) R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation) R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation) S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (IBM Corporation) R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-24] (Microsoft Corporation) R3 NTIDrvr; C:\Windows\system32\drivers\NTIDrvr.sys [18432 2009-05-05] (NewTech Infosystems, Inc.) R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-07-14] (NVIDIA Corporation) S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-07-14] (NVIDIA Corporation) S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation) S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) R3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] (Microsoft Corporation) R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation) R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation) S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation) S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation) R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation) R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2015-02-03] (Microsoft Corporation) R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] (Microsoft Corporation) S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] (Microsoft Corporation) R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] (Microsoft Corporation) S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (QLogic Corporation) S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (QLogic Corporation) S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] (Microsoft Corporation) R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] (Microsoft Corporation) R3 rdpbus; C:\Windows\system32\drivers\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] (Microsoft Corporation) R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation) S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-17] (Microsoft Corporation) R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation) R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [238096 2012-05-21] (REALTEK SEMICONDUCTOR Corp.) S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [238096 2012-05-21] (REALTEK SEMICONDUCTOR Corp.) S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [39016 2011-12-29] (REALTEK SEMICONDUCTOR Corp.) S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39016 2011-12-29] (REALTEK SEMICONDUCTOR Corp.) S3 RTL2832U_IRHID; C:\Windows\System32\DRIVERS\RTL2832U_IRHID.sys [42912 2009-07-13] (Realtek) S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [48488 2011-06-13] (Realtek) S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] (Microsoft Corporation) R3 SaiK1107; C:\Windows\System32\DRIVERS\SaiK1107.sys [180584 2012-12-05] (Saitek) S3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [47168 2012-09-20] (Saitek) S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] (Microsoft Corporation) S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation) R3 ScreamBAudioSvc; C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992 2012-07-31] (Screaming Bee LLC) R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation) S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfslh.sys [767144 2013-06-26] (Microsoft Corporation) R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaylh.sys [273576 2013-06-26] (Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirlh.sys [28840 2013-06-26] (Microsoft Corporation) R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvollh.sys [23208 2013-06-26] (Microsoft Corporation) S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.) S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems) S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation) R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-07-14] (Microsoft Corporation) R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-07-14] (Microsoft Corporation) R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-07-14] (Microsoft Corporation) S3 ssadbus; C:\Windows\System32\DRIVERS\ssadbus.sys [157672 2011-05-13] (MCCI Corporation) S3 ssadmdfl; C:\Windows\System32\DRIVERS\ssadmdfl.sys [16872 2011-05-13] (MCCI Corporation) S3 ssadmdm; C:\Windows\System32\DRIVERS\ssadmdm.sys [177640 2011-05-13] (MCCI Corporation) S3 ssadserd; C:\Windows\System32\DRIVERS\ssadserd.sys [146920 2011-05-13] (MCCI Corporation) S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] (Promise Technology) R0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] (Microsoft Corporation) S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-21] (Microsoft Corporation) R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] (Microsoft Corporation) R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation) S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation) R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-04-06] (Microsoft Corporation) R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2014-11-11] (Microsoft Corporation) R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-21] (Microsoft Corporation) R3 TPM; C:\Windows\System32\drivers\tpm.sys [38400 2009-07-14] (Microsoft Corporation) S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-17] (Microsoft Corporation) S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [57856 2012-08-23] (Microsoft Corporation) S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation) S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation) S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] (Microsoft Corporation) R3 UBHelper; C:\Windows\system32\drivers\UBHelper.sys [16896 2009-05-05] (NewTech Infosystems Corporation) S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] (Microsoft Corporation) S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation) R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] (Microsoft Corporation) S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-14] (Microsoft Corporation) R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation) S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] (Microsoft Corporation) R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation) S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation) S3 usbprint; C:\Windows\system32\drivers\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-07-14] (Microsoft Corporation) S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation) R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation) S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] (Microsoft Corporation) S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.) S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [199552 2010-11-21] (Microsoft Corporation) S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] (Microsoft Corporation) R0 vmci; C:\Windows\System32\DRIVERS\vmci.sys [116376 2012-09-14] (VMware, Inc.) R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [33360 2013-03-01] (VMware, Inc.) R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [20080 2013-03-01] (VMware, Inc.) R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [45680 2013-03-01] (VMware, Inc.) R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [30800 2013-03-01] (VMware, Inc.) R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-03-01] (VMware, Inc.) R2 vmx86; C:\Windows\system32\drivers\vmx86.sys [63568 2013-03-01] (VMware, Inc.) R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation) R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation) R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation) R3 vpcbus; C:\Windows\system32\drivers\vpchbus.sys [187904 2009-09-23] (Microsoft Corporation) R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [66304 2009-09-23] (Microsoft Corporation) R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2009-09-23] (Microsoft Corporation) R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [360712 2009-12-31] (Microsoft Corporation) S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd) S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation) R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation) S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation) R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation) R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation) S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation) U3 Winsock; No ImagePath S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] (Microsoft Corporation) R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [26440 2010-04-27] (Logitech Inc.) S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [43976 2010-04-27] (Logitech Inc.) R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [16200 2010-04-27] (Logitech Inc.) R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [77512 2010-04-27] (Logitech Inc.) R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) S3 cpuz134; \??\C:\Users\Joel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] S3 GPUZ; \??\C:\Users\Joel\AppData\Local\Temp\GPUZ.sys [X] S3 pmem; \??\C:\Users\Joel\AppData\Local\Temp\_MEI20842\drivers\winpmem64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-01 15:27 - 2015-04-01 15:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-04-01 15:22 - 2015-04-01 15:22 - 00243576 _____ () C:\Users\Newtest\Downloads\Firefox Setup Stub 37.0.exe 2015-03-31 18:23 - 2015-03-31 18:39 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Command and Conquer 3 Kanes Wrath 2015-03-31 16:35 - 2015-03-31 16:35 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\SoftGrid Client 2015-03-31 16:35 - 2015-03-31 16:35 - 00000000 ____D () C:\Users\Newtest\AppData\Local\SoftGrid Client 2015-03-30 17:51 - 2015-03-30 17:51 - 00043502 _____ () C:\Users\Newtest\Downloads\Addition.txt 2015-03-30 17:48 - 2015-04-01 15:27 - 00082658 _____ () C:\Users\Newtest\Downloads\FRST.txt 2015-03-30 17:48 - 2015-04-01 15:26 - 00000000 ____D () C:\FRST 2015-03-30 17:47 - 2015-03-30 17:48 - 02095616 _____ (Farbar) C:\Users\Newtest\Downloads\FRST64.exe 2015-03-28 16:22 - 2015-03-30 15:38 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\TS3Client 2015-03-28 16:21 - 2015-03-28 16:25 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Arma 3 Launcher 2015-03-28 16:21 - 2015-03-28 16:21 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Bohemia_Interactive 2015-03-26 00:11 - 2015-03-31 23:21 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Arma 3 2015-03-26 00:11 - 2015-03-26 00:48 - 00000000 ____D () C:\Users\Newtest\Documents\Arma 3 2015-03-26 00:09 - 2015-03-26 00:09 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Steam 2015-03-25 21:31 - 2015-03-25 21:31 - 00000000 ____D () C:\Users\Newtest\Tracing 2015-03-25 21:06 - 2015-03-30 01:57 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Skype 2015-03-25 21:06 - 2015-03-25 21:06 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Skype 2015-03-25 19:50 - 2015-03-25 19:50 - 00001215 _____ () C:\Users\Newtest\Desktop\malbytes.txt 2015-03-25 18:18 - 2015-03-25 18:18 - 00001023 _____ () C:\Users\Public\Desktop\Unchecky.lnk 2015-03-25 18:18 - 2015-03-25 18:18 - 00000000 ____D () C:\ProgramData\Unchecky 2015-03-25 18:18 - 2015-03-25 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky 2015-03-25 18:18 - 2015-03-25 18:18 - 00000000 ____D () C:\Program Files (x86)\Unchecky 2015-03-25 18:18 - 2015-03-25 18:17 - 00986472 _____ (RaMMicHaeL) C:\Users\Newtest\Desktop\unchecky_setup.exe 2015-03-25 18:17 - 2015-03-25 18:17 - 00986472 _____ (RaMMicHaeL) C:\Users\Newtest\Downloads\unchecky_setup.exe 2015-03-25 18:13 - 2015-03-25 18:13 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\WinRAR 2015-03-25 18:01 - 2015-03-25 18:01 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Avira 2015-03-25 17:57 - 2015-03-25 17:57 - 00000000 __SHD () C:\Users\Newtest\AppData\Local\EmieUserList 2015-03-25 17:57 - 2015-03-25 17:57 - 00000000 __SHD () C:\Users\Newtest\AppData\Local\EmieSiteList 2015-03-25 17:57 - 2015-03-25 17:57 - 00000000 __SHD () C:\Users\Newtest\AppData\Local\EmieBrowserModeList 2015-03-25 17:57 - 2015-03-25 17:57 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Macromedia 2015-03-25 17:56 - 2015-03-25 17:56 - 00068352 _____ () C:\Users\Newtest\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-25 17:56 - 2015-03-25 17:56 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\ATI 2015-03-25 17:56 - 2015-03-25 17:56 - 00000000 ____D () C:\Users\Newtest\AppData\Local\ATI 2015-03-25 17:55 - 2015-03-25 17:55 - 00001425 _____ () C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-25 17:55 - 2015-03-25 17:55 - 00000000 ___RD () C:\Users\Newtest\Virtual Machines 2015-03-25 17:55 - 2015-03-25 17:55 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Adobe 2015-03-25 17:55 - 2015-03-25 17:55 - 00000000 ____D () C:\Users\Newtest\AppData\Local\VirtualStore 2015-03-25 17:55 - 2015-03-25 17:55 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Google 2015-03-25 17:41 - 2015-03-25 19:27 - 00000000 ____D () C:\Users\Newtest\AppData\Roaming\Origin 2015-03-25 17:41 - 2015-03-25 19:27 - 00000000 ____D () C:\Users\Newtest\AppData\Local\Origin 2015-03-25 17:37 - 2015-03-25 21:31 - 00000000 ____D () C:\Users\Newtest 2015-03-25 17:37 - 2015-03-25 17:37 - 00000020 ___SH () C:\Users\Newtest\ntuser.ini 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Vorlagen 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Startmenü 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Netzwerkumgebung 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Lokale Einstellungen 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Eigene Dateien 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Druckumgebung 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Documents\Eigene Musik 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Documents\Eigene Bilder 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\AppData\Local\Verlauf 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\AppData\Local\Anwendungsdaten 2015-03-25 17:37 - 2015-03-25 17:37 - 00000000 _SHDL () C:\Users\Newtest\Anwendungsdaten 2015-03-25 17:37 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-25 17:37 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-25 01:20 - 2015-03-25 01:20 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Avira 2015-03-24 23:49 - 2015-03-24 23:51 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Origin 2015-03-24 23:48 - 2015-03-24 23:51 - 00000000 ____D () C:\Users\Gast\AppData\Local\Origin 2015-03-24 23:14 - 2015-03-24 23:14 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia 2015-03-24 21:24 - 2015-03-24 21:24 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Avira 2015-03-24 21:18 - 2015-03-17 14:01 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-03-24 21:18 - 2015-03-17 14:01 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-03-24 21:18 - 2015-03-17 14:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-03-24 21:06 - 2015-03-25 01:12 - 00000000 ____D () C:\Users\Gast\AppData\Local\Arma 3 2015-03-24 21:06 - 2015-03-24 21:08 - 00000000 ____D () C:\Users\Gast\Documents\Arma 3 2015-03-24 21:05 - 2015-03-24 23:53 - 00000000 ____D () C:\Users\Gast\AppData\Local\CrashDumps 2015-03-24 21:05 - 2015-03-24 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-03-24 21:05 - 2015-03-24 21:18 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-03-24 21:05 - 2015-03-24 21:05 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Gast\Desktop\avira_de_av_5511b50e9be56__ws (1).exe 2015-03-24 21:05 - 2015-03-24 21:05 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk 2015-03-24 21:04 - 2015-03-24 21:05 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Gast\Downloads\avira_de_av_5511b50e9be56__ws (1).exe 2015-03-24 21:04 - 2015-03-24 21:04 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Gast\Downloads\avira_de_av_5511b50e9be56__ws.exe 2015-03-24 21:01 - 2015-03-24 21:01 - 00000000 ____D () C:\Users\Gast\AppData\Local\Steam 2015-03-24 20:58 - 2015-03-25 00:06 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Skype 2015-03-24 20:58 - 2015-03-24 20:58 - 00000000 ____D () C:\Users\Gast\AppData\Local\Skype 2015-03-24 20:57 - 2015-03-24 20:56 - 00243648 _____ () C:\Users\Gast\Desktop\Firefox Setup Stub 36.0.4.exe 2015-03-24 20:56 - 2015-03-24 20:56 - 00243648 _____ () C:\Users\Gast\Downloads\Firefox Setup Stub 36.0.4.exe 2015-03-24 20:55 - 2015-03-24 20:55 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-24 20:55 - 2015-03-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-03-24 20:53 - 2015-04-01 15:21 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-24 20:53 - 2015-04-01 10:58 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-24 20:53 - 2015-03-24 20:53 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-03-24 20:53 - 2015-03-24 20:53 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-03-24 20:52 - 2015-03-24 20:52 - 00880208 _____ (Google Inc.) C:\Users\Gast\Desktop\ChromeSetup.exe 2015-03-24 20:46 - 2015-03-24 20:46 - 00000000 ____D () C:\ProgramData\92ad4b3000001026 2015-03-24 20:39 - 2015-03-24 20:39 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla 2015-03-24 20:39 - 2015-03-24 20:39 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla 2015-03-24 20:16 - 2015-03-24 20:16 - 00000298 _____ () C:\Windows\Tasks\Tempo Runner bzdap.job 2015-03-24 20:16 - 2015-03-24 20:16 - 00000296 _____ () C:\Windows\Tasks\Tempo Runner bz64.job 2015-03-24 20:16 - 2015-03-24 20:16 - 00000296 _____ () C:\Windows\Tasks\Tempo Runner bz32.job 2015-03-24 20:05 - 2015-03-24 20:05 - 00000000 ____D () C:\Users\Joel\SupTab 2015-03-24 20:02 - 2015-04-01 15:21 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-24 20:02 - 2015-03-24 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-24 20:02 - 2015-03-24 20:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-24 20:02 - 2015-03-24 20:02 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-24 20:02 - 2015-03-24 20:02 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-24 20:02 - 2015-03-17 07:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-24 20:02 - 2015-03-17 07:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-24 