Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.11.2015, 18:36   #1
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Icon22

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



Hi community, Ich habe anscheinend ein Problem das sehr wenige kennen und haben
da ich bei Google nihts ähnliches gefunden hab also....
es ist mir (seit langer zeit, nur nerfts so langsamm sehr) nicht mehr möglich Rechtsklick
auf meinem desktop zu machen bzw. auf Programme Ordner etc. sobald ich das tuh
friert der Bildschirm eine Sek ein und ich krieg einen grey screen für nen augenblick , so kurz dass ich es nicht screenshotten konnte. darraufhin aktualisiert sich mein desktop und das wars. Ich kann auch nicht über das Windows 8 Menü irgendwelche programme wie cmd als Adminstrator ausführen sobald ich das tuh passiert dasselbe
mehr kann ich dazu auch nicht sagen, danke für eure Zeit und tipps !

Alt 10.11.2015, 18:39   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.11.2015, 18:47   #3
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



hier ist die FRST.TXT:
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Sonny (Administrator) auf MSI_SAMDAR (10-11-2015 18:44:58)
Gestartet von C:\Users\Sonny\Downloads
Geladene Profile: Sonny (Verfügbare Profile: Sonny)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.2\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.42\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.167\deploy\LolClient.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nuexstub.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\ppStub.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nuexstub.exe
() C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-23] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2014-04-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink)
HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [249856 2014-01-23] (SteelSeries ApS)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [4946856 2014-10-16] (Steganos Software GmbH)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [uTorrent] => C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe [1801240 2015-10-20] (BitTorrent Inc.)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [CrashService] => "C:\Users\Sonny\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [GoogleChromeAutoLaunch_DF971B6E1C7E4227FED899F7F8727B7B] => "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\MountPoints2: {f40e9899-2c5b-11e4-8272-a08869908039} - "F:\windows\Data\setup.exe" 
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => Keine Datei
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-04-27]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-06]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53289;https=127.0.0.1:53289
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{067846F7-8DB6-4D95-A851-BECD63790717}: [DhcpNameServer] 10.11.0.1
Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8B10DFEE-2A45-471C-B680-0146B9966FB7}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660324794&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660331387&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660370656&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV=
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002 -> {72A48C13-DCBC-4156-9710-EED96895E310} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation)
BHO-x32: Super Great 1.0.0.7 -> {b931a240-e32a-4f2b-97aa-8b01c8e6aa14} -> C:\Program Files (x86)\Super Great\SuperGreatbho.dll => Keine Datei
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation)
Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215
FF SelectedSearchEngine: Trovi
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2802146430-1798650074-2620433185-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sonny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\user.js [2015-10-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-10-09] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon => nicht gefunden
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV=
CHR StartupUrls: Default -> "hxxps://www.google.de/?gws_rd=ssl"
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=58&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> hxxps://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&SAT=CNTS&D=102215
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}&SSPV=
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll => Keine Datei
CHR Profile: C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-02]
CHR Extension: (Adblock Plus) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ACHTUNG
CHR Extension: (Google Wallet) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ACHTUNG
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-26] (CyberLink)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2014-04-23] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [321976 2014-10-16] (Steganos Software GmbH)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /svc [X] <==== ACHTUNG
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /medsvc [X] <==== ACHTUNG
S3 iumsvc; "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [63488 2014-04-27] (Microsoft Corporation) [Datei ist nicht signiert]
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-05-22] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-04-23] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140909.001\IDSvia64.sys [633560 2014-09-06] (Symantec Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys [20464 2013-11-12] (Windows (R) Win 7 DDK provider)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-04-23] (Realsil Semiconductor Corporation)