20:02 - 2015-03-17 07:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-24 20:01 - 2015-03-24 20:02 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Joel\Downloads\mbam-setup-2.1.4.1018.exe 2015-03-24 19:31 - 2015-03-24 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream 2015-03-24 19:31 - 2015-03-24 19:31 - 00001032 _____ () C:\Users\Joel\Desktop\Liveistream.lnk 2015-03-24 19:31 - 2015-03-24 19:31 - 00001032 _____ () C:\Users\Gast\Desktop\Liveistream.lnk 2015-03-24 19:31 - 2015-03-24 19:31 - 00000000 ____D () C:\Users\Joel\Documents\Optimizer Pro 2015-03-24 19:31 - 2015-03-24 19:31 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Liveistream 2015-03-24 19:28 - 2015-03-24 20:46 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Opera Software 2015-03-24 19:28 - 2015-03-24 20:46 - 00000000 ____D () C:\Users\Joel\AppData\Local\Opera Software 2015-03-24 19:26 - 2015-03-24 20:47 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-03-23 20:45 - 2015-03-23 20:45 - 00029420 _____ () C:\Users\Joel\Desktop\S36rZFMfHvKARfRdAABy7GAR3GA00.jpeg 2015-03-21 05:59 - 2015-03-24 21:05 - 00000000 ____D () C:\OETemp 2015-03-15 06:00 - 2015-03-15 06:00 - 02195088 _____ (SoftCity ) C:\Users\Joel\Downloads\Nicht bestätigt 253661.crdownload 2015-03-12 03:20 - 2015-03-12 03:52 - 00000540 _____ () C:\Users\Joel\Downloads\Setup (4).website 2015-03-12 03:15 - 2015-03-12 03:15 - 00000538 _____ () C:\Users\Joel\Downloads\Setup (3).website 2015-03-12 03:13 - 2015-03-12 03:14 - 00000535 _____ () C:\Users\Joel\Downloads\Setup (2).website 2015-03-12 01:28 - 2015-03-12 01:28 - 00000534 _____ () C:\Users\Joel\Downloads\Setup (1).website 2015-03-11 20:21 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 20:21 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 20:21 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 20:21 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 20:21 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 20:21 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 20:21 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 20:21 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 20:21 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-11 20:21 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-11 20:21 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-11 20:21 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-11 20:21 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-11 20:21 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-11 20:21 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-11 20:21 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 20:21 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 20:21 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 20:21 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 20:21 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-11 20:21 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-11 20:21 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-11 20:21 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-11 20:21 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 20:21 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-11 20:21 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-11 20:21 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 20:21 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 20:21 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-11 20:21 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 20:21 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-11 20:21 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 20:21 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 20:21 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 20:21 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 20:21 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 20:21 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 20:21 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 20:21 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 20:21 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-11 20:21 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 20:21 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 20:21 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 20:21 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-11 20:21 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 20:21 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 20:21 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 20:21 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 20:21 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 20:21 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-11 20:21 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-11 20:21 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 20:21 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 20:21 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 20:21 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 20:21 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-11 20:21 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 20:21 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-03-11 20:21 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-03-11 20:20 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 20:20 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 20:20 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-11 20:20 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 20:20 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-11 20:20 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-11 20:20 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-11 20:20 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-11 20:20 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 20:20 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-11 20:20 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 20:20 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 20:20 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 20:20 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 20:20 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 20:20 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 20:20 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 20:20 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 20:20 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 20:20 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 20:20 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 20:20 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 20:20 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 20:20 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 20:20 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 20:20 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-11 20:20 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 20:20 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 20:20 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-11 20:20 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 20:20 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-11 20:20 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-11 20:20 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-11 20:20 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 20:20 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-11 20:20 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-11 20:20 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-11 20:20 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-11 20:20 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-11 20:20 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 20:20 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 20:20 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 20:20 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 20:20 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 20:20 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 20:20 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-11 20:20 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-11 20:20 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-11 20:20 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 20:20 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-11 20:20 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-11 20:20 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-11 20:20 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 20:20 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 20:20 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-11 20:20 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-11 20:20 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-11 20:20 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 20:20 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 20:20 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 20:20 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-11 20:18 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 20:18 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-11 01:08 - 2015-03-11 01:08 - 00000536 _____ () C:\Users\Joel\Downloads\Setup .website 2015-03-10 20:17 - 2015-03-10 20:17 - 00239953 _____ () C:\Users\Joel\Desktop\ts3_clientui-win64-1407159763-2015-03-10 19_17_25.206536.dmp 2015-03-08 16:46 - 2015-03-22 22:46 - 00072967 _____ () C:\Windows\system32\ScanResults.xml 2015-03-08 16:38 - 2015-03-22 22:39 - 00000464 _____ () C:\Windows\system32\ScannerSettings 2015-03-08 05:40 - 2015-03-08 05:40 - 00889080 _____ () C:\Users\Joel\Downloads\installer_google_chrome_German.exe 2015-03-07 23:41 - 2015-03-07 23:41 - 00000000 ____D () C:\Users\Joel\AppData\Local\Ubisoft ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-01 15:25 - 2013-03-20 11:32 - 00701940 _____ () C:\Windows\system32\perfh007.dat 2015-04-01 15:25 - 2013-03-20 11:32 - 00150452 _____ () C:\Windows\system32\perfc007.dat 2015-04-01 15:25 - 2009-07-14 07:13 - 01629178 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-01 15:19 - 2013-12-05 22:22 - 00000000 ____D () C:\ProgramData\VMware 2015-04-01 15:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-01 15:19 - 2009-07-14 06:51 - 00112336 _____ () C:\Windows\setupact.log 2015-04-01 11:01 - 2014-02-06 21:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-01 03:00 - 2013-03-23 19:17 - 01133322 _____ () C:\Windows\WindowsUpdate.log 2015-04-01 01:18 - 2014-01-20 21:42 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-03-31 17:23 - 2013-07-07 20:43 - 00000000 ____D () C:\ProgramData\Origin 2015-03-31 16:39 - 2009-07-14 06:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-31 16:39 - 2009-07-14 06:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-31 16:32 - 2013-07-06 19:31 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Skype 2015-03-28 16:55 - 2014-03-01 02:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-03-28 15:47 - 2014-01-20 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-03-26 20:26 - 2014-11-16 14:57 - 00000975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-03-26 20:26 - 2014-11-16 14:57 - 00000963 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-03-26 19:47 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-03-26 19:46 - 2014-12-13 04:17 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-26 19:46 - 2014-05-01 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-25 21:31 - 2014-10-14 04:49 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-03-25 21:30 - 2012-05-21 14:10 - 00000000 ____D () C:\ProgramData\Skype 2015-03-25 17:41 - 2014-01-20 22:16 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-03-25 01:17 - 2013-07-11 21:24 - 00000000 ____D () C:\Users\Joel\AppData\Local\Arma 3 2015-03-25 01:15 - 2013-11-23 17:37 - 00000000 ____D () C:\Users\Joel\AppData\Local\Google 2015-03-25 00:06 - 2010-11-21 05:47 - 00385360 _____ () C:\Windows\PFRO.log 2015-03-25 00:01 - 2014-01-20 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-03-24 23:53 - 2014-08-08 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Red Alert 2 2015-03-24 23:53 - 2014-08-07 00:04 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TS3Client 2015-03-24 21:18 - 2013-07-07 20:33 - 00000000 ____D () C:\ProgramData\Avira 2015-03-24 21:05 - 2013-09-07 00:13 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-24 20:55 - 2013-11-23 17:37 - 00000000 ____D () C:\Program Files (x86)\Google 2015-03-24 20:49 - 2013-07-02 10:42 - 00000000 ____D () C:\Users\Joel 2015-03-24 20:49 - 2012-05-21 14:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-24 20:38 - 2014-08-07 00:03 - 00000000 ___RD () C:\Users\Gast\Virtual Machines 2015-03-24 20:37 - 2014-08-10 23:16 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2015-03-24 20:37 - 2014-04-05 19:04 - 00000000 ____D () C:\Users\Joel\AppData\Local\LogMeIn Hamachi 2015-03-24 20:37 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV 2015-03-24 20:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-03-24 20:17 - 2012-05-21 14:22 - 00000000 ____D () C:\Windows\it 2015-03-24 20:12 - 2015-01-18 15:19 - 00000000 ____D () C:\Users\Joel\Desktop\Neuer Ordner 2015-03-24 20:05 - 2014-05-31 01:17 - 00000000 ____D () C:\Users\Joel\AppData\Local\CrashDumps 2015-03-24 19:28 - 2014-08-10 23:16 - 00001315 _____ () C:\Users\Public\Desktop\WarThunder.lnk 2015-03-24 19:28 - 2013-07-02 10:43 - 00001647 _____ () C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-24 19:27 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini 2015-03-24 02:57 - 2013-07-27 23:53 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\TS3Client 2015-03-23 20:35 - 2015-01-27 23:25 - 00000000 ____D () C:\Users\Joel\Desktop\Meine 2015-03-17 14:58 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-03-15 07:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-03-14 13:48 - 2015-02-20 00:24 - 00000000 ____D () C:\Windows\pss 2015-03-13 14:05 - 2013-07-02 10:43 - 00000000 ___RD () C:\Users\Joel\Virtual Machines 2015-03-13 14:02 - 2009-07-14 06:45 - 00281240 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 04:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 04:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-12 03:53 - 2015-02-15 02:30 - 00000000 ____D () C:\Users\Joel\AppData\Local\Deployment 2015-03-07 23:44 - 2015-02-15 02:32 - 00000000 ____D () C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-03-02 01:18 - 2015-02-24 00:23 - 00000165 _____ () C:\Windows\Reimage.ini ==================== Files in the root of some directories ======= 2014-10-02 20:52 - 2014-10-02 20:52 - 0212992 _____ (Martin Pfeiffer) C:\Program Files (x86)\MetroSuite.dll 2014-10-02 20:52 - 2014-10-02 20:52 - 1058816 _____ () C:\Program Files (x86)\[IBG] Gamelauncher.exe 2014-01-21 18:07 - 2014-01-21 18:07 - 0000040 _____ () C:\ProgramData\ra3.ini Some content of TEMP: ==================== C:\Users\Gast\AppData\Local\Temp\avgnt.exe C:\Users\Gast\AppData\Local\Temp\SkypeSetup.exe C:\Users\Joel\AppData\Local\Temp\13-4_win7_win8_64_dd_ccc_whql.exe C:\Users\Joel\AppData\Local\Temp\avgnt.exe C:\Users\Joel\AppData\Local\Temp\bdfilters.dll C:\Users\Joel\AppData\Local\Temp\drm_dyndata_7370014.dll C:\Users\Joel\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Joel\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Joel\AppData\Local\Temp\i4jdel0.exe C:\Users\Joel\AppData\Local\Temp\install_flashplayer14x32au_mssd_aaa_aih.exe C:\Users\Joel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Joel\AppData\Local\Temp\ReimagePackage.exe C:\Users\Joel\AppData\Local\Temp\ReiSysUpdate.exe C:\Users\Joel\AppData\Local\Temp\SkypeSetup.exe C:\Users\Joel\AppData\Local\Temp\sonarinst.exe C:\Users\Joel\AppData\Local\Temp\sqlite-3.7.8-sqlitejdbc.dll C:\Users\Joel\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Joel\AppData\Local\Temp\System.Data.SQLite157bae8c-2fbe-496c-9e04-0f1db314fca1.dll C:\Users\Joel\AppData\Local\Temp\xmlUpdater.exe C:\Users\Joel\AppData\Local\Temp\Zzoomit_uninstall.exe C:\Users\Newtest\AppData\Local\Temp\avgnt.exe C:\Users\Newtest\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-25 04:48 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Newtest at 2015-04-01 15:27:37
Running from C:\Users\Newtest\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
[IBG] Gamelauncher Version 1.5 (HKLM-x32\...\{7E7C235D-5751-4593-BB5F-CBF6C01BE258}_is1) (Version: 1.5 - [IBG] Community, Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.2.99 - NTI Corporation)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Framework (HKLM-x32\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.00.5500 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
aerosoft's - Scenery Germany 3 - FS2004 (HKLM-x32\...\{48209CA1-7163-43AB-B55C-23C3BB431CFA}) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.388 - ArcSoft)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ArtMoney SE v7.42 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.42 - System SoftLab)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Backup Manager V3 (x32 Version: 3.0.2.99 - NTI Corporation) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.2.454 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version: - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version: - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{419CEBE1-36E9-4AB2-8586-D6213AE28621}) (Version: 8.4.0.1699 - TechSmith Corporation)
Command & Conquer™ (HKLM-x32\...\{434DFB16-EB7B-429B-9CBB-D8EB17B9DEA2}) (Version: 0.4.1.0 - Electronic Arts, Inc.)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Renegade (HKLM-x32\...\{24DFBE4C-FD7F-48F2-A7D9-D1A0929B2113}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX del Windows Live Mesh per a connexions remotes (HKLM-x32\...\{76C064E2-BB99-4453-8FDA-42BC01AD0734}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
EXAM 11 (HKLM-x32\...\{809B22DC-A386-4F22-0023-DE0000000001}) (Version: 1.0 - Peters Software)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Mouse and Keyboard Recorder 3.1.3.2 (HKLM-x32\...\{9A6EBB57-EA22-4086-81A0-8FD9843D0CA1}_is1) (Version: - Robot-Soft.com, Inc.)
Free Studio version 6.5.0.219 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.219 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.1 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gemeinsam genutzte Internet-Komponenten von Westwood (HKLM-x32\...\WOLAPI) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
MAGIX 3D Maker 7 Download-Version (HKLM-x32\...\MAGIX_MSI_3D7) (Version: 7.0.0.482 - MAGIX AG)
MAGIX 3D Maker 7 Download-Version (x32 Version: 7.0.0.482 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mental Omega APYR (HKLM-x32\...\Mental Omega APYR3.0) (Version: 3.0 - Mentalmeisters)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Mozilla Firefox 37.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0 (x86 de)) (Version: 37.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 - )
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6521 - Realtek Semiconductor Corp.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Smart Technology Volume Tracker 7.0.23.0 (HKLM\...\{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}) (Version: 7.0.23.0 - Mad Catz)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Supreme Commander (HKLM-x32\...\Supreme Commander_is1) (Version: - )
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version: - Gas Powered Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40642 - TeamViewer)
Tropico 5 - Steam Special Edition (HKLM-x32\...\{96C8FF19-C95E-44A7-A238-95692578538F}_is1) (Version: 1.1.0 - Kalypso)
Unchecky v0.3.7 (HKLM-x32\...\Unchecky) (Version: 0.3.7 - RaMMicHaeL)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VmciSockets (Version: 9.1.55.1 - VMware, Inc.) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 4.0.6.35970 - VMware, Inc)
VMware Player (x32 Version: 4.0.6.35970 - VMware, Inc.) Hidden
War Thunder Launcher 1.0.1.391 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinZip 17.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DC}) (Version: 17.5.10562 - WinZip Computing, S.L. )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
Zzoomit (HKLM-x32\...\SeeWeblists) (Version: - SeeWeblists)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-04-01 15:19 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
There are 4 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {11E762AC-3349-437B-B211-BAB75BFC8374} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {142AC915-D8C9-4FB8-840C-F7DC4638068A} - System32\Tasks\{00CD79F9-DC24-422B-AA75-400865708B7C} => pcalua.exe -a C:\Users\Joel\Downloads\Range_RAT5_SD7_0_20_0_64Bit_Drivers_NonWHQL.exe -d C:\Users\Joel\Downloads
Task: {1A3A6EA7-6EDC-4D1C-AFE8-79423CC93205} - System32\Tasks\{998858F3-9717-4729-8AC9-D64B851E35E2} => pcalua.exe -a C:\Users\Joel\Downloads\VMware-player-4.0.6-1035888.exe -d C:\Users\Joel\Downloads
Task: {1E42B4AB-9CA8-4DF1-90B3-A32EE88FBCAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3D125A24-7F78-40D5-9F64-CED65DB645F7} - \RocketTab No Task File <==== ATTENTION
Task: {51AA7127-D61C-45F7-8804-C139A3B1FDE8} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {63E5DC0D-3F99-4837-82B8-D4C64DFA9100} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6CA7CDC5-C4EE-4E76-BF65-82FA563B714B} - System32\Tasks\{6B870702-1D4B-4F12-A6D3-AD7C864DECC5} => Firefox.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?source=lightinstaller&page=tsBing
Task: {C03BA99C-F71F-486E-BECF-626CBEC0F5DC} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {D541A58F-E70A-46BB-8F33-FCC3AD9A995F} - System32\Tasks\{EFE3A5BE-A768-4D7A-B54A-7461E2193EA5} => pcalua.exe -a "C:\Users\Joel\Downloads\Smart Technology 7_0_27_13 64Bit(3).exe" -d C:\Users\Joel\Downloads
Task: {DB37B5B4-E1A9-4E68-8E66-A35F98CE6940} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
Task: {DFD1FF94-1A9D-49B5-9233-A0667F471843} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Tempo Runner bz32.job => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe2/dgad C:\ProgramData\bobyzoom\1.1.0.30\bz32.exe
Task: C:\Windows\Tasks\Tempo Runner bz64.job => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe2/dgad C:\ProgramData\bobyzoom\1.1.0.30\bz64.exe
Task: C:\Windows\Tasks\Tempo Runner bzdap.job => C:\ProgramData\bobyzoom\1.1.0.30\bzagnt.exe3/dgad C:\ProgramData\bobyzoom\1.1.0.30\bzdap.exe
==================== Loaded Modules (whitelisted) ==============
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 17:27 - 2012-09-11 17:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2012-05-21 14:11 - 2011-06-14 02:59 - 00030080 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
2012-05-21 14:11 - 2012-05-21 14:11 - 00038312 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.5500.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2012-05-21 14:11 - 2012-05-21 14:11 - 00026040 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.5500.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2012-05-21 14:11 - 2012-05-21 14:11 - 00066960 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.5500.0__3036420f80dd6947\Framework.Library.dll
2012-05-21 14:11 - 2012-05-21 14:11 - 00034192 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.5500.0__672b450de5a7e94a\Framework.Host.dll
2012-05-21 14:11 - 2012-05-21 14:11 - 00021920 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.5500.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2013-03-23 19:30 - 2012-03-06 09:49 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-09-21 09:43 - 2015-01-01 06:25 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-21 09:43 - 2015-01-01 06:25 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2012-05-21 14:52 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2015-04-01 15:22 - 2015-04-01 15:22 - 00243576 _____ () C:\Users\Newtest\Downloads\Firefox Setup Stub 37.0.exe
2011-04-23 18:29 - 2011-04-23 18:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-23 18:29 - 2011-04-23 18:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-23 18:29 - 2011-04-23 18:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-03-01 03:27 - 2013-03-01 03:27 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2015-03-24 20:55 - 2015-03-14 12:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-24 20:55 - 2015-03-14 12:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-24 20:55 - 2015-03-14 12:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2014-10-16 21:07 - 2014-10-16 21:07 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2013-03-23 19:25 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-03-23 19:30 - 2012-03-06 09:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgR119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgR119.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1455717823-835188907-681337027-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Newtest\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: 3a37b93a => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: ReimageRealTimeProtector => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Joel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.lnk => C:\Windows\pss\DesktopVideoPlayer.lnk.Startup
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MP4 Player => "C:\Program Files (x86)\MP4 Player\mp4Player.exe" hmw
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: SaiVolume => C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
==================== Accounts: =============================
Administrator (S-1-5-21-1455717823-835188907-681337027-500 - Administrator - Disabled)
Gast (S-1-5-21-1455717823-835188907-681337027-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1455717823-835188907-681337027-1004 - Limited - Enabled)
Joel (S-1-5-21-1455717823-835188907-681337027-1000 - Limited - Enabled) => C:\Users\Joel
Newtest (S-1-5-21-1455717823-835188907-681337027-1006 - Administrator - Enabled) => C:\Users\Newtest
==================== Faulty Device Manager Devices =============
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/01/2015 03:27:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
Error: (04/01/2015 03:27:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
Error: (04/01/2015 03:27:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
Error: (04/01/2015 03:26:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 11.3.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f88
Startzeit: 01d06c7f59fec9ce
Endzeit: 0
Anwendungspfad: C:\Users\Newtest\Downloads\FRST64.exe
Berichts-ID: a408dd34-d872-11e4-a153-005056c00008
Error: (04/01/2015 03:24:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
Error: (04/01/2015 03:22:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (04/01/2015 03:22:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
Error: (04/01/2015 03:22:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
Error: (04/01/2015 03:22:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (04/01/2015 03:22:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
System errors:
=============
Error: (04/01/2015 03:22:45 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: WMPNetworkSvc0x80070006
Error: (04/01/2015 05:02:23 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/01/2015 03:03:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Office 2010 (KB2883019) 32-Bit-Edition
Error: (03/31/2015 07:54:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/31/2015 07:54:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (03/31/2015 04:40:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Office 2010 (KB2883019) 32-Bit-Edition
Error: (03/31/2015 04:34:45 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: WMPNetworkSvc0x80070006
Error: (03/30/2015 05:48:11 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: WMPNetworkSvc0x80070006
Error: (03/30/2015 03:40:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Office 2010 (KB2883019) 32-Bit-Edition
Error: (03/30/2015 03:06:33 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: WMPNetworkSvc0x80070006
Microsoft Office Sessions:
=========================
Error: (04/01/2015 03:27:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Zugriff verweigert
Error: (04/01/2015 03:27:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Zugriff verweigert
Error: (04/01/2015 03:27:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Zugriff verweigert
Error: (04/01/2015 03:26:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe11.3.2015.0f8801d06c7f59fec9ce0C:\Users\Newtest\Downloads\FRST64.exea408dd34-d872-11e4-a153-005056c00008
Error: (04/01/2015 03:24:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Zugriff verweigert
Error: (04/01/2015 03:22:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (04/01/2015 03:22:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crtDer angegebene Server kann den angeforderten Vorgang nicht ausführen.
Error: (04/01/2015 03:22:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Zugriff verweigert
Error: (04/01/2015 03:22:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (04/01/2015 03:22:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 8140.36 MB
Available physical RAM: 5001.36 MB
Total Pagefile: 16278.9 MB
Available Pagefile: 12650.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:451.45 GB) (Free:14.36 GB) NTFS
Drive d: (DATA) (Fixed) (Total:451.96 GB) (Free:451.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B0F7CEDC)
Partition 1: (Not Active) - (Size=28 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
01.04.2015, 20:36
| #9 |
| /// the machine /// TB-Ausbilder | Hoch schädliche Malware infiziert PC hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.04.2015, 19:23
| #10 |
| | Hoch schädliche Malware infiziert PC Combofix Logfile: Code:
ATTFilter ComboFix 15-04-01.01 - Newtest 03.04.2015 19:56:43.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8140.6474 [GMT 2:00]
ausgeführt von:: c:\users\Newtest\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
c:\windows\system32\drivers\null.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\afd.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18489_none_35c7815175410855\afd.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndis.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndisuio.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_ca170d32fd7da822\ndisuio.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\netbios.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-netbios_31bf3856ad364e35_6.1.7600.16385_none_b5d6a9d184d05567\netbios.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\usbehci.sys fehlte
Kopie von - c:\windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.22526_none_1c6919a73351367a\usbehci.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\intelppm.sys fehlte
Kopie von - c:\windows\winsxs\amd64_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_b93f4c460912265a\intelppm.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\tcpip.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\netbt.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\asyncmac.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\cdrom.sys fehlte
Kopie von - c:\windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\Serial.sys fehlte
Kopie von - c:\windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndproxy.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\ndproxy.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ws2ifsl.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\i8042prt.sys fehlte
Kopie von - c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\tdx.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.22865_none_48b848380bfa8bbd\tdx.sys wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-03-03 bis 2015-04-03 ))))))))))))))))))))))))))))))
.
.
2015-04-03 18:07 . 2015-04-03 18:07 -------- d-----w- c:\users\Joel\AppData\Local\temp
2015-04-03 18:07 . 2015-04-03 18:07 -------- d-----w- c:\users\Gast\AppData\Local\temp
2015-04-03 18:07 . 2015-04-03 18:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-03 18:07 . 2014-11-11 01:56 118272 ----a-w- c:\windows\SysWow64\drivers\tdx.sys
2015-04-03 18:07 . 2009-07-13 23:19 105472 ----a-w- c:\windows\SysWow64\drivers\i8042prt.sys
2015-04-03 18:07 . 2009-07-14 00:10 21504 ----a-w- c:\windows\SysWow64\drivers\ws2ifsl.sys
2015-04-01 13:27 . 2015-04-01 13:27 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-03-30 15:48 . 2015-04-01 13:27 -------- d-----w- C:\FRST
2015-03-25 16:18 . 2015-03-25 16:18 -------- d-----w- c:\programdata\Unchecky
2015-03-25 16:18 . 2015-03-25 16:18 -------- d-----w- c:\program files (x86)\Unchecky
2015-03-25 15:37 . 2015-03-25 19:31 -------- d-----w- c:\users\Newtest
2015-03-24 21:49 . 2015-03-24 21:51 -------- d-----w- c:\users\Gast\AppData\Roaming\Origin
2015-03-24 21:48 . 2015-03-24 21:51 -------- d-----w- c:\users\Gast\AppData\Local\Origin
2015-03-24 19:06 . 2015-03-24 23:12 -------- d-----w- c:\users\Gast\AppData\Local\Arma 3
2015-03-24 19:05 . 2015-04-03 17:51 -------- d-----w- c:\program files (x86)\Avira
2015-03-24 19:05 . 2015-03-24 21:53 -------- d-----w- c:\users\Gast\AppData\Local\CrashDumps
2015-03-24 19:01 . 2015-03-24 19:01 -------- d-----w- c:\users\Gast\AppData\Local\Steam
2015-03-24 18:58 . 2015-03-24 22:06 -------- d-----w- c:\users\Gast\AppData\Roaming\Skype
2015-03-24 18:58 . 2015-03-24 18:58 -------- d-----w- c:\users\Gast\AppData\Local\Skype
2015-03-24 18:46 . 2015-03-24 18:46 -------- d-----w- c:\programdata\92ad4b3000001026
2015-03-24 18:39 . 2015-03-24 18:39 -------- d-----w- c:\users\Gast\AppData\Local\Mozilla
2015-03-24 18:05 . 2015-03-24 18:05 -------- d-----w- c:\users\Joel\SupTab
2015-03-24 18:02 . 2015-04-03 18:08 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-24 18:02 . 2015-03-24 18:37 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-03-24 18:02 . 2015-03-24 18:02 -------- d-----w- c:\programdata\Malwarebytes
2015-03-24 18:02 . 2015-03-17 05:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-03-24 18:02 . 2015-03-17 05:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-24 18:02 . 2015-03-17 05:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-03-24 17:28 . 2015-03-24 18:46 -------- d-----w- c:\users\Joel\AppData\Local\Opera Software
2015-03-24 17:28 . 2015-03-24 18:46 -------- d-----w- c:\users\Joel\AppData\Roaming\Opera Software
2015-03-24 17:26 . 2015-03-24 18:47 -------- d-----w- c:\program files (x86)\Opera
2015-03-24 15:01 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65DF15F0-0B13-4240-8436-4D71284D2E42}\mpengine.dll
2015-03-21 03:59 . 2015-03-24 19:05 -------- d-----w- C:\OETemp
2015-03-11 18:20 . 2015-01-17 02:48 1067520 ----a-w- c:\windows\system32\msctf.dll
2015-03-11 18:18 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 18:18 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-07 21:41 . 2015-03-07 21:41 -------- d-----w- c:\users\Joel\AppData\Local\Ubisoft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-24 03:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-16 15:20 . 2014-04-16 15:55 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-02-05 00:01 . 2012-05-21 12:32 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 00:01 . 2012-05-21 12:32 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-04 03:16 . 2015-02-12 18:11 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 03:16 . 2015-02-12 18:11 762368 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 03:16 . 2015-02-12 18:11 414720 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 03:16 . 2015-02-12 18:11 894976 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 03:16 . 2015-02-12 18:11 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 03:16 . 2015-02-12 18:11 192000 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 03:13 . 2015-02-12 18:11 1098752 ----a-w- c:\windows\system32\aeinv.dll
2015-01-27 23:36 . 2015-02-12 18:11 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-01-09 03:14 . 2015-02-25 18:19 91136 ----a-w- c:\windows\system32\wdi.dll
2015-01-09 03:14 . 2015-02-25 18:19 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-01-09 03:14 . 2015-02-25 18:19 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-01-09 02:48 . 2015-02-25 18:19 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2014-10-02 18:52 . 2014-10-02 18:52 212992 ----a-w- c:\program files (x86)\MetroSuite.dll
2014-10-02 18:52 . 2014-10-02 18:52 212992 ----a-w- c:\program files (x86)\MetroSuite.dll
2014-10-02 18:52 . 2014-10-02 18:52 1058816 ----a-w- c:\program files (x86)\[IBG] Gamelauncher.exe
2014-10-02 18:52 . 2014-10-02 18:52 1058816 ----a-w- c:\program files (x86)\[IBG] Gamelauncher.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-02-19 18:14 297128 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2012-06-11 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-23 297280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-01-19 126712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz134;cpuz134;c:\users\Joel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Joel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 GPUZ;GPUZ;c:\users\Joel\AppData\Local\Temp\GPUZ.sys;c:\users\Joel\AppData\Local\Temp\GPUZ.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 PrintNotify;Druckererweiterungen und -benachrichtigungen;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys;c:\windows\SYSNATIVE\DRIVERS\RTL2832U_IRHID.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x]
R3 SaiK1708;SaiK1708;c:\windows\system32\DRIVERS\SaiK1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1708.sys [x]
R3 SaiU1708;SaiU1708;c:\windows\system32\DRIVERS\SaiU1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1708.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
S2 Asus Product Register Service;Asus Product Register Service;c:\program files (x86)\ASUS\APRP\AsusProductRegisterService.exe;c:\program files (x86)\ASUS\APRP\AsusProductRegisterService.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe;c:\program files\Acer\Empowering Technology\Service\ETService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Unchecky;Unchecky;c:\program files (x86)\Unchecky\bin\Unchecky_svc.exe;c:\program files (x86)\Unchecky\bin\Unchecky_svc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe;c:\oem\USBDECTION\USBS3S4Detection.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 SaiK1107;SaiK1107;c:\windows\system32\DRIVERS\SaiK1107.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1107.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-24 18:55 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-21 00:01]
.
2015-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24 18:53]
.
2015-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24 18:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-02-19 18:14 297128 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-23 297280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-01-19 126712]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge:
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Ias
Irmon
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
SENS
Sharedaccess
SRService
Tapisrv
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
Rebuilding ... You need to reboot your machine for this to take effect.
.