S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation)
S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
S3 HSPADataCardusbmdm; \SystemRoot\system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; \SystemRoot\system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; \SystemRoot\system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; \SystemRoot\System32\drivers\massfilter.sys [X]
S1 swsedrvr_vw_1_10_0_25; system32\drivers\swsedrvr_vw_1_10_0_25.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-10 18:44 - 2015-11-10 18:45 - 00033629 _____ C:\Users\Sonny\Downloads\FRST.txt
2015-11-10 18:44 - 2015-11-10 18:45 - 00000000 ____D C:\FRST
2015-11-10 18:44 - 2015-11-10 18:44 - 02198528 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe
2015-11-10 18:43 - 2015-11-10 18:43 - 01702400 _____ (Farbar) C:\Users\Sonny\Downloads\FRST.exe
2015-11-03 22:22 - 2015-11-03 22:22 - 00061440 _____ (Gary's Hood) C:\Users\Sonny\Downloads\rsclient.exe
2015-11-03 14:35 - 2015-11-03 14:35 - 00017533 _____ C:\Windows\DirectX.log
2015-11-03 13:28 - 2015-11-03 13:28 - 00000219 _____ C:\Users\Sonny\Desktop\Counter-Strike Global Offensive.url
2015-10-28 15:29 - 2015-10-28 15:29 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Tera_Awesomium
2015-10-27 16:14 - 2015-11-10 18:41 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-27 16:14 - 2015-10-27 16:14 - 00000989 _____ C:\Users\Public\Desktop\Steam.lnk
2015-10-27 16:14 - 2015-10-27 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup.exe
2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup (1).exe
2015-10-27 14:06 - 2015-10-27 14:08 - 00000000 ____D C:\Users\Sonny\Desktop\dead realMUH
2015-10-27 13:34 - 2015-10-27 13:34 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\Section Studios_ Inc_
2015-10-27 13:30 - 2015-10-27 13:31 - 734982235 _____ C:\Users\Sonny\Downloads\[www.mpc-g.com]DdRlm144.7z
2015-10-24 18:37 - 2015-10-24 18:37 - 00584288 _____ (Oracle Corporation) C:\Users\Sonny\Downloads\jxpiinstall(1).exe
2015-10-23 20:43 - 2015-10-23 20:43 - 00002080 _____ C:\Users\Sonny\Desktop\RuneScape.lnk
2015-10-23 20:43 - 2015-10-23 20:43 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-10-23 20:39 - 2015-10-23 20:42 - 24219648 _____ C:\Users\Sonny\Downloads\RuneScape (1).msi
2015-10-23 17:55 - 2015-11-10 14:01 - 00002668 _____ C:\Windows\setupact.log
2015-10-23 17:55 - 2015-10-23 17:55 - 00000000 _____ C:\Windows\setuperr.log
2015-10-23 17:22 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-10-23 17:22 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-10-22 17:51 - 2015-11-10 18:41 - 01752952 _____ C:\Windows\WindowsUpdate.log
2015-10-22 14:50 - 2015-10-22 14:50 - 00022512 _____ C:\Windows\system32\Drivers\SPPD.sys
2015-10-22 11:15 - 2015-10-22 11:15 - 00000000 ____D C:\Users\Sonny\AppData\Local\ESET
2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_.exe
2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_ (1).exe
2015-10-22 11:07 - 2015-10-22 11:07 - 00000000 ____D C:\Program Files (x86)\3ae6c0d0-b937-4081-9be9-f3f58501fc8e
2015-10-22 11:06 - 2015-10-22 14:51 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-10-21 20:42 - 2015-10-21 20:42 - 01852453 _____ C:\Users\Sonny\AppData\Local\curl.zip
2015-10-21 20:42 - 2015-10-21 20:42 - 00000002 _____ C:\Users\Sonny\AppData\Local\OczLpK.vbs
2015-10-21 20:42 - 2015-10-21 20:42 - 00000000 ____D C:\Users\Sonny\AppData\Local\{FE4CCBE7-EA6F-42D8-88A8-35B174533055}
2015-10-21 20:42 - 2015-10-21 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
2015-10-21 18:57 - 2015-11-10 14:13 - 00001008 _____ C:\Windows\Tasks\8k4zjaU.job
2015-10-21 18:57 - 2015-10-21 18:57 - 00004020 _____ C:\Windows\System32\Tasks\8k4zjaU
2015-10-21 18:56 - 2015-11-10 14:13 - 00001042 _____ C:\Windows\Tasks\yR3gyuB665QVn2tdcFm0JVBk.job
2015-10-21 18:56 - 2015-10-22 14:49 - 00000000 ____D C:\Program Files (x86)\Feed Notifier
2015-10-21 18:56 - 2015-10-21 18:57 - 00004054 _____ C:\Windows\System32\Tasks\yR3gyuB665QVn2tdcFm0JVBk
2015-10-21 18:55 - 2015-10-21 18:55 - 00000008 _____ C:\END
2015-10-21 18:06 - 2015-10-22 15:12 - 00000000 ____D C:\Users\Sonny\Downloads\Life.Is.Strange.Episode.5-CODEX
2015-10-21 18:05 - 2015-10-22 15:08 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\uTorrent
2015-10-20 19:31 - 2015-10-22 12:11 - 00002226 _____ C:\Users\Sonny\Desktop\chrome.lnk
2015-10-20 19:26 - 2015-11-10 14:46 - 00001048 _____ C:\Windows\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl.job
2015-10-20 19:26 - 2015-11-10 14:13 - 00001030 _____ C:\Windows\Tasks\3c2jDM05M6ay9rgGcf.job
2015-10-20 19:26 - 2015-10-20 19:26 - 00004058 _____ C:\Windows\System32\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl
2015-10-20 19:26 - 2015-10-20 19:26 - 00004042 _____ C:\Windows\System32\Tasks\3c2jDM05M6ay9rgGcf
2015-10-20 19:23 - 2015-10-20 19:23 - 00003910 _____ C:\Windows\System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898
2015-10-20 19:23 - 2015-10-20 19:23 - 00003188 _____ C:\Windows\System32\Tasks\crash_service
2015-10-20 19:04 - 2015-10-22 11:13 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-20 19:01 - 2015-11-10 14:35 - 00001018 _____ C:\Windows\Tasks\nAuWsaaA3Qnn.job
2015-10-20 19:01 - 2015-11-10 14:13 - 00001008 _____ C:\Windows\Tasks\ZkvbwFI.job
2015-10-20 19:01 - 2015-10-20 19:01 - 00004028 _____ C:\Windows\System32\Tasks\nAuWsaaA3Qnn
2015-10-20 19:01 - 2015-10-20 19:01 - 00004020 _____ C:\Windows\System32\Tasks\ZkvbwFI