AppInfo
browser
EapHost
hkmsvc
IKEEXT
MMCSS
ProfSvc
seclogon
Themes
wercplsupport
BDESVC
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
LSP: %SystemRoot%\system32\vsocklib.dll
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Newtest\AppData\Roaming\Mozilla\Firefox\Profiles\m9t90x2y.default\
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-IR_SERVER - c:\progra~2\Realtek\REALTE~1\IR_SERVER.exe
SafeBoot-tammgF119.sys
SafeBoot-tammgR119.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-IR_SERVER - c:\progra~2\Realtek\REALTE~1\IR_SERVER.exe
AddRemove-7-Zip - c:\program files (x86)\7-Zip\Uninstall.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-SeeWeblists - c:\users\Joel\AppData\Local\Temp\Zzoomit_uninstall.exe
AddRemove-WOLAPI - c:\westwood\Internet\UnstllAP.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.8.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3004361~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3004375~31bf3856ad364e35~amd64~~6.1.3.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3004394~31bf3856ad364e35~amd64~~6.1.2.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3005788~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000050
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3013455~31bf3856ad364e35~amd64~~6.1.1.4]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3020338~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3021917~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3021952~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3023562~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3023607~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3029944~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3031432~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3034196~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\Unchecky\bin\Unchecky_bg.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-04-03 20:14:35 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-04-03 18:14
.
Vor Suchlauf: 14 Verzeichnis(se), 10.787.450.880 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 18.178.457.600 Bytes frei
.
- - End Of File - - 72502A10B71A492FD2919B316546A169
Combofix Logfile: Code:
ATTFilter ComboFix 15-04-01.01 - Newtest 03.04.2015 19:56:43.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8140.6474 [GMT 2:00]
ausgeführt von:: c:\users\Newtest\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
c:\windows\system32\drivers\null.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\afd.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18489_none_35c7815175410855\afd.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndis.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndisuio.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_ca170d32fd7da822\ndisuio.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\netbios.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-netbios_31bf3856ad364e35_6.1.7600.16385_none_b5d6a9d184d05567\netbios.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\usbehci.sys fehlte
Kopie von - c:\windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.22526_none_1c6919a73351367a\usbehci.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\intelppm.sys fehlte
Kopie von - c:\windows\winsxs\amd64_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_b93f4c460912265a\intelppm.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\tcpip.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\netbt.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\asyncmac.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\cdrom.sys fehlte
Kopie von - c:\windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\Serial.sys fehlte
Kopie von - c:\windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ndproxy.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\ndproxy.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\ws2ifsl.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\i8042prt.sys fehlte
Kopie von - c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys wurde wiederhergestellt
.
c:\windows\system32\drivers\tdx.sys fehlte
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.22865_none_48b848380bfa8bbd\tdx.sys wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-03-03 bis 2015-04-03 ))))))))))))))))))))))))))))))
.
.
2015-04-03 18:07 . 2015-04-03 18:07 -------- d-----w- c:\users\Joel\AppData\Local\temp
2015-04-03 18:07 . 2015-04-03 18:07 -------- d-----w- c:\users\Gast\AppData\Local\temp
2015-04-03 18:07 . 2015-04-03 18:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-03 18:07 . 2014-11-11 01:56 118272 ----a-w- c:\windows\SysWow64\drivers\tdx.sys
2015-04-03 18:07 . 2009-07-13 23:19 105472 ----a-w- c:\windows\SysWow64\drivers\i8042prt.sys
2015-04-03 18:07 . 2009-07-14 00:10 21504 ----a-w- c:\windows\SysWow64\drivers\ws2ifsl.sys
2015-04-01 13:27 . 2015-04-01 13:27 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-03-30 15:48 . 2015-04-01 13:27 -------- d-----w- C:\FRST
2015-03-25 16:18 . 2015-03-25 16:18 -------- d-----w- c:\programdata\Unchecky
2015-03-25 16:18 . 2015-03-25 16:18 -------- d-----w- c:\program files (x86)\Unchecky
2015-03-25 15:37 . 2015-03-25 19:31 -------- d-----w- c:\users\Newtest
2015-03-24 21:49 . 2015-03-24 21:51 -------- d-----w- c:\users\Gast\AppData\Roaming\Origin
2015-03-24 21:48 . 2015-03-24 21:51 -------- d-----w- c:\users\Gast\AppData\Local\Origin
2015-03-24 19:06 . 2015-03-24 23:12 -------- d-----w- c:\users\Gast\AppData\Local\Arma 3
2015-03-24 19:05 . 2015-04-03 17:51 -------- d-----w- c:\program files (x86)\Avira
2015-03-24 19:05 . 2015-03-24 21:53 -------- d-----w- c:\users\Gast\AppData\Local\CrashDumps
2015-03-24 19:01 . 2015-03-24 19:01 -------- d-----w- c:\users\Gast\AppData\Local\Steam
2015-03-24 18:58 . 2015-03-24 22:06 -------- d-----w- c:\users\Gast\AppData\Roaming\Skype
2015-03-24 18:58 . 2015-03-24 18:58 -------- d-----w- c:\users\Gast\AppData\Local\Skype
2015-03-24 18:46 . 2015-03-24 18:46 -------- d-----w- c:\programdata\92ad4b3000001026
2015-03-24 18:39 . 2015-03-24 18:39 -------- d-----w- c:\users\Gast\AppData\Local\Mozilla
2015-03-24 18:05 . 2015-03-24 18:05 -------- d-----w- c:\users\Joel\SupTab
2015-03-24 18:02 . 2015-04-03 18:08 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-24 18:02 . 2015-03-24 18:37 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-03-24 18:02 . 2015-03-24 18:02 -------- d-----w- c:\programdata\Malwarebytes
2015-03-24 18:02 . 2015-03-17 05:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-03-24 18:02 . 2015-03-17 05:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-24 18:02 . 2015-03-17 05:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-03-24 17:28 . 2015-03-24 18:46 -------- d-----w- c:\users\Joel\AppData\Local\Opera Software
2015-03-24 17:28 . 2015-03-24 18:46 -------- d-----w- c:\users\Joel\AppData\Roaming\Opera Software
2015-03-24 17:26 . 2015-03-24 18:47 -------- d-----w- c:\program files (x86)\Opera
2015-03-24 15:01 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65DF15F0-0B13-4240-8436-4D71284D2E42}\mpengine.dll
2015-03-21 03:59 . 2015-03-24 19:05 -------- d-----w- C:\OETemp
2015-03-11 18:20 . 2015-01-17 02:48 1067520 ----a-w- c:\windows\system32\msctf.dll
2015-03-11 18:18 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 18:18 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-07 21:41 . 2015-03-07 21:41 -------- d-----w- c:\users\Joel\AppData\Local\Ubisoft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-24 03:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-16 15:20 . 2014-04-16 15:55 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-02-05 00:01 . 2012-05-21 12:32 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 00:01 . 2012-05-21 12:32 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-04 03:16 . 2015-02-12 18:11 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 03:16 . 2015-02-12 18:11 762368 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 03:16 . 2015-02-12 18:11 414720 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 03:16 . 2015-02-12 18:11 894976 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 03:16 . 2015-02-12 18:11 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 03:16 . 2015-02-12 18:11 192000 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 03:13 . 2015-02-12 18:11 1098752 ----a-w- c:\windows\system32\aeinv.dll
2015-01-27 23:36 . 2015-02-12 18:11 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-01-09 03:14 . 2015-02-25 18:19 91136 ----a-w- c:\windows\system32\wdi.dll
2015-01-09 03:14 . 2015-02-25 18:19 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-01-09 03:14 . 2015-02-25 18:19 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-01-09 02:48 . 2015-02-25 18:19 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2014-10-02 18:52 . 2014-10-02 18:52 212992 ----a-w- c:\program files (x86)\MetroSuite.dll
2014-10-02 18:52 . 2014-10-02 18:52 212992 ----a-w- c:\program files (x86)\MetroSuite.dll
2014-10-02 18:52 . 2014-10-02 18:52 1058816 ----a-w- c:\program files (x86)\[IBG] Gamelauncher.exe
2014-10-02 18:52 . 2014-10-02 18:52 1058816 ----a-w- c:\program files (x86)\[IBG] Gamelauncher.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-02-19 18:14 297128 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2012-06-11 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-23 297280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-01-19 126712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz134;cpuz134;c:\users\Joel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Joel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 GPUZ;GPUZ;c:\users\Joel\AppData\Local\Temp\GPUZ.sys;c:\users\Joel\AppData\Local\Temp\GPUZ.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 PrintNotify;Druckererweiterungen und -benachrichtigungen;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys;c:\windows\SYSNATIVE\DRIVERS\RTL2832U_IRHID.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x]
R3 SaiK1708;SaiK1708;c:\windows\system32\DRIVERS\SaiK1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1708.sys [x]
R3 SaiU1708;SaiU1708;c:\windows\system32\DRIVERS\SaiU1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1708.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
S2 Asus Product Register Service;Asus Product Register Service;c:\program files (x86)\ASUS\APRP\AsusProductRegisterService.exe;c:\program files (x86)\ASUS\APRP\AsusProductRegisterService.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe;c:\program files\Acer\Empowering Technology\Service\ETService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Unchecky;Unchecky;c:\program files (x86)\Unchecky\bin\Unchecky_svc.exe;c:\program files (x86)\Unchecky\bin\Unchecky_svc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe;c:\oem\USBDECTION\USBS3S4Detection.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 SaiK1107;SaiK1107;c:\windows\system32\DRIVERS\SaiK1107.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1107.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-24 18:55 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-21 00:01]
.
2015-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24 18:53]
.
2015-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24 18:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-02-19 18:14 297128 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-23 297280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-01-19 126712]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge:
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Ias
Irmon
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
SENS
Sharedaccess
SRService
Tapisrv
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
Rebuilding ... You need to reboot your machine for this to take effect.
.
AppInfo
browser
EapHost
hkmsvc
IKEEXT
MMCSS
ProfSvc
seclogon
Themes
wercplsupport
BDESVC
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
LSP: %SystemRoot%\system32\vsocklib.dll
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Newtest\AppData\Roaming\Mozilla\Firefox\Profiles\m9t90x2y.default\
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-IR_SERVER - c:\progra~2\Realtek\REALTE~1\IR_SERVER.exe
SafeBoot-tammgF119.sys
SafeBoot-tammgR119.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-IR_SERVER - c:\progra~2\Realtek\REALTE~1\IR_SERVER.exe
AddRemove-7-Zip - c:\program files (x86)\7-Zip\Uninstall.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-SeeWeblists - c:\users\Joel\AppData\Local\Temp\Zzoomit_uninstall.exe
AddRemove-WOLAPI - c:\westwood\Internet\UnstllAP.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.8.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3004361~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3004375~31bf3856ad364e35~amd64~~6.1.3.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3004394~31bf3856ad364e35~amd64~~6.1.2.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3005788~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000050
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3013455~31bf3856ad364e35~amd64~~6.1.1.4]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3020338~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3021917~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3021952~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3023562~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3023607~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3029944~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3031432~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3034196~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\Unchecky\bin\Unchecky_bg.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-04-03 20:14:35 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-04-03 18:14
.
Vor Suchlauf: 14 Verzeichnis(se), 10.787.450.880 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 18.178.457.600 Bytes frei
.