2015-10-20 19:00 - 2015-11-10 14:13 - 00001024 _____ C:\Windows\Tasks\PciD5z2oV9Hq4LK.job
2015-10-20 19:00 - 2015-11-10 14:13 - 00001020 _____ C:\Windows\Tasks\tYyezAYRvk8jt.job
2015-10-20 19:00 - 2015-10-20 19:00 - 00004036 _____ C:\Windows\System32\Tasks\PciD5z2oV9Hq4LK
2015-10-20 19:00 - 2015-10-20 19:00 - 00004032 _____ C:\Windows\System32\Tasks\tYyezAYRvk8jt
2015-10-20 18:58 - 2015-10-22 11:56 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-20 18:58 - 2015-10-21 18:01 - 00000000 ____D C:\Program Files (x86)\3ff07109-e80a-45be-86af-4c8a97c65880
2015-10-20 18:58 - 2015-10-20 18:58 - 00000000 ____D C:\Users\Sonny\AppData\Local\globalUpdate
2015-10-20 18:57 - 2015-10-20 18:57 - 00000000 ____D C:\Users\Sonny\AppData\Local\CrashRpt
2015-10-20 18:23 - 2015-10-20 18:23 - 00003306 _____ C:\Windows\System32\Tasks\{62C4727E-EE8B-4CC4-ACF4-42684399E681}
2015-10-20 18:15 - 2015-10-22 11:30 - 00000000 ____D C:\Program Files (x86)\Fast-Search
2015-10-20 18:14 - 2015-09-06 11:15 - 00000856 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-20 18:13 - 2015-10-22 14:51 - 00000000 ____D C:\Program Files (x86)\00000000-1445361232-0000-0000-448A5B44E892
2015-10-20 18:13 - 2015-10-20 18:13 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-10-20 18:13 - 2015-10-20 18:13 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-10-16 17:04 - 2015-10-16 17:04 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Steam
2015-10-16 16:58 - 2015-10-20 19:59 - 00000000 ____D C:\Users\Sonny\Desktop\Life Is Strange
2015-10-16 14:32 - 2015-10-16 16:52 - 3571692184 ____R C:\Users\Sonny\Downloads\Life Is Strange.rar
2015-10-16 13:05 - 2015-10-18 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 10:00 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 10:00 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-14 13:33 - 2015-08-27 03:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 13:33 - 2015-08-27 03:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 13:33 - 2015-08-07 22:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 13:33 - 2015-08-07 22:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-14 13:33 - 2015-08-07 22:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-14 13:33 - 2015-08-07 15:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 13:33 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-14 13:33 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-14 13:32 - 2015-09-29 13:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 13:32 - 2015-09-29 13:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 13:32 - 2015-09-29 13:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-14 13:32 - 2015-09-29 13:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 13:32 - 2015-09-29 13:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-14 13:32 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-10-14 13:32 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-14 13:32 - 2015-08-07 22:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 13:32 - 2015-08-07 22:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 13:32 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-10-14 13:32 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-10-14 13:27 - 2015-09-10 19:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 13:27 - 2015-09-10 18:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 13:27 - 2015-09-10 18:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 13:27 - 2015-09-10 18:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 13:27 - 2015-09-10 18:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 13:27 - 2015-09-10 18:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 13:27 - 2015-09-10 18:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 13:27 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 13:27 - 2015-09-10 17:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 13:27 - 2015-09-10 17:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 13:27 - 2015-09-10 17:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 13:27 - 2015-09-10 17:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 13:27 - 2015-09-10 17:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 13:27 - 2015-09-10 17:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 13:27 - 2015-09-10 17:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 13:27 - 2015-09-10 17:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 13:27 - 2015-09-10 17:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 13:27 - 2015-09-10 17:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 13:27 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 13:27 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 13:27 - 2015-09-10 17:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 13:27 - 2015-09-10 17:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 13:27 - 2015-09-10 17:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 13:27 - 2015-09-10 16:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 13:27 - 2015-09-10 16:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 13:27 - 2015-09-10 16:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 13:27 - 2015-09-10 16:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 13:27 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-10-14 13:26 - 2015-09-29 13:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 13:26 - 2015-09-28 19:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 13:26 - 2015-09-28 19:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 13:26 - 2015-09-28 19:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 13:26 - 2015-09-28 19:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 13:26 - 2015-09-28 19:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 13:26 - 2015-09-28 19:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 13:26 - 2015-09-28 19:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 13:26 - 2015-09-28 19:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 13:26 - 2015-09-28 19:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 13:26 - 2015-09-28 19:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 13:26 - 2015-09-28 19:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 13:26 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 13:26 - 2015-09-10 17:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 13:26 - 2015-09-10 17:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-10-14 13:26 - 2015-09-10 17:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 13:26 - 2015-09-10 17:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 13:26 - 2015-09-10 17:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-10-14 13:26 - 2015-09-10 16:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 13:26 - 2015-09-10 16:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 13:26 - 2015-09-10 16:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 13:26 - 2015-09-10 16:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 13:26 - 2015-09-10 16:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 13:26 - 2015-09-10 16:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 13:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 01:48 - 2015-10-12 01:48 - 09211904 _____ C:\Users\Sonny\Downloads\PathOfExileInstaller.msi
2015-10-11 00:51 - 2015-10-11 00:51 - 00002014 _____ C:\Users\Public\Desktop\TERA Launcher.lnk
2015-10-11 00:51 - 2015-10-11 00:51 - 00000000 ____D C:\Users\Public\Games
2015-10-11 00:51 - 2015-10-11 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\En Masse Entertainment
2015-10-11 00:50 - 2015-10-11 00:50 - 27534504 _____ (En Masse Entertainment) C:\Users\Sonny\Downloads\TERA-Minimal-Setup.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-10 18:34 - 2014-07-31 20:19 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\TS3Client
2015-11-10 18:30 - 2014-11-01 16:31 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-10 17:53 - 2014-07-23 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-10 17:29 - 2014-07-23 19:25 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CBE7263C-E444-4178-9108-E09677EE42AD}
2015-11-10 17:18 - 2014-07-23 19:24 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2802146430-1798650074-2620433185-1002
2015-11-10 17:09 - 2015-06-20 15:06 - 00000410 _____ C:\Windows\Tasks\update-sys.job
2015-11-10 16:32 - 2015-06-20 15:06 - 00000410 _____ C:\Windows\Tasks\update-S-1-5-21-2802146430-1798650074-2620433185-1002.job
2015-11-10 14:13 - 2014-11-01 16:31 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-10 14:13 - 2014-07-24 10:11 - 00000000 __RDO C:\Users\Sonny\SkyDrive
2015-11-10 14:00 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-10 14:00 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-10 13:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-10 13:50 - 2014-07-23 23:29 - 00000000 ____D C:\Users\Sonny\AppData\Local\CrashDumps
2015-11-10 12:35 - 2014-12-14 15:44 - 00000000 ____D C:\Users\Sonny\AppData\Local\Battle.net
2015-11-10 12:33 - 2014-12-14 15:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-09 19:13 - 2014-12-23 12:23 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Skype
2015-11-08 01:46 - 2014-08-10 22:05 - 04537856 ___SH C:\Users\Sonny\Desktop\Thumbs.db
2015-11-07 22:28 - 2014-11-13 20:35 - 00000000 ____D C:\Users\Sonny\Downloads\Gameforge Live
2015-11-07 21:51 - 2015-06-05 21:12 - 00000074 _____ C:\Users\Sonny\Documents\ClownfishForTeamspeak.ini
2015-11-07 17:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-07 03:19 - 2014-10-13 18:31 - 00000044 _____ C:\Users\Sonny\jagex_cl_oldschool_LIVE.dat
2015-11-04 13:15 - 2014-07-25 20:46 - 00000000 ____D C:\Users\Sonny\Desktop\Slender v0.9.7
2015-11-03 13:28 - 2014-08-14 17:31 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-02 14:24 - 2015-02-22 01:08 - 00880432 _____ C:\Users\Sonny\Desktop\OSBuddy.exe
2015-10-30 19:23 - 2015-05-13 13:16 - 00000000 ___RD C:\Users\Sonny\OneDrive
2015-10-30 19:23 - 2014-11-01 21:08 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2802146430-1798650074-2620433185-1002
2015-10-30 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-10-28 23:09 - 2014-12-14 15:45 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-10-28 15:27 - 2013-11-13 20:00 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-27 14:02 - 2014-11-29 10:55 - 00000000 ____D C:\Users\Sonny\Desktop\Neuer Ordner
2015-10-27 13:17 - 2014-08-07 20:10 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\.minecraft
2015-10-27 07:13 - 2013-11-12 22:26 - 00766620 _____ C:\Windows\system32\perfh007.dat
2015-10-27 07:13 - 2013-11-12 22:26 - 00159902 _____ C:\Windows\system32\perfc007.dat
2015-10-27 07:13 - 2013-11-12 21:54 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-26 09:29 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-24 18:57 - 2014-10-30 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-24 18:40 - 2014-11-17 19:07 - 00000000 ____D C:\.jagex_cache_32
2015-10-24 18:39 - 2015-09-05 08:56 - 00000000 ____D C:\Users\Sonny\.oracle_jre_usage
2015-10-24 18:37 - 2014-10-30 16:56 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-24 18:37 - 2014-08-07 20:09 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-24 13:41 - 2014-11-17 19:07 - 00000023 _____ C:\Users\Sonny\jagexappletviewer.preferences
2015-10-24 13:40 - 2014-11-17 19:07 - 00000044 _____ C:\Users\Sonny\jagex_cl_runescape_LIVE.dat
2015-10-23 20:43 - 2014-11-17 19:06 - 00002110 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2015-10-23 20:43 - 2014-10-13 18:31 - 00000000 ____D C:\Users\Sonny\jagexcache
2015-10-22 15:19 - 2014-08-20 19:12 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\uTorrent
2015-10-22 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-22 14:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\tracing
2015-10-22 12:12 - 2014-12-22 21:20 - 00001031 _____ C:\Users\Sonny\Desktop\WinRAR.lnk
2015-10-22 12:12 - 2014-11-15 18:15 - 00000917 _____ C:\Users\Sonny\Desktop\µTorrent.lnk
2015-10-22 12:11 - 2015-06-14 00:20 - 00000961 _____ C:\Users\Sonny\Desktop\Open Broadcaster Software.lnk
2015-10-22 11:02 - 2015-07-10 00:49 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-21 18:02 - 2015-07-07 03:19 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-10-21 18:01 - 2014-07-23 19:18 - 00001464 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-21 17:49 - 2014-12-23 12:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-20 18:20 - 2014-04-27 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-10-20 18:19 - 2015-08-12 19:29 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-20 18:12 - 2015-07-07 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-10-20 18:12 - 2014-11-01 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-19 21:10 - 2014-07-31 20:18 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-10-19 19:45 - 2014-07-23 19:27 - 00000000 ____D C:\Users\Sonny\AppData\Local\Google
2015-10-18 11:26 - 2014-07-23 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-18 11:25 - 2014-12-11 21:01 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-18 11:25 - 2014-07-25 18:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-17 13:53 - 2014-07-23 20:16 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-16 17:05 - 2014-08-21 13:11 - 00000000 ____D C:\Users\Sonny\Documents\My Games
2015-10-16 05:51 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-16 05:51 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 01:09 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-15 01:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-10-14 20:24 - 2014-11-05 21:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-14 20:24 - 2014-11-05 21:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 20:21 - 2013-08-22 14:25 - 00000167 _____ C:\Windows\win.ini
2015-10-14 20:13 - 2014-07-24 10:47 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 20:07 - 2014-07-24 10:47 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-11 16:11 - 2014-07-23 20:03 - 00000000 ____D C:\Program Files (x86)\osu!
2015-10-11 11:58 - 2015-03-23 18:53 - 00007605 _____ C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg
2015-10-11 00:51 - 2015-06-01 19:27 - 00000000 ____D C:\Users\Sonny\AppData\Local\TERA

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\8k4zjaU
2014-11-01 16:19 - 2014-11-01 16:19 - 0000004 _____ () C:\Users\Sonny\AppData\Roaming\appdataFr2.bin
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK
2005-04-08 03:16 - 2015-02-28 22:03 - 0142572 ____H () C:\Users\Sonny\AppData\Roaming\Sonnylog.dat
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\ZkvbwFI
2015-10-21 20:42 - 2015-10-21 20:42 - 1852453 _____ () C:\Users\Sonny\AppData\Local\curl.zip
2015-10-21 20:42 - 2015-10-21 20:42 - 0000002 _____ () C:\Users\Sonny\AppData\Local\OczLpK.vbs
2015-03-23 18:53 - 2015-10-11 11:58 - 0007605 _____ () C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg
2015-06-20 15:06 - 2015-06-20 15:06 - 0000003 _____ () C:\Users\Sonny\AppData\Local\updater.log
2015-06-20 15:06 - 2015-10-02 11:12 - 0000424 _____ () C:\Users\Sonny\AppData\Local\UserProducts.xml
2015-10-20 19:04 - 2015-10-22 11:13 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Sonny\matrix_cl_CloudIn_LIVE.dat


Einige Dateien in TEMP:
====================
C:\Users\Sonny\AppData\Local\Temp\1da87fe019424c023a8f63d8acc8578f.dll
C:\Users\Sonny\AppData\Local\Temp\amisetup1780__15940.exe
C:\Users\Sonny\AppData\Local\Temp\cct.dll
C:\Users\Sonny\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\Sonny\AppData\Local\Temp\JavaIC.dll
C:\Users\Sonny\AppData\Local\Temp\msscct32.dll
C:\Users\Sonny\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sonny\AppData\Local\Temp\YSearchUtil.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-07 22:46

==================== Ende von FRST.txt ============================
         
--- --- ---
__________________

Alt 10.11.2015, 18:48   #4
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



und die Addition.txt:FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Sonny (2015-11-10 18:46:02)
Gestartet von C:\Users\Sonny\Downloads
Windows 8.1 (X64) (2014-07-23 18:18:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2802146430-1798650074-2620433185-500 - Administrator - Disabled)
Gast (S-1-5-21-2802146430-1798650074-2620433185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2802146430-1798650074-2620433185-1004 - Limited - Enabled)
Sonny (S-1-5-21-2802146430-1798650074-2620433185-1002 - Administrator - Enabled) => C:\Users\Sonny

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\uTorrent) (Version: 3.4.6.41268 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1402.2101 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.)