- - End Of File - - 72502A10B71A492FD2919B316546A169
|
|
04.04.2015, 10:41
| #11 |
| /// the machine /// TB-Ausbilder | Hoch schädliche Malware infiziert PC hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.04.2015, 13:21
| #12 |
| | Hoch schädliche Malware infiziert PC DIe Logs vom Malwarebytes hatte ich ganz am Anfang gepostet. Code:
ATTFilter 14:18:18.0193 0x1678 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:18:28.0182 0x1678 ============================================================
14:18:28.0182 0x1678 Current date / time: 2015/04/05 14:18:28.0182
14:18:28.0182 0x1678 SystemInfo:
14:18:28.0182 0x1678
14:18:28.0182 0x1678 OS Version: 6.1.7601 ServicePack: 1.0
14:18:28.0182 0x1678 Product type: Workstation
14:18:28.0182 0x1678 ComputerName: DOMINIC
14:18:28.0182 0x1678 UserName: Newtest
14:18:28.0182 0x1678 Windows directory: C:\Windows
14:18:28.0182 0x1678 System windows directory: C:\Windows
14:18:28.0182 0x1678 Running under WOW64
14:18:28.0182 0x1678 Processor architecture: Intel x64
14:18:28.0182 0x1678 Number of processors: 4
14:18:28.0182 0x1678 Page size: 0x1000
14:18:28.0182 0x1678 Boot type: Normal boot
14:18:28.0182 0x1678 ============================================================
14:18:28.0416 0x1678 KLMD registered as C:\Windows\system32\drivers\92386784.sys
14:18:28.0806 0x1678 System UUID: {582BF1F3-F6C8-CB6E-566A-A18F94A7FEB6}
14:18:29.0321 0x1678 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:18:29.0321 0x1678 ============================================================
14:18:29.0321 0x1678 \Device\Harddisk0\DR0:
14:18:29.0321 0x1678 MBR partitions:
14:18:29.0321 0x1678 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3800800, BlocksNum 0x32000
14:18:29.0321 0x1678 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3832800, BlocksNum 0x386E7000
14:18:29.0321 0x1678 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3BF19800, BlocksNum 0x387EC800
14:18:29.0321 0x1678 ============================================================
14:18:29.0337 0x1678 C: <-> \Device\Harddisk0\DR0\Partition2
14:18:29.0368 0x1678 D: <-> \Device\Harddisk0\DR0\Partition3
14:18:29.0368 0x1678 ============================================================
14:18:29.0368 0x1678 Initialize success
14:18:29.0368 0x1678 ============================================================
14:18:32.0227 0x1040 ============================================================
14:18:32.0227 0x1040 Scan started
14:18:32.0227 0x1040 Mode: Manual;
14:18:32.0227 0x1040 ============================================================
14:18:32.0227 0x1040 KSN ping started
14:18:37.0916 0x1040 KSN ping finished: true
14:18:38.0511 0x1040 ================ Scan system memory ========================
14:18:38.0512 0x1040 System memory - ok
14:18:38.0512 0x1040 ================ Scan services =============================
14:18:38.0715 0x1040 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:18:38.0719 0x1040 1394ohci - ok
14:18:38.0825 0x1040 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:18:38.0825 0x1040 ACDaemon - ok
14:18:38.0840 0x1040 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:18:38.0840 0x1040 ACPI - ok
14:18:38.0856 0x1040 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:18:38.0856 0x1040 AcpiPmi - ok
14:18:38.0930 0x1040 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:18:38.0931 0x1040 AdobeARMservice - ok
14:18:39.0012 0x1040 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:18:39.0019 0x1040 AdobeFlashPlayerUpdateSvc - ok
14:18:39.0041 0x1040 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:18:39.0054 0x1040 adp94xx - ok
14:18:39.0071 0x1040 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:18:39.0076 0x1040 adpahci - ok
14:18:39.0092 0x1040 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:18:39.0094 0x1040 adpu320 - ok
14:18:39.0118 0x1040 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:18:39.0119 0x1040 AeLookupSvc - ok
14:18:39.0149 0x1040 [ 0517E1670A58213E3F206066CD209273, BC499306319DD811E8D52A4A18C8F058BF9D121508CF8B0D6E1AB1F20990F41D ] AF15BDA C:\Windows\system32\DRIVERS\AF15BDA.sys
14:18:39.0157 0x1040 AF15BDA - ok
14:18:39.0210 0x1040 [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc C:\Windows\syswow64\drivers\Afc.sys
14:18:39.0211 0x1040 Afc - ok
14:18:39.0274 0x1040 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:18:39.0286 0x1040 AFD - ok
14:18:39.0297 0x1040 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:18:39.0299 0x1040 agp440 - ok
14:18:39.0308 0x1040 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:18:39.0310 0x1040 ALG - ok
14:18:39.0327 0x1040 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:18:39.0328 0x1040 aliide - ok
14:18:39.0345 0x1040 [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:18:39.0345 0x1040 AMD External Events Utility - ok
14:18:39.0361 0x1040 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:18:39.0361 0x1040 amdide - ok
14:18:39.0361 0x1040 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:18:39.0361 0x1040 AmdK8 - ok
14:18:39.0615 0x1040 [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:18:39.0851 0x1040 amdkmdag - ok
14:18:39.0930 0x1040 [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:18:39.0946 0x1040 amdkmdap - ok
14:18:39.0964 0x1040 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:18:39.0966 0x1040 AmdPPM - ok
14:18:39.0971 0x1040 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:18:39.0973 0x1040 amdsata - ok
14:18:39.0987 0x1040 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:18:39.0991 0x1040 amdsbs - ok
14:18:39.0996 0x1040 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:18:39.0996 0x1040 amdxata - ok
14:18:40.0012 0x1040 [ 8660C7BFE2CBA7E0B3F5D9ECD05D780E, BCA25159ACB3DB4AFA848F64C11AEAC9D17724DE1DCA6090AEFDC79C72499FEF ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
14:18:40.0012 0x1040 AndNetDiag - ok
14:18:40.0027 0x1040 [ 620F9CDFC8987FE26F6E0DC37D645B45, E307EAB2E123EF40AD0603F24DFE7629669FA64A7FDA7CC1100DB482EB295092 ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
14:18:40.0027 0x1040 ANDNetModem - ok
14:18:40.0059 0x1040 [ 7AA8B780C65D4A3C0128ED0E264BF194, F55A3DE8998A859DFE1EFF6996154AD6BBD298CBFFFB6CBF92529152241043AE ] andnetndis C:\Windows\system32\DRIVERS\lgandnetndis64.sys
14:18:40.0059 0x1040 andnetndis - ok
14:18:40.0074 0x1040 AntiVirWebService - ok
14:18:40.0121 0x1040 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
14:18:40.0121 0x1040 AppID - ok
14:18:40.0137 0x1040 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:18:40.0137 0x1040 AppIDSvc - ok
14:18:40.0152 0x1040 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:18:40.0152 0x1040 Appinfo - ok
14:18:40.0183 0x1040 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:18:40.0183 0x1040 AppMgmt - ok
14:18:40.0199 0x1040 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
14:18:40.0199 0x1040 arc - ok
14:18:40.0199 0x1040 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:18:40.0199 0x1040 arcsas - ok
14:18:40.0230 0x1040 [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT C:\Windows\SysWOW64\ASGT.exe
14:18:40.0230 0x1040 ASGT - ok
14:18:40.0316 0x1040 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:18:40.0318 0x1040 aspnet_state - ok
14:18:40.0357 0x1040 [ 2C74F5379459FFA27B3C139E9EF8A62D, DFEE555A39CC4A66FC937E75389119FAF2721079FC4A537B5A8B46D852EA08B7 ] Asus Product Register Service C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
14:18:40.0359 0x1040 Asus Product Register Service - ok
14:18:40.0379 0x1040 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:18:40.0381 0x1040 AsyncMac - ok
14:18:40.0406 0x1040 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:18:40.0408 0x1040 atapi - ok
14:18:40.0426 0x1040 [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:18:40.0428 0x1040 AtiHDAudioService - ok
14:18:40.0450 0x1040 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:18:40.0460 0x1040 AudioEndpointBuilder - ok
14:18:40.0472 0x1040 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:18:40.0480 0x1040 AudioSrv - ok
14:18:40.0536 0x1040 [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
14:18:40.0541 0x1040 Avira.OE.ServiceHost - ok
14:18:40.0572 0x1040 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:18:40.0575 0x1040 AxInstSV - ok
14:18:40.0599 0x1040 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:18:40.0613 0x1040 b06bdrv - ok
14:18:40.0633 0x1040 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:18:40.0637 0x1040 b57nd60a - ok
14:18:40.0649 0x1040 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:18:40.0652 0x1040 BDESVC - ok
14:18:40.0659 0x1040 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:18:40.0660 0x1040 Beep - ok
14:18:40.0712 0x1040 [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:18:40.0728 0x1040 BEService - ok
14:18:40.0759 0x1040 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:18:40.0782 0x1040 BFE - ok
14:18:40.0820 0x1040 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
14:18:40.0834 0x1040 BITS - ok
14:18:40.0841 0x1040 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:18:40.0842 0x1040 blbdrive - ok
14:18:40.0853 0x1040 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:18:40.0856 0x1040 bowser - ok
14:18:40.0869 0x1040 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:18:40.0870 0x1040 BrFiltLo - ok
14:18:40.0873 0x1040 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:18:40.0874 0x1040 BrFiltUp - ok
14:18:40.0915 0x1040 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:18:40.0918 0x1040 BridgeMP - ok
14:18:40.0939 0x1040 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:18:40.0942 0x1040 Browser - ok
14:18:40.0960 0x1040 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:18:40.0965 0x1040 Brserid - ok
14:18:40.0972 0x1040 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:18:40.0974 0x1040 BrSerWdm - ok
14:18:40.0982 0x1040 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:18:40.0983 0x1040 BrUsbMdm - ok
14:18:40.0986 0x1040 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:18:40.0986 0x1040 BrUsbSer - ok
14:18:40.0995 0x1040 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:18:40.0998 0x1040 BTHMODEM - ok
14:18:41.0017 0x1040 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:18:41.0019 0x1040 bthserv - ok
14:18:41.0034 0x1040 catchme - ok
14:18:41.0045 0x1040 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:18:41.0048 0x1040 cdfs - ok
14:18:41.0073 0x1040 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:18:41.0076 0x1040 cdrom - ok
14:18:41.0086 0x1040 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:18:41.0088 0x1040 CertPropSvc - ok
14:18:41.0098 0x1040 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
14:18:41.0100 0x1040 circlass - ok
14:18:41.0120 0x1040 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
14:18:41.0127 0x1040 CLFS - ok
14:18:41.0182 0x1040 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:18:41.0197 0x1040 clr_optimization_v2.0.50727_32 - ok
14:18:41.0197 0x1040 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:18:41.0213 0x1040 clr_optimization_v2.0.50727_64 - ok
14:18:41.0262 0x1040 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:18:41.0262 0x1040 clr_optimization_v4.0.30319_32 - ok
14:18:41.0293 0x1040 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:18:41.0309 0x1040 clr_optimization_v4.0.30319_64 - ok
14:18:41.0324 0x1040 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:18:41.0324 0x1040 CmBatt - ok
14:18:41.0355 0x1040 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:18:41.0355 0x1040 cmdide - ok
14:18:41.0402 0x1040 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
14:18:41.0418 0x1040 CNG - ok
14:18:41.0433 0x1040 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:18:41.0433 0x1040 Compbatt - ok
14:18:41.0465 0x1040 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:18:41.0465 0x1040 CompositeBus - ok
14:18:41.0465 0x1040 COMSysApp - ok
14:18:41.0527 0x1040 [ A0050420B91E097C178DFC3C0598F67B, 950AEBE4BD42D943BD2E7F5AFBB4C47A2502694EB671BBA34468B214169C198C ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:18:41.0527 0x1040 cphs - ok
14:18:41.0589 0x1040 cpuz134 - ok
14:18:41.0605 0x1040 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:18:41.0605 0x1040 crcdisk - ok
14:18:41.0652 0x1040 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:18:41.0667 0x1040 CryptSvc - ok
14:18:41.0683 0x1040 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:18:41.0699 0x1040 CSC - ok
14:18:41.0714 0x1040 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:18:41.0738 0x1040 CscService - ok
14:18:41.0847 0x1040 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:18:41.0860 0x1040 cvhsvc - ok
14:18:41.0885 0x1040 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:18:41.0891 0x1040 DcomLaunch - ok
14:18:41.0908 0x1040 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:18:41.0913 0x1040 defragsvc - ok
14:18:41.0929 0x1040 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:18:41.0932 0x1040 DfsC - ok
14:18:41.0949 0x1040 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:18:41.0952 0x1040 Dhcp - ok
14:18:41.0962 0x1040 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:18:41.0963 0x1040 discache - ok
14:18:41.0969 0x1040 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
14:18:41.0971 0x1040 Disk - ok
14:18:41.0978 0x1040 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:18:41.0980 0x1040 dmvsc - ok
14:18:41.0990 0x1040 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:18:41.0992 0x1040 Dnscache - ok
14:18:42.0004 0x1040 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:18:42.0008 0x1040 dot3svc - ok
14:18:42.0019 0x1040 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:18:42.0021 0x1040 DPS - ok
14:18:42.0047 0x1040 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:18:42.0047 0x1040 drmkaud - ok
14:18:42.0109 0x1040 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:18:42.0125 0x1040 dtsoftbus01 - ok
14:18:42.0203 0x1040 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:18:42.0218 0x1040 DXGKrnl - ok
14:18:42.0250 0x1040 [ 1BEF2C2E229452EC49FFE5A27283341D, 7010273570BD38E578FCF1DD2EB00C21E8FA3504CE2342AEE3755F6EFC4581E9 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
14:18:42.0250 0x1040 e1cexpress - ok
14:18:42.0250 0x1040 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:18:42.0250 0x1040 EapHost - ok
14:18:42.0312 0x1040 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:18:42.0374 0x1040 ebdrv - ok
14:18:42.0421 0x1040 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\Windows\System32\lsass.exe
14:18:42.0421 0x1040 EFS - ok
14:18:42.0468 0x1040 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:18:42.0499 0x1040 ehRecvr - ok
14:18:42.0499 0x1040 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:18:42.0515 0x1040 ehSched - ok
14:18:42.0530 0x1040 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:18:42.0530 0x1040 elxstor - ok
14:18:42.0546 0x1040 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:18:42.0546 0x1040 ErrDev - ok
14:18:42.0593 0x1040 [ 594CD09B24A7C071C208D12E988F0679, 59906C4792CE0C9B6D50211349036A924E5E033BCC69E709800172D3C9D9F7F2 ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
14:18:42.0593 0x1040 ETService - ok
14:18:42.0640 0x1040 [ 932C05033053ADA2404FD836C9AB2C70, 39E3C40DDDCA475F55CD6A044E8CF35A1C25A776B79204CBF76D0DD5D89568D8 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys
14:18:42.0640 0x1040 EuMusDesignVirtualAudioCableWdm - ok
14:18:42.0686 0x1040 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:18:42.0686 0x1040 EventSystem - ok
14:18:42.0718 0x1040 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:18:42.0718 0x1040 exfat - ok
14:18:42.0733 0x1040 [ 55393618F206CD2740B0E97B0E0A886F, CECB7E23B2986C12B94CEC5B7F3E2BD6BD09D81969E7485D930DD0B884BCF11B ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:18:42.0749 0x1040 fastfat - ok
14:18:42.0780 0x1040 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:18:42.0796 0x1040 Fax - ok
14:18:42.0811 0x1040 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
14:18:42.0811 0x1040 fdc - ok
14:18:42.0827 0x1040 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:18:42.0827 0x1040 fdPHost - ok
14:18:42.0842 0x1040 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:18:42.0842 0x1040 FDResPub - ok
14:18:42.0842 0x1040 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:18:42.0842 0x1040 FileInfo - ok
14:18:42.0858 0x1040 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:18:42.0858 0x1040 Filetrace - ok
14:18:42.0874 0x1040 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:18:42.0874 0x1040 flpydisk - ok