Dragon Gaming Center (x32 Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.) Hidden
ETDWare PS/2-X64 11.13.6.2_WHQL (HKLM\...\Elantech) (Version: 11.13.6.2 - ELAN Microelectronic Corp.)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1404.1101 - Micro-Star International Co., Ltd.)
MSI Remind Manager (x32 Version: 1.0.1404.1101 - Micro-Star International Co., Ltd.) Hidden
MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.)
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.4 - Steganos Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
osu! (HKLM-x32\...\{2f927354-58e9-40f3-961d-784bd4304708}) (Version: latest - ppy Pty Ltd)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outlast-Whistleblower - Version 1.0.0.1 (HKLM-x32\...\Outlast-Whistleblower_is1) (Version: 1.0.0.1 - RePack by VickNet)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7179 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - ) <==== ACHTUNG
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.417.28061 - SteelSeries)
SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
TERA (HKLM-x32\...\{A0D70C31-D5CB-4491-A508-5CF2C9F25EE0}) (Version: 1.00.0000 - En Masse Entertainment)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
The Legend of Korra (HKLM-x32\...\The Legend of Korra_is1) (Version:  - Activision)
Unity Web Player (HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
XSplit Gamecaster (HKLM-x32\...\{9C3D0D0D-3983-4C18-91EE-C6976D5AA349}) (Version: 1.5.1403.1907 - SplitMediaLabs)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

21-10-2015 17:48:12 Removed Skype Click to Call
23-10-2015 20:42:33 Installed RuneScape Launcher 1.2.7
02-11-2015 17:30:01 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-09-06 11:15 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {069D12A2-CEF1-4140-A3D0-D349EB3D8394} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0D31635B-9AF9-4152-B1CB-BBA96F4094D1} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2802146430-1798650074-2620433185-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {13C3F18E-4E5D-4062-810F-A6499B00FA47} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {13F65218-214F-4057-9797-A87AC099D4A4} - System32\Tasks\crash_service => C:\Users\Sonny\AppData\Local\BoBrowser\Application\crash_service.exe <==== ACHTUNG
Task: {18897757-D763-4018-98E4-F81AD458BCEB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {198AC17A-A1A9-477C-BC26-40D414306202} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2FB68F56-273E-4B0A-B0CE-2C9585B6E939} - \bvxvexvbg -> Keine Datei <==== ACHTUNG
Task: {38CE3023-B5C1-4405-9663-7B4B78E3361D} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {476D5D7E-6779-4E8A-B3EC-E3FD0A06D02E} - System32\Tasks\yR3gyuB665QVn2tdcFm0JVBk => C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk.exe <==== ACHTUNG
Task: {49990D9B-BE5E-4D67-BF21-53C5D3665991} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {4A50283F-5744-4C30-851D-2EFD15854EE9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {5D068147-25A1-4157-A989-BC7BDE126DE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5EC2053F-C810-4354-BBA3-DE279BAB3640} - System32\Tasks\tYyezAYRvk8jt => C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt.exe <==== ACHTUNG
Task: {655D8C8B-159C-4CA9-896F-F077CE442901} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {67B0C0F7-F912-4D4E-BF0B-722BD65C1309} - System32\Tasks\3c2jDM05M6ay9rgGcf => C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf.exe <==== ACHTUNG
Task: {682F5622-EC85-4D8E-9FB3-9DA9FF43D07D} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {759BBCE3-1A9C-4ACE-B19E-0FA7705971FD} - System32\Tasks\ZkvbwFI => C:\Users\Sonny\AppData\Roaming\ZkvbwFI.exe <==== ACHTUNG
Task: {779208B8-9886-4521-93FC-514FDB47C6FF} - System32\Tasks\MSI_Reminder => C:\Program Files (x86)\MSI\MSI Remind Manager\MSI Reminder.exe [2014-04-10] ()
Task: {8FD42807-9723-4058-8E10-948D3C40CE58} - System32\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl => C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl.exe <==== ACHTUNG
Task: {94709565-896C-4D2D-A9DA-3B2774732943} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {94DB0CE4-15DD-4477-A79B-7BA671F09F10} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\Sonny\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ACHTUNG
Task: {96988190-5ACB-4B27-8FDE-58A1B624E43B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {B267233E-BE96-40DA-9032-9B05C1279146} - \ShopperProJSUpd -> Keine Datei <==== ACHTUNG
Task: {B3B77269-D008-49F1-9EC4-2AB878784C27} - System32\Tasks\{62C4727E-EE8B-4CC4-ACF4-42684399E681} => pcalua.exe -a C:\PROGRA~1\DIFX\D29FE547208FE130\DPInst.exe -c /u C:\Windows\System32\DriverStore\FileRepository\kb9xradiobtn.inf_amd64_50504636c90ca4e3\kb9xradiobtn.inf
Task: {B4D17AEA-31EE-4FCD-9D25-75C86FFEBC6F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B8AB9484-7FCC-4F40-A7DA-CE9B5D056D72} - System32\Tasks\update-S-1-5-21-2802146430-1798650074-2620433185-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {BDE262C3-2DF7-4D42-B38A-E3DE2A1AC283} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {C18A5EC4-D9B6-49FB-9C00-95B762E7934C} - System32\Tasks\PciD5z2oV9Hq4LK => C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK.exe <==== ACHTUNG
Task: {DC24F3EE-D31D-42B7-9458-AF69BFC5BFD0} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
Task: {E0C17C92-78F0-4BD3-A0F5-E7A706927361} - \Run_Bobby_Browser -> Keine Datei <==== ACHTUNG
Task: {E7F87DA8-918B-4017-B33A-D1E8E876C1AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EB6CD99B-C94C-4E36-99D4-C0743D42C9FA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {F3B5CDBB-0FF4-4910-8B49-2B89AA45AEE9} - System32\Tasks\nAuWsaaA3Qnn => C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn.exe <==== ACHTUNG