14:18:42.0889 0x1040 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:18:42.0889 0x1040 FltMgr - ok
14:18:42.0920 0x1040 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
14:18:42.0936 0x1040 FontCache - ok
14:18:42.0983 0x1040 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:18:42.0998 0x1040 FontCache3.0.0.0 - ok
14:18:42.0998 0x1040 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:18:43.0014 0x1040 FsDepends - ok
14:18:43.0030 0x1040 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:18:43.0030 0x1040 Fs_Rec - ok
14:18:43.0045 0x1040 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:18:43.0061 0x1040 fvevol - ok
14:18:43.0076 0x1040 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:18:43.0076 0x1040 gagp30kx - ok
14:18:43.0108 0x1040 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:18:43.0108 0x1040 gpsvc - ok
14:18:43.0123 0x1040 GPUZ - ok
14:18:43.0170 0x1040 [ 32096F187020A54D29C95B3A1467D963, 2A50686C1FC921B02F6B7472AC09B2CFD9DE290D22DD0342A94AB8E95AC3DC6C ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
14:18:43.0170 0x1040 GREGService - ok
14:18:43.0232 0x1040 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:18:43.0232 0x1040 gupdate - ok
14:18:43.0232 0x1040 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:18:43.0232 0x1040 gupdatem - ok
14:18:43.0279 0x1040 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:18:43.0279 0x1040 hamachi - ok
14:18:43.0435 0x1040 [ B2D769C3899865902706A924CED699C7, 0E80C639BB6EA4E4CCA537494E8F96CB921DEB91429FFD0E93BBE966EF792916 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:18:43.0466 0x1040 Hamachi2Svc - ok
14:18:43.0513 0x1040 [ ADB4348DA1345877B04E22203AFC8993, D85FC268D1994944CED570A84B0B2E4F3EBFBE59823BE57285CB6CDDDF607358 ] hcmon C:\Windows\system32\drivers\hcmon.sys
14:18:43.0513 0x1040 hcmon - ok
14:18:43.0513 0x1040 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:18:43.0529 0x1040 hcw85cir - ok
14:18:43.0544 0x1040 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:18:43.0560 0x1040 HdAudAddService - ok
14:18:43.0576 0x1040 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:18:43.0576 0x1040 HDAudBus - ok
14:18:43.0576 0x1040 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:18:43.0591 0x1040 HidBatt - ok
14:18:43.0591 0x1040 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:18:43.0607 0x1040 HidBth - ok
14:18:43.0622 0x1040 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
14:18:43.0622 0x1040 HidIr - ok
14:18:43.0622 0x1040 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
14:18:43.0622 0x1040 hidserv - ok
14:18:43.0638 0x1040 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:18:43.0638 0x1040 HidUsb - ok
14:18:43.0654 0x1040 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:18:43.0654 0x1040 hkmsvc - ok
14:18:43.0669 0x1040 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:18:43.0669 0x1040 HomeGroupListener - ok
14:18:43.0700 0x1040 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:18:43.0700 0x1040 HomeGroupProvider - ok
14:18:43.0716 0x1040 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:18:43.0716 0x1040 HpSAMD - ok
14:18:43.0747 0x1040 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:18:43.0747 0x1040 HTTP - ok
14:18:43.0763 0x1040 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:18:43.0763 0x1040 hwpolicy - ok
14:18:43.0778 0x1040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:18:43.0778 0x1040 i8042prt - ok
14:18:43.0810 0x1040 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:18:43.0825 0x1040 iaStor - ok
14:18:43.0888 0x1040 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:18:43.0888 0x1040 IAStorDataMgrSvc - ok
14:18:43.0919 0x1040 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:18:43.0919 0x1040 iaStorV - ok
14:18:43.0997 0x1040 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:18:43.0997 0x1040 IDriverT - ok
14:18:44.0059 0x1040 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:18:44.0075 0x1040 idsvc - ok
14:18:44.0075 0x1040 IEEtwCollectorService - ok
14:18:44.0356 0x1040 [ 0638D16029B1C800908D965AC78970C7, C88F026D04B8FD351F397103478E013450F302DA072ACA92C8C822F6654BD0B3 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:18:44.0621 0x1040 igfx - ok
14:18:44.0652 0x1040 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:18:44.0652 0x1040 iirsp - ok
14:18:44.0683 0x1040 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:18:44.0699 0x1040 IKEEXT - ok
14:18:44.0824 0x1040 [ B3137FD9C696544E405699BBD66B1E65, 44B38BA725F07AA2E33408777F68D8A05445B69FB1DC571CBADC2A44C803E1C5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:18:44.0870 0x1040 IntcAzAudAddService - ok
14:18:44.0933 0x1040 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:18:44.0933 0x1040 IntcDAud - ok
14:18:44.0980 0x1040 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:18:45.0011 0x1040 Intel(R) Capability Licensing Service Interface - ok
14:18:45.0026 0x1040 [ FB166D86AFCBD9A9BFD342DC2564F5DF, 788C0CBC298572566584BD8762D931CC423EBCC1C5D551B3820E939FF667AA65 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:18:45.0026 0x1040 Intel(R) ME Service - ok
14:18:45.0058 0x1040 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:18:45.0058 0x1040 intelide - ok
14:18:45.0073 0x1040 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:18:45.0073 0x1040 intelppm - ok
14:18:45.0120 0x1040 [ A01C412699B6F21645B2885C2BAE4454, EA85BBE63D6F66F7EFEE7007E770AF820D57F914C7F179C5FEE3EF2845F19C41 ] IOMap C:\Windows\system32\drivers\IOMap64.sys
14:18:45.0120 0x1040 IOMap - ok
14:18:45.0136 0x1040 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:18:45.0136 0x1040 IPBusEnum - ok
14:18:45.0151 0x1040 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:18:45.0151 0x1040 IpFilterDriver - ok
14:18:45.0182 0x1040 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:18:45.0198 0x1040 iphlpsvc - ok
14:18:45.0198 0x1040 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:18:45.0214 0x1040 IPMIDRV - ok
14:18:45.0214 0x1040 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:18:45.0229 0x1040 IPNAT - ok
14:18:45.0245 0x1040 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:18:45.0245 0x1040 IRENUM - ok
14:18:45.0245 0x1040 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:18:45.0260 0x1040 isapnp - ok
14:18:45.0307 0x1040 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:18:45.0307 0x1040 iScsiPrt - ok
14:18:45.0338 0x1040 [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
14:18:45.0338 0x1040 iusb3hcs - ok
14:18:45.0370 0x1040 [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
14:18:45.0370 0x1040 iusb3hub - ok
14:18:45.0416 0x1040 [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:18:45.0416 0x1040 iusb3xhc - ok
14:18:45.0432 0x1040 [ B443D3D1B6F21C2B424E49491B65C488, 1C868237247005E49EF6C38EC04C5D58E94DB03755310095CC56A85333BE3969 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:18:45.0432 0x1040 jhi_service - ok
14:18:45.0448 0x1040 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:18:45.0448 0x1040 kbdclass - ok
14:18:45.0463 0x1040 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:18:45.0463 0x1040 kbdhid - ok
14:18:45.0494 0x1040 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\Windows\system32\lsass.exe
14:18:45.0494 0x1040 KeyIso - ok
14:18:45.0526 0x1040 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:18:45.0526 0x1040 KSecDD - ok
14:18:45.0541 0x1040 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:18:45.0541 0x1040 KSecPkg - ok
14:18:45.0541 0x1040 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:18:45.0557 0x1040 ksthunk - ok
14:18:45.0572 0x1040 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:18:45.0588 0x1040 KtmRm - ok
14:18:45.0604 0x1040 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:18:45.0619 0x1040 LanmanServer - ok
14:18:45.0635 0x1040 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:18:45.0635 0x1040 LanmanWorkstation - ok
14:18:45.0682 0x1040 [ 6BB516A31DE232DAB436FF3A117E1E80, 1B91633C9D2FDD27B1712557E95D5642973105F0161D57E074A0601B666F1221 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:18:45.0682 0x1040 Live Updater Service - ok
14:18:45.0697 0x1040 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:18:45.0697 0x1040 lltdio - ok
14:18:45.0728 0x1040 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:18:45.0744 0x1040 lltdsvc - ok
14:18:45.0744 0x1040 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:18:45.0744 0x1040 lmhosts - ok
14:18:45.0822 0x1040 [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
14:18:45.0838 0x1040 LMIGuardianSvc - ok
14:18:45.0853 0x1040 [ 9BE23DF9B1FC56F58DD0F28CC187E713, 1D9D95838A588B59A9553637DEC80CC2B6BD7FE68C053AA4EAA35061FEF47546 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:18:45.0853 0x1040 LMS - ok
14:18:45.0869 0x1040 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:18:45.0869 0x1040 LSI_FC - ok
14:18:45.0884 0x1040 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:18:45.0884 0x1040 LSI_SAS - ok
14:18:45.0884 0x1040 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:18:45.0884 0x1040 LSI_SAS2 - ok
14:18:45.0900 0x1040 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:18:45.0900 0x1040 LSI_SCSI - ok
14:18:45.0916 0x1040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:18:45.0916 0x1040 luafv - ok
14:18:45.0947 0x1040 [ CF12E148C6FC151335B7D7FE03F1C7A2, 7087DF6D884AF0A57AC22D7AE9C2903913AAB4CE52D19666B6513C3D5706E43C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:18:45.0947 0x1040 MBAMProtector - ok
14:18:46.0025 0x1040 [ 86701B8E4C53280AA8642AC85F8500F4, 6839F2B840410857AE7DA215A17922A7499A9B99D96032756525878E98175103 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
14:18:46.0040 0x1040 MBAMScheduler - ok
14:18:46.0072 0x1040 [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
14:18:46.0072 0x1040 MBAMService - ok
14:18:46.0103 0x1040 [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
14:18:46.0103 0x1040 MBAMSwissArmy - ok
14:18:46.0103 0x1040 [ 0CE2F3E26C770CBAEB50787A2C1FD09E, 2DDB1827027D2CC8E78FE737B5DA21783EFCD13430DBB140C34DAACACD6EF492 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:18:46.0103 0x1040 MBAMWebAccessControl - ok
14:18:46.0118 0x1040 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:18:46.0134 0x1040 Mcx2Svc - ok
14:18:46.0150 0x1040 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
14:18:46.0150 0x1040 megasas - ok
14:18:46.0165 0x1040 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:18:46.0181 0x1040 MegaSR - ok
14:18:46.0196 0x1040 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:18:46.0196 0x1040 MEIx64 - ok
14:18:46.0212 0x1040 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:18:46.0212 0x1040 MMCSS - ok
14:18:46.0212 0x1040 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:18:46.0228 0x1040 Modem - ok
14:18:46.0228 0x1040 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:18:46.0243 0x1040 monitor - ok
14:18:46.0243 0x1040 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:18:46.0243 0x1040 mouclass - ok
14:18:46.0259 0x1040 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:18:46.0259 0x1040 mouhid - ok
14:18:46.0306 0x1040 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:18:46.0306 0x1040 mountmgr - ok
14:18:46.0368 0x1040 [ A8EC34E8953BD6A751D52C55B47BDE62, FB526ACDF67037498D5D1033A41082B96EBC702293FA1384AE9FCFF091686CDD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:18:46.0368 0x1040 MozillaMaintenance - ok
14:18:46.0384 0x1040 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:18:46.0399 0x1040 mpio - ok
14:18:46.0399 0x1040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:18:46.0415 0x1040 mpsdrv - ok
14:18:46.0446 0x1040 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:18:46.0462 0x1040 MpsSvc - ok
14:18:46.0477 0x1040 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:18:46.0477 0x1040 MRxDAV - ok
14:18:46.0493 0x1040 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:18:46.0508 0x1040 mrxsmb - ok
14:18:46.0524 0x1040 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:18:46.0524 0x1040 mrxsmb10 - ok
14:18:46.0540 0x1040 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:18:46.0540 0x1040 mrxsmb20 - ok
14:18:46.0555 0x1040 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:18:46.0555 0x1040 msahci - ok
14:18:46.0555 0x1040 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:18:46.0555 0x1040 msdsm - ok
14:18:46.0571 0x1040 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:18:46.0571 0x1040 MSDTC - ok
14:18:46.0571 0x1040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:18:46.0571 0x1040 Msfs - ok
14:18:46.0586 0x1040 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:18:46.0586 0x1040 mshidkmdf - ok
14:18:46.0586 0x1040 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:18:46.0586 0x1040 msisadrv - ok
14:18:46.0618 0x1040 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:18:46.0618 0x1040 MSiSCSI - ok
14:18:46.0618 0x1040 msiserver - ok
14:18:46.0633 0x1040 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:18:46.0633 0x1040 MSKSSRV - ok
14:18:46.0649 0x1040 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:18:46.0649 0x1040 MSPCLOCK - ok
14:18:46.0649 0x1040 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:18:46.0664 0x1040 MSPQM - ok
14:18:46.0680 0x1040 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:18:46.0680 0x1040 MsRPC - ok
14:18:46.0680 0x1040 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:18:46.0680 0x1040 mssmbios - ok
14:18:46.0696 0x1040 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:18:46.0696 0x1040 MSTEE - ok
14:18:46.0696 0x1040 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:18:46.0696 0x1040 MTConfig - ok
14:18:46.0711 0x1040 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:18:46.0711 0x1040 Mup - ok
14:18:46.0727 0x1040 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:18:46.0742 0x1040 napagent - ok
14:18:46.0758 0x1040 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:18:46.0758 0x1040 NativeWifiP - ok
14:18:46.0883 0x1040 [ 7F79DA9E719D0774BDBC3622ABD3AFD9, BA45D9D5C983D85999BF18C6D7F985A8D2E2CA5B2A86FF2B8B0928565E789D61 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:18:46.0898 0x1040 NAUpdate - ok
14:18:46.0930 0x1040 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:18:46.0930 0x1040 NDIS - ok
14:18:46.0945 0x1040 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:18:46.0945 0x1040 NdisCap - ok
14:18:46.0961 0x1040 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:18:46.0961 0x1040 NdisTapi - ok
14:18:46.0961 0x1040 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:18:46.0976 0x1040 Ndisuio - ok
14:18:46.0992 0x1040 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:18:46.0992 0x1040 NdisWan - ok
14:18:47.0008 0x1040 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:18:47.0008 0x1040 NDProxy - ok
14:18:47.0023 0x1040 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:18:47.0023 0x1040 NetBIOS - ok
14:18:47.0039 0x1040 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:18:47.0039 0x1040 NetBT - ok
14:18:47.0054 0x1040 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\Windows\system32\lsass.exe
14:18:47.0054 0x1040 Netlogon - ok
14:18:47.0070 0x1040 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:18:47.0086 0x1040 Netman - ok
14:18:47.0148 0x1040 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:47.0148 0x1040 NetMsmqActivator - ok
14:18:47.0148 0x1040 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:47.0164 0x1040 NetPipeActivator - ok
14:18:47.0195 0x1040 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:18:47.0195 0x1040 netprofm - ok
14:18:47.0210 0x1040 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:47.0210 0x1040 NetTcpActivator - ok
14:18:47.0226 0x1040 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:47.0226 0x1040 NetTcpPortSharing - ok
14:18:47.0242 0x1040 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:18:47.0242 0x1040 nfrd960 - ok
14:18:47.0273 0x1040 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:18:47.0288 0x1040 NlaSvc - ok
14:18:47.0288 0x1040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:18:47.0304 0x1040 Npfs - ok
14:18:47.0304 0x1040 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:18:47.0304 0x1040 nsi - ok
14:18:47.0320 0x1040 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:18:47.0320 0x1040 nsiproxy - ok
14:18:47.0398 0x1040 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:18:47.0429 0x1040 Ntfs - ok
14:18:47.0460 0x1040 [ 1873214666F6F0A883742DF91FBC48C9, DCF5382CE338D4B5B0C3A3B722A19B6C7BAB59EB7B266FEF04698B79070E2C4B ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