Task: {F65F27F3-44BD-4AAE-9844-07428DB301E4} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {FBC36A7F-80F9-4317-8770-F191316477A6} - System32\Tasks\8k4zjaU => C:\Users\Sonny\AppData\Roaming\8k4zjaU.exe <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\3c2jDM05M6ay9rgGcf.job => C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf.exe <==== ACHTUNG
Task: C:\Windows\Tasks\8k4zjaU.job => C:\Users\Sonny\AppData\Roaming\8k4zjaU.exe <==== ACHTUNG
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\nAuWsaaA3Qnn.job => C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn.exe <==== ACHTUNG
Task: C:\Windows\Tasks\PciD5z2oV9Hq4LK.job => C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK.exe <==== ACHTUNG
Task: C:\Windows\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl.job => C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl.exe <==== ACHTUNG
Task: C:\Windows\Tasks\tYyezAYRvk8jt.job => C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt.exe <==== ACHTUNG
Task: C:\Windows\Tasks\update-S-1-5-21-2802146430-1798650074-2620433185-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\yR3gyuB665QVn2tdcFm0JVBk.job => C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk.exe <==== ACHTUNG
Task: C:\Windows\Tasks\ZkvbwFI.job => C:\Users\Sonny\AppData\Roaming\ZkvbwFI.exe <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-04-27 02:21 - 2015-08-25 15:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-27 02:41 - 2012-11-01 19:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-04-27 02:41 - 2012-11-01 19:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-01-23 16:15 - 2014-01-23 16:15 - 00758784 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-07-23 19:19 - 2014-07-23 19:19 - 00089915 ____N () C:\Users\Sonny\AppData\Local\Temp\fcaa5f9b-83be-462f-bb26-c1541883b2c0\CliSecureRT64.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00287744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00140288 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 06:46 - 2013-01-10 06:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 09633280 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 06:46 - 2013-01-10 06:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-01-23 16:15 - 2014-01-23 16:15 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-01-22 18:44 - 2014-01-22 18:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll
2013-05-23 17:15 - 2013-05-23 17:15 - 00025600 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\CoreAudioApi.dll
2014-01-21 15:54 - 2015-07-07 03:19 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-10-29 11:15 - 2015-10-29 11:15 - 02273784 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.2\deploy\LoLLauncher.exe
2015-10-29 11:15 - 2015-10-29 11:15 - 04046328 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.42\deploy\LoLPatcher.exe
2015-07-10 02:18 - 2015-07-10 02:18 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.167\deploy\LolClient.exe
2015-11-03 13:28 - 2015-11-03 13:28 - 00103424 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2014-04-27 02:16 - 2013-09-16 20:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-31 15:41 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-27 16:16 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-10-27 16:16 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-10-27 16:16 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-10-27 16:16 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-10-27 16:16 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-10-27 16:15 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-27 16:15 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-27 16:15 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-27 16:15 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-27 16:15 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-10-27 16:16 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-10-27 16:16 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-11-10 18:41 - 2015-11-10 18:41 - 00155232 ___HT () C:\Users\Sonny\AppData\Local\Temp\~A111.tmp
2015-09-26 16:11 - 2010-11-04 10:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2015-10-27 16:16 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-10-29 11:15 - 2015-10-29 11:15 - 01431544 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.42\deploy\RiotLauncher.dll
2015-09-30 12:06 - 2015-09-30 12:06 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.167\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-09-30 12:06 - 2015-09-30 12:06 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.167\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2015-10-27 16:15 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00198144 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00317440 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00203776 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00389120 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 06696448 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00156160 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 01174016 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 01240064 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00351744 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00607744 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00164864 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00708096 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00134656 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 