14:18:47.0476 0x1040 NTI IScheduleSvc - ok
14:18:47.0491 0x1040 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
14:18:47.0491 0x1040 NTIDrvr - ok
14:18:47.0507 0x1040 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:18:47.0507 0x1040 Null - ok
14:18:47.0538 0x1040 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:18:47.0538 0x1040 nvraid - ok
14:18:47.0554 0x1040 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:18:47.0554 0x1040 nvstor - ok
14:18:47.0585 0x1040 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:18:47.0585 0x1040 nv_agp - ok
14:18:47.0600 0x1040 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:18:47.0616 0x1040 ohci1394 - ok
14:18:47.0741 0x1040 [ F06948D5153F0F95FC580D153101FC77, 0FD9FAD66C2FBBDA003DD5F4028AB6A7A13E237BB8D99388C611A17785714C42 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
14:18:47.0772 0x1040 Origin Client Service - ok
14:18:47.0788 0x1040 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:18:47.0788 0x1040 ose - ok
14:18:47.0944 0x1040 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:18:47.0990 0x1040 osppsvc - ok
14:18:48.0022 0x1040 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:18:48.0022 0x1040 p2pimsvc - ok
14:18:48.0037 0x1040 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:18:48.0037 0x1040 p2psvc - ok
14:18:48.0053 0x1040 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
14:18:48.0053 0x1040 Parport - ok
14:18:48.0084 0x1040 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:18:48.0084 0x1040 partmgr - ok
14:18:48.0131 0x1040 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:18:48.0131 0x1040 PcaSvc - ok
14:18:48.0146 0x1040 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:18:48.0146 0x1040 pci - ok
14:18:48.0162 0x1040 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:18:48.0178 0x1040 pciide - ok
14:18:48.0178 0x1040 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:18:48.0178 0x1040 pcmcia - ok
14:18:48.0193 0x1040 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:18:48.0193 0x1040 pcw - ok
14:18:48.0209 0x1040 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:18:48.0224 0x1040 PEAUTH - ok
14:18:48.0256 0x1040 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:18:48.0271 0x1040 PeerDistSvc - ok
14:18:48.0318 0x1040 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:18:48.0318 0x1040 PerfHost - ok
14:18:48.0349 0x1040 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:18:48.0365 0x1040 pla - ok
14:18:48.0412 0x1040 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:18:48.0412 0x1040 PlugPlay - ok
14:18:48.0458 0x1040 pmem - ok
14:18:48.0490 0x1040 PnkBstrA - ok
14:18:48.0490 0x1040 PnkBstrB - ok
14:18:48.0505 0x1040 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:18:48.0505 0x1040 PNRPAutoReg - ok
14:18:48.0521 0x1040 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:18:48.0536 0x1040 PNRPsvc - ok
14:18:48.0552 0x1040 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:18:48.0568 0x1040 PolicyAgent - ok
14:18:48.0583 0x1040 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:18:48.0583 0x1040 Power - ok
14:18:48.0599 0x1040 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:18:48.0614 0x1040 PptpMiniport - ok
14:18:48.0724 0x1040 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
14:18:48.0786 0x1040 PrintNotify - ok
14:18:48.0802 0x1040 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
14:18:48.0802 0x1040 Processor - ok
14:18:48.0848 0x1040 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:18:48.0848 0x1040 ProfSvc - ok
14:18:48.0895 0x1040 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:18:48.0895 0x1040 ProtectedStorage - ok
14:18:48.0911 0x1040 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:18:48.0911 0x1040 Psched - ok
14:18:48.0958 0x1040 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:18:48.0989 0x1040 ql2300 - ok
14:18:49.0004 0x1040 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:18:49.0004 0x1040 ql40xx - ok
14:18:49.0036 0x1040 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:18:49.0036 0x1040 QWAVE - ok
14:18:49.0036 0x1040 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:18:49.0036 0x1040 QWAVEdrv - ok
14:18:49.0051 0x1040 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:18:49.0051 0x1040 RasAcd - ok
14:18:49.0082 0x1040 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:18:49.0082 0x1040 RasAgileVpn - ok
14:18:49.0098 0x1040 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:18:49.0098 0x1040 RasAuto - ok
14:18:49.0114 0x1040 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:18:49.0114 0x1040 Rasl2tp - ok
14:18:49.0129 0x1040 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:18:49.0145 0x1040 RasMan - ok
14:18:49.0145 0x1040 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:18:49.0160 0x1040 RasPppoe - ok
14:18:49.0160 0x1040 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:18:49.0176 0x1040 RasSstp - ok
14:18:49.0176 0x1040 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:18:49.0192 0x1040 rdbss - ok
14:18:49.0207 0x1040 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:18:49.0207 0x1040 rdpbus - ok
14:18:49.0207 0x1040 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:18:49.0207 0x1040 RDPCDD - ok
14:18:49.0223 0x1040 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:18:49.0223 0x1040 RDPDR - ok
14:18:49.0254 0x1040 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:18:49.0254 0x1040 RDPENCDD - ok
14:18:49.0254 0x1040 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:18:49.0254 0x1040 RDPREFMP - ok
14:18:49.0332 0x1040 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:18:49.0332 0x1040 RdpVideoMiniport - ok
14:18:49.0363 0x1040 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:18:49.0379 0x1040 RDPWD - ok
14:18:49.0394 0x1040 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:18:49.0394 0x1040 rdyboost - ok
14:18:49.0410 0x1040 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:18:49.0410 0x1040 RemoteAccess - ok
14:18:49.0426 0x1040 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:18:49.0441 0x1040 RemoteRegistry - ok
14:18:49.0441 0x1040 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:18:49.0457 0x1040 RpcEptMapper - ok
14:18:49.0457 0x1040 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:18:49.0457 0x1040 RpcLocator - ok
14:18:49.0488 0x1040 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:18:49.0504 0x1040 RpcSs - ok
14:18:49.0504 0x1040 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:18:49.0504 0x1040 rspndr - ok
14:18:49.0535 0x1040 [ 72C7923369DE0AD2ACEAF95AA32AAF2D, B98C856636320B972F6EA1D0A689865414369A77FD0F2FA63AF89A73552B1140 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
14:18:49.0535 0x1040 RTL2832UBDA - ok
14:18:49.0613 0x1040 [ 90A270813F4E77DFC5553F9EAA6E33EE, F9ED2CBE8AF43C8B2EE5E333DB1851CD39BFE5120170373326DB492C2295C643 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
14:18:49.0613 0x1040 RTL2832UUSB - ok
14:18:49.0660 0x1040 [ C24DF587D59345FCA718FE550EB036D7, 50B3D26C0F633B90B399C2E466108CE0B6A592CBE969CEE4A44E5F4EC9F07258 ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
14:18:49.0660 0x1040 RTL2832U_IRHID - ok
14:18:49.0675 0x1040 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:18:49.0675 0x1040 s3cap - ok
14:18:49.0706 0x1040 [ 518D933228CB1BD04D69ED210420C88A, 829AF3D403EDAAE3CFFC9E16AF99087D0D8D379518715A8E0C750A0458C7B002 ] SaiK1107 C:\Windows\system32\DRIVERS\SaiK1107.sys
14:18:49.0722 0x1040 SaiK1107 - ok
14:18:49.0738 0x1040 [ 20FF3D56E9BF9C8FAE2582C5EF6355F2, D52A7B7EEF879E09AFCCB5FE46AB58BC9B8CB47AE321E28461E9EEA46D2FD011 ] SaiK1708 C:\Windows\system32\DRIVERS\SaiK1708.sys
14:18:49.0738 0x1040 SaiK1708 - ok
14:18:49.0784 0x1040 [ B08581EDF3290210D3366CD2D992F6C2, FF1BE97B8F37FF39B784CAB254F2460B7F7A84C45BAD5CDB06FE5C29CF293BE5 ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys
14:18:49.0784 0x1040 SaiMini - ok
14:18:49.0816 0x1040 [ D086C2F45D328C2F63FC6B4CD79FCB66, BF3D27D95C83D2454AE62BAFE9297E08BB58EA4C7FBFBDEE075A4FFC6085735C ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys
14:18:49.0816 0x1040 SaiNtBus - ok
14:18:49.0831 0x1040 [ 79C7A79943FDB25615C97CF84AA873BE, D29773CBAC34825EA7F8665FC644A79C6BAE9776877FC925795514B806437A83 ] SaiU1708 C:\Windows\system32\DRIVERS\SaiU1708.sys
14:18:49.0831 0x1040 SaiU1708 - ok
14:18:49.0831 0x1040 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\Windows\system32\lsass.exe
14:18:49.0847 0x1040 SamSs - ok
14:18:49.0862 0x1040 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:18:49.0862 0x1040 sbp2port - ok
14:18:49.0894 0x1040 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:18:49.0894 0x1040 SCardSvr - ok
14:18:49.0925 0x1040 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:18:49.0925 0x1040 scfilter - ok
14:18:49.0956 0x1040 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:18:49.0987 0x1040 Schedule - ok
14:18:50.0003 0x1040 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:18:50.0003 0x1040 SCPolicySvc - ok
14:18:50.0034 0x1040 [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
14:18:50.0034 0x1040 ScreamBAudioSvc - ok
14:18:50.0034 0x1040 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:18:50.0050 0x1040 SDRSVC - ok
14:18:50.0065 0x1040 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:18:50.0065 0x1040 secdrv - ok
14:18:50.0065 0x1040 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:18:50.0065 0x1040 seclogon - ok
14:18:50.0081 0x1040 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
14:18:50.0081 0x1040 SENS - ok
14:18:50.0081 0x1040 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:18:50.0081 0x1040 SensrSvc - ok
14:18:50.0096 0x1040 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:18:50.0096 0x1040 Serenum - ok
14:18:50.0128 0x1040 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:18:50.0128 0x1040 Serial - ok
14:18:50.0143 0x1040 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:18:50.0143 0x1040 sermouse - ok
14:18:50.0174 0x1040 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:18:50.0174 0x1040 SessionEnv - ok
14:18:50.0174 0x1040 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:18:50.0174 0x1040 sffdisk - ok
14:18:50.0174 0x1040 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:18:50.0174 0x1040 sffp_mmc - ok
14:18:50.0190 0x1040 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:18:50.0190 0x1040 sffp_sd - ok
14:18:50.0190 0x1040 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:18:50.0206 0x1040 sfloppy - ok
14:18:50.0237 0x1040 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
14:18:50.0252 0x1040 Sftfs - ok
14:18:50.0299 0x1040 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:18:50.0315 0x1040 sftlist - ok
14:18:50.0315 0x1040 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:18:50.0330 0x1040 Sftplay - ok
14:18:50.0330 0x1040 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:18:50.0330 0x1040 Sftredir - ok
14:18:50.0346 0x1040 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
14:18:50.0346 0x1040 Sftvol - ok
14:18:50.0346 0x1040 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:18:50.0362 0x1040 sftvsa - ok
14:18:50.0377 0x1040 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:18:50.0377 0x1040 SharedAccess - ok
14:18:50.0393 0x1040 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:18:50.0393 0x1040 ShellHWDetection - ok
14:18:50.0424 0x1040 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:18:50.0424 0x1040 SiSRaid2 - ok
14:18:50.0440 0x1040 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:18:50.0440 0x1040 SiSRaid4 - ok
14:18:50.0502 0x1040 [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:18:50.0518 0x1040 SkypeUpdate - ok
14:18:50.0533 0x1040 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:18:50.0549 0x1040 Smb - ok
14:18:50.0564 0x1040 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:18:50.0564 0x1040 SNMPTRAP - ok
14:18:50.0564 0x1040 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:18:50.0564 0x1040 spldr - ok
14:18:50.0596 0x1040 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:18:50.0596 0x1040 Spooler - ok
14:18:50.0674 0x1040 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:18:50.0720 0x1040 sppsvc - ok
14:18:50.0736 0x1040 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:18:50.0752 0x1040 sppuinotify - ok
14:18:50.0767 0x1040 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:18:50.0783 0x1040 srv - ok
14:18:50.0798 0x1040 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:18:50.0814 0x1040 srv2 - ok
14:18:50.0814 0x1040 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:18:50.0814 0x1040 srvnet - ok
14:18:50.0861 0x1040 [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
14:18:50.0861 0x1040 ssadbus - ok
14:18:50.0908 0x1040 [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
14:18:50.0908 0x1040 ssadmdfl - ok
14:18:50.0939 0x1040 [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
14:18:50.0954 0x1040 ssadmdm - ok
14:18:50.0970 0x1040 [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
14:18:50.0970 0x1040 ssadserd - ok
14:18:51.0001 0x1040 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:18:51.0001 0x1040 SSDPSRV - ok
14:18:51.0017 0x1040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:18:51.0017 0x1040 SstpSvc - ok
14:18:51.0110 0x1040 [ 03B71BCE10993C59F525DC07CB8F5C5C, 44E4D23249F58A2E1B69AD766D16CA73835F771C424CB11F9359AE057F2382CB ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:18:51.0126 0x1040 Steam Client Service - ok
14:18:51.0142 0x1040 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:18:51.0142 0x1040 stexstor - ok
14:18:51.0173 0x1040 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:18:51.0173 0x1040 stisvc - ok
14:18:51.0204 0x1040 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:18:51.0204 0x1040 storflt - ok
14:18:51.0204 0x1040 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
14:18:51.0220 0x1040 StorSvc - ok
14:18:51.0235 0x1040 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:18:51.0235 0x1040 storvsc - ok
14:18:51.0251 0x1040 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:18:51.0251 0x1040 swenum - ok
14:18:51.0266 0x1040 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:18:51.0282 0x1040 swprv - ok
14:18:51.0313 0x1040 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:18:51.0344 0x1040 SysMain - ok
14:18:51.0344 0x1040 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:18:51.0360 0x1040 TabletInputService - ok
14:18:51.0360 0x1040 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:18:51.0376 0x1040 TapiSrv - ok
14:18:51.0376 0x1040 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:18:51.0376 0x1040 TBS - ok
14:18:51.0454 0x1040 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:18:51.0469 0x1040 Tcpip - ok
14:18:51.0516 0x1040 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:18:51.0532 0x1040 TCPIP6 - ok
14:18:51.0563 0x1040 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:18:51.0563 0x1040 tcpipreg - ok
14:18:51.0578 0x1040 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:18:51.0578 0x1040 TDPIPE - ok
14:18:51.0578 0x1040 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:18:51.0578 0x1040 TDTCP - ok
14:18:51.0641 0x1040 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:18:51.0656 0x1040 tdx - ok
14:18:51.0844 0x1040 [ E98CED53B8E912D19D9F229B0D299F30, 20F71B99C03FE1B75411CEEEF8DE9843A8B9427F73B7414AFC4170225919CF22 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:18:51.0906 0x1040 TeamViewer - ok
14:18:51.0906 0x1040 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:18:51.0906 0x1040 TermDD - ok
14:18:51.0953 0x1040 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:18:51.0953 0x1040 TermService - ok
14:18:51.0968 0x1040 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:18:51.0968 0x1040 Themes - ok
14:18:51.0984 0x1040 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:18:51.0984 0x1040 THREADORDER - ok
14:18:52.0000 0x1040 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
14:18:52.0000 0x1040 TPM - ok
14:18:52.0000 0x1040 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:18:52.0015 0x1040 TrkWks - ok
14:18:52.0031 0x1040 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:18:52.0031 0x1040 TrustedInstaller - ok
14:18:52.0078 0x1040 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:18:52.0078 0x1040 tssecsrv - ok
14:18:52.0093 0x1040 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:18:52.0109 0x1040 TsUsbFlt - ok
14:18:52.0124 0x1040 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:18:52.0124 0x1040 TsUsbGD - ok
14:18:52.0140 0x1040 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:18:52.0140 0x1040 tunnel - ok
14:18:52.0156 0x1040 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:18:52.0156 0x1040 uagp35 - ok
14:18:52.0187 0x1040 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
14:18:52.0187 0x1040 UBHelper - ok
14:18:52.0202 0x1040 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:18:52.0218 0x1040 udfs - ok
14:18:52.0234 0x1040 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:18:52.0234 0x1040 UI0Detect - ok
14:18:52.0249 0x1040 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:18:52.0249 0x1040 uliagpkx - ok
14:18:52.0265 0x1040 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:18:52.0265 0x1040 umbus - ok
14:18:52.0280 0x1040 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
14:18:52.0280 0x1040 UmPass - ok
14:18:52.0296 0x1040 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:18:52.0296 0x1040 UmRdpService - ok
14:18:52.0343 0x1040 [ 2F665FCF5B0BE6733251D9A711024B37, 26DEB3931469FE3DC3A11465744AC9EF4D706E1C3C81D89EE53D5E4D3ADA6058 ] Unchecky C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe
14:18:52.0343 0x1040 Unchecky - ok
14:18:52.0405 0x1040 [ 30FF46EABCA1BB18E4F357492A8F7FC9, 486CBF02CA089684F222FA52756C5442FE3F3AA5E89D814B6E7C4F411DECC86B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:18:52.0421 0x1040 UNS - ok
14:18:52.0421 0x1040 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:18:52.0436 0x1040 upnphost - ok
14:18:52.0468 0x1040 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:18:52.0483 0x1040 usbccgp - ok
14:18:52.0514 0x1040 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:18:52.0514 0x1040 usbcir - ok
14:18:52.0530 0x1040 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:18:52.0530 0x1040 usbehci - ok
14:18:52.0561 0x1040 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:18:52.0577 0x1040 usbhub - ok
14:18:52.0592 0x1040 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:18:52.0592 0x1040 usbohci - ok
14:18:52.0608 0x1040 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:18:52.0608 0x1040 usbprint - ok
14:18:52.0670 0x1040 [ B5E6C4F280EBF0B16F74A5B415F2E0DF, 4B1F7C95F267A29FC8AE4F285E2B19200C7E3F8505B1E75797A7A9EDE4CD1EDE ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
14:18:52.0670 0x1040 USBS3S4Detection - ok
14:18:52.0702 0x1040 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:18:52.0717 0x1040 USBSTOR - ok
14:18:52.0748 0x1040 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:18:52.0748 0x1040 usbuhci - ok
14:18:52.0764 0x1040 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:18:52.0764 0x1040 UxSms - ok
14:18:52.0764 0x1040 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\Windows\system32\lsass.exe
14:18:52.0780 0x1040 VaultSvc - ok
14:18:52.0780 0x1040 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:18:52.0780 0x1040 vdrvroot - ok
14:18:52.0811 0x1040 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:18:52.0826 0x1040 vds - ok
14:18:52.0842 0x1040 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:18:52.0842 0x1040 vga - ok
14:18:52.0842 0x1040 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:18:52.0842 0x1040 VgaSave - ok
14:18:52.0858 0x1040 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:18:52.0873 0x1040 vhdmp - ok
14:18:52.0889 0x1040 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:18:52.0889 0x1040 viaide - ok
14:18:52.0920 0x1040 [ 7D2F9C1D614644AC0439195973325596, C2BE7CE2B29B60D2A2C106E1343EABC71D51A40B4EE4F2AB5EF1203CA199A4FB ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
14:18:52.0936 0x1040 VMAuthdService - ok
14:18:52.0951 0x1040 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:18:52.0951 0x1040 vmbus - ok
14:18:52.0967 0x1040 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:18:52.0967 0x1040 VMBusHID - ok
14:18:52.0998 0x1040 [ A133C6DE3D7ACCEE000F9FD4C1A716B2, B983EDF76BDC972620D5479A6A91DAE154C7DE3467826BAF5967A95868AE7F3C ] vmci C:\Windows\system32\DRIVERS\vmci.sys
14:18:52.0998 0x1040 vmci - ok
14:18:52.0998 0x1040 [ C99529DD3B18E1C9E06FC5477C724330, 8FE4E92A27C535C3379ADCDEDD1E2DCE95A51E207014671B892EA037492F6899 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
14:18:52.0998 0x1040 vmkbd - ok
14:18:53.0014 0x1040 [ B259C31378BC855AFD1B53F59311C251, 5FEDEC6EBA72652B89F57E275B25CC6333BE78FB2B74DEADDD588CE1089DCE89 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:18:53.0014 0x1040 VMnetAdapter - ok
14:18:53.0014 0x1040 [ DEC4CE720FFEDA939CF1BA315CFBD993, B06BB836B824FC682F5FD84E1D6B313A4E99089A5CED2C14CC721D172C1E3C51 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:18:53.0014 0x1040 VMnetBridge - ok
14:18:53.0029 0x1040 VMnetDHCP - ok
14:18:53.0029 0x1040 [ 1B921D53BBA17F7CB1F659DC81CBD340, 3FFD26B25877DE4611FD68EB89825C21B56EA5EB11D14B052D4A1DD71E539819 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
14:18:53.0029 0x1040 VMnetuserif - ok
14:18:53.0045 0x1040 [ AEBEE9F3290F4EF20A63EBD54B88938B, 3D5EE4F1A0C4A67F475B13E2E716505E72E105921FF4FA9620333A0641DC0DD2 ] VMparport C:\Windows\system32\drivers\VMparport.sys
14:18:53.0045 0x1040 VMparport - ok
14:18:53.0076 0x1040 [ 18903CA7936912C337C9D28858880CF2, 6A3CF68E62AAF7DC22A299ADF7037D408CEB554BC36CD72C4C37AFEA16B84915 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
14:18:53.0092 0x1040 VMUSBArbService - ok
14:18:53.0107 0x1040 VMware NAT Service - ok
14:18:53.0107 0x1040 [ D50C863B52BA3355D4B820514050417D, 61098D11C25D169FF32259FCCEA67F9CB29D75202E82596F5528A85170B99221 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
14:18:53.0107 0x1040 vmx86 - ok
14:18:53.0107 0x1040 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:18:53.0107 0x1040 volmgr - ok
14:18:53.0138 0x1040 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:18:53.0138 0x1040 volmgrx - ok
14:18:53.0154 0x1040 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:18:53.0154 0x1040 volsnap - ok
14:18:53.0170 0x1040 [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus C:\Windows\system32\drivers\vpchbus.sys
14:18:53.0170 0x1040 vpcbus - ok
14:18:53.0185 0x1040 [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
14:18:53.0185 0x1040 vpcnfltr - ok
14:18:53.0185 0x1040 [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
14:18:53.0185 0x1040 vpcusb - ok
14:18:53.0201 0x1040 [ 510D250A08C09850F5C78CA2011B3B62, 99A4FD465B721D6E262A4BB7F9476BBE154195C5666B9BDBC8BD769D51893A5C ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
14:18:53.0201 0x1040 vpcvmm - ok
14:18:53.0216 0x1040 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:18:53.0232 0x1040 vsmraid - ok
14:18:53.0279 0x1040 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:18:53.0294 0x1040 VSS - ok
14:18:53.0310 0x1040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:18:53.0310 0x1040 vwifibus - ok
14:18:53.0326 0x1040 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:18:53.0326 0x1040 W32Time - ok
14:18:53.0341 0x1040 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:18:53.0341 0x1040 WacomPen - ok
14:18:53.0357 0x1040 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:18:53.0357 0x1040 WANARP - ok
14:18:53.0372 0x1040 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:18:53.0372 0x1040 Wanarpv6 - ok
14:18:53.0419 0x1040 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:18:53.0450 0x1040 wbengine - ok
14:18:53.0466 0x1040 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:18:53.0466 0x1040 WbioSrvc - ok
14:18:53.0482 0x1040 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:18:53.0497 0x1040 wcncsvc - ok
14:18:53.0497 0x1040 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:18:53.0513 0x1040 WcsPlugInService - ok
14:18:53.0513 0x1040 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
14:18:53.0513 0x1040 Wd - ok
14:18:53.0560 0x1040 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:18:53.0560 0x1040 Wdf01000 - ok
14:18:53.0606 0x1040 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:18:53.0606 0x1040 WdiServiceHost - ok
14:18:53.0606 0x1040 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:18:53.0622 0x1040 WdiSystemHost - ok
14:18:53.0638 0x1040 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:18:53.0653 0x1040 WebClient - ok
14:18:53.0669 0x1040 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:18:53.0684 0x1040 Wecsvc - ok
14:18:53.0700 0x1040 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:18:53.0700 0x1040 wercplsupport - ok
14:18:53.0716 0x1040 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:18:53.0716 0x1040 WerSvc - ok
14:18:53.0731 0x1040 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:18:53.0731 0x1040 WfpLwf - ok
14:18:53.0747 0x1040 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:18:53.0747 0x1040 WIMMount - ok
14:18:53.0778 0x1040 WinDefend - ok
14:18:53.0778 0x1040 WinHttpAutoProxySvc - ok
14:18:53.0825 0x1040 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:18:53.0825 0x1040 Winmgmt - ok
14:18:53.0872 0x1040 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:18:53.0903 0x1040 WinRM - ok
14:18:53.0934 0x1040 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:18:53.0934 0x1040 WinUsb - ok
14:18:53.0981 0x1040 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:18:53.0981 0x1040 Wlansvc - ok
14:18:54.0028 0x1040 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:18:54.0028 0x1040 wlcrasvc - ok
14:18:54.0121 0x1040 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:18:54.0168 0x1040 wlidsvc - ok
14:18:54.0215 0x1040 [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
14:18:54.0230 0x1040 WmBEnum - ok
14:18:54.0277 0x1040 [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
14:18:54.0277 0x1040 WmFilter - ok
14:18:54.0277 0x1040 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:18:54.0293 0x1040 WmiAcpi - ok
14:18:54.0308 0x1040 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:18:54.0308 0x1040 wmiApSrv - ok
14:18:54.0324 0x1040 WMPNetworkSvc - ok
14:18:54.0340 0x1040 [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
14:18:54.0340 0x1040 WmVirHid - ok
14:18:54.0340 0x1040 [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
14:18:54.0340 0x1040 WmXlCore - ok
14:18:54.0355 0x1040 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:18:54.0355 0x1040 WPCSvc - ok
14:18:54.0371 0x1040 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:18:54.0371 0x1040 WPDBusEnum - ok
14:18:54.0386 0x1040 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:18:54.0386 0x1040 ws2ifsl - ok
14:18:54.0402 0x1040 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
14:18:54.0402 0x1040 wscsvc - ok
14:18:54.0418 0x1040 WSearch - ok
14:18:54.0527 0x1040 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
14:18:54.0558 0x1040 wuauserv - ok
14:18:54.0589 0x1040 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:18:54.0589 0x1040 WudfPf - ok
14:18:54.0620 0x1040 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:18:54.0620 0x1040 WUDFRd - ok
14:18:54.0636 0x1040 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:18:54.0652 0x1040 wudfsvc - ok
14:18:54.0683 0x1040 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:18:54.0683 0x1040 WwanSvc - ok
14:18:54.0714 0x1040 ================ Scan global ===============================
14:18:54.0730 0x1040 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:18:54.0745 0x1040 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:18:54.0761 0x1040 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:18:54.0792 0x1040 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:18:54.0823 0x1040 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:18:54.0823 0x1040 [ Global ] - ok
14:18:54.0823 0x1040 ================ Scan MBR ==================================
14:18:54.0839 0x1040 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:18:55.0010 0x1040 \Device\Harddisk0\DR0 - ok
14:18:55.0010 0x1040 ================ Scan VBR ==================================
14:18:55.0010 0x1040 [ 83F38E788692F6065A5CBA07DA6535A5 ] \Device\Harddisk0\DR0\Partition1
14:18:55.0057 0x1040 \Device\Harddisk0\DR0\Partition1 - ok
14:18:55.0057 0x1040 [ 700643673A9CE54A19D885C5AA134653 ] \Device\Harddisk0\DR0\Partition2
14:18:55.0057 0x1040 \Device\Harddisk0\DR0\Partition2 - ok
14:18:55.0073 0x1040 [ 9096A0340C50C5A699371F98783372D8 ] \Device\Harddisk0\DR0\Partition3
14:18:55.0073 0x1040 \Device\Harddisk0\DR0\Partition3 - ok
14:18:55.0073 0x1040 ================ Scan generic autorun ======================
14:18:55.0104 0x1040 [ C04F414AF62BA90E086CD14ECACCF649, 92A00BFA552D08E3102C3F18964E7BCAFABB746BD7E526892DD5065FC5623C50 ] C:\Windows\system32\igfxtray.exe
14:18:55.0104 0x1040 IgfxTray - ok
14:18:55.0135 0x1040 [ EF27E1A344B19CDAE05B4B0CC5F3835C, 23AA8A469C80FED8968689303461A8BEDDFA218BC54CD08AAC1F539E94276E66 ] C:\Windows\system32\hkcmd.exe
14:18:55.0135 0x1040 HotKeysCmds - ok
14:18:55.0151 0x1040 [ 44BB8CAC0E55DFCE67554816F48F956A, 0CF4C26C9029D44F4412366BCAF2491351BF53DAE336557AD488BCB20F5E7C21 ] C:\Windows\system32\igfxpers.exe
14:18:55.0166 0x1040 Persistence - ok
14:18:55.0432 0x1040 [ 6232279ABDF9EE6902A2BC060EB02D33, 5D3BFDF9FA114F0F68A6125AADB7ACEE45EA2B88670E2AA1732295071D3D27F3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:18:55.0572 0x1040 RTHDVCPL - ok
14:18:55.0619 0x1040 [ 6BA8D86746935498D64CB5CF6286F2EB, E47D1DEE39451428344233DB15412BCB486C4F6FE1D0426F20AA4C6245387926 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
14:18:55.0619 0x1040 USB3MON - ok
14:18:55.0650 0x1040 [ 453C1D967E88AAC141182FE65F24291C, 5E811B0CF8A2DD01D183EAD7B67D3908E29555F70CA12E034A048B6BD2BD4096 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
14:18:55.0650 0x1040 IMSS - ok
14:18:55.0697 0x1040 [ 0D360F06B168A6F37ACA9D9F958245DA, 0F37D510AE0A31503A359F65D5C04CD798B178A3A3E2601DFBAB6534B3C7C23C ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
14:18:55.0697 0x1040 BackupManagerTray - ok
14:18:55.0775 0x1040 [ 7C73B5C50CAEDB1771A049142026906B, A4992339D71A9297963C70616C4124BD701E46AEE439E09C392C2B2EBAE624E6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:18:55.0790 0x1040 StartCCC - ok
14:18:55.0837 0x1040 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:18:55.0837 0x1040 SunJavaUpdateSched - ok
14:18:55.0915 0x1040 [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
14:18:55.0915 0x1040 Avira Systray - ok
14:18:55.0946 0x1040 [ 2A8814F864884826296DEA4517C601B9, FBB67D6A3831DD250650ED8F85CE29A87095BAB8CBFE82291A12030C4301AD8E ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
14:18:55.0962 0x1040 HydraVisionDesktopManager - ok
14:18:55.0993 0x1040 Skype - ok
14:18:56.0118 0x1040 [ D1EF9D2E98BA781219DF24EC5E6AB9C7, A63C173B30BB151E5549EB740D095D7C715D53DB243F31A62E88E5756EE1E79F ] C:\Program Files (x86)\Steam\steam.exe
14:18:56.0149 0x1040 Steam - ok
14:18:56.0165 0x1040 [ 2A8814F864884826296DEA4517C601B9, FBB67D6A3831DD250650ED8F85CE29A87095BAB8CBFE82291A12030C4301AD8E ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
14:18:56.0165 0x1040 HydraVisionDesktopManager - ok
14:18:56.0180 0x1040 [ 2A8814F864884826296DEA4517C601B9, FBB67D6A3831DD250650ED8F85CE29A87095BAB8CBFE82291A12030C4301AD8E ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
14:18:56.0180 0x1040 HydraVisionDesktopManager - ok
14:18:56.0180 0x1040 Waiting for KSN requests completion. In queue: 330
14:18:57.0194 0x1040 Waiting for KSN requests completion. In queue: 330
14:18:58.0208 0x1040 Waiting for KSN requests completion. In queue: 330
14:18:59.0222 0x1040 Waiting for KSN requests completion. In queue: 330
14:19:00.0236 0x1040 Waiting for KSN requests completion. In queue: 24
14:19:01.0250 0x1040 Waiting for KSN requests completion. In queue: 24
14:19:02.0420 0x1040 Win FW state via NFP2: enabled
14:19:08.0021 0x1040 ============================================================
14:19:08.0021 0x1040 Scan finished
14:19:08.0021 0x1040 ============================================================
14:19:08.0021 0x09f4 Detected object count: 0
14:19:08.0021 0x09f4 Actual detected object count: 0
|
|
05.04.2015, 16:58
| #13 |
| /// the machine /// TB-Ausbilder | Hoch schädliche Malware infiziert PC hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.04.2015, 19:02
| #14 |
| | Hoch schädliche Malware infiziert PC Ich hatte die Cobofix logs ebenfalls schon gespostet. |
|
07.04.2015, 11:24
| #15 |
| /// the machine /// TB-Ausbilder | Hoch schädliche Malware infiziert PC ich bin doof, sorry  Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Hoch schädliche Malware infiziert PC |
| absturz, adware, entdeck, entdeckt, entfernen, erfolgreich, fehlen, firefox, guten, infiziert, internetverbindung, keine updates, konto, langsam, malware, malwarebytes, privat, programme, schadware, startet, systemstart, updates, verbindung, viren, woche, wochen |
WARNUNG an die MITLESER: 