01336320 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00394752 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 03192320 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 01763328 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00143360 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00230912 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00996864 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00582144 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 12490752 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 10011136 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00094208 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00084992 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2015-11-03 13:28 - 2015-11-03 13:28 - 00012800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2015-11-03 13:28 - 2015-11-03 13:28 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2015-11-03 13:28 - 2015-11-03 13:28 - 00173568 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll
2015-11-03 13:28 - 2015-11-03 13:28 - 00972800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\sony.com -> sony.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "YTDownloader"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "OKAYFREEDOM_Agent"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "ESL Wire"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DF971B6E1C7E4227FED899F7F8727B7B"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "CrashService"
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\StartupApproved\Run: => "YTDownloader"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{88534048-92B0-4434-B900-7CC55D4D607A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{46B62EA1-692C-43BF-A543-925F26966896}] => (Allow) LPort=2869
FirewallRules: [{70C1D52C-B586-4EA1-98E9-020CFC70DF45}] => (Allow) LPort=1900
FirewallRules: [{A1DAE646-7FF7-4CE4-96FC-AE7D8A2ECA6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{470241A3-6A2C-4929-BC2B-33718A834FBD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FBCC28C7-09D9-4854-A925-1D5205E3F1B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4F25C021-11DD-41CD-BF58-AF46BB13C1CD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{34A7734F-B00A-48D0-A83B-EAA1C2D616D7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F2D7538C-E394-4AFD-AFAE-C68DBDB93E7F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{97985C29-EEF1-45B4-87D4-56E4EA95F891}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{59002A38-6D55-4C7E-987A-00B84BDD163B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B0E18A3D-6288-4728-995D-F6E8D08F074F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{87F560AE-BBF6-4483-81C7-B055D2D3188C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5A4BEE09-39DF-4CE7-B48B-5FB4948D9D32}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3FF015C5-2DED-4BBD-B4B9-7374E65B41FC}C:\games\outlast\binaries\win64\olgame.exe] => (Block) C:\games\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{32FDCE01-2945-4FA9-B829-A5F4C26FB8C3}C:\games\outlast\binaries\win64\olgame.exe] => (Block) C:\games\outlast\binaries\win64\olgame.exe
FirewallRules: [{CE44421A-C0B7-4C05-819E-168E1FA921A2}] => (Allow) C:\Program Files (x86)\OkayFreedom\polipo\node.exe
FirewallRules: [{38629923-47DD-456C-ACD6-3B4059308CF0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{78C09BC1-7EB7-4379-BC57-60C084592856}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{87000D62-B90C-4395-81D3-04E12D02D7D3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D52ECCFE-BBC8-4BFB-B57A-AC84EEF9DC44}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8A134117-682E-4AE1-8C65-58B89EBB8EE9}] => (Allow) C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A2417B52-3AB6-4329-8328-0CD63104072A}] => (Allow) C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{E271826C-9A52-4467-B62D-4D1D79A5368A}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{481C6D35-9953-4F9C-9506-A87ADC4B5AB1}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{72C40304-AF31-465E-933C-54525FC97C55}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{45C32E97-086A-4574-BB0E-6D46CE69A070}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{79B5C488-2290-4CF2-82D8-6B94BE208A18}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F03A1B8D-EDC9-48F5-AD8C-DD6218928251}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{DCF0B1C2-907F-4DEE-AAC9-6686EAC3C08F}C:\users\sonny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sonny\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4317622A-0986-464D-BB4F-2E46E098C009}C:\users\sonny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sonny\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{766E52DB-5914-4B0F-B91D-40D105E9E512}C:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{6316FDDD-ACF3-474D-83CD-A15538E7C2EF}C:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{EDDDF621-6BA4-4BEF-BCD5-13B6FFA7C36F}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{A209227D-75BF-42F7-AEC3-BE955146FB98}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{02D2D6B4-A3DB-4687-A2EB-3F2336786128}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{7E17D4BE-A4CD-42A6-8645-42367116BF20}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{9D844E94-3A64-4D59-A2A4-331E5137CB68}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{1F573D5F-C61E-4618-AE60-61D5D7D78D75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{429D1BD2-5F4C-418E-A896-DB06DEAC672C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{71AE5ACB-DD33-4093-966D-360624305C77}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9B0F9E29-F072-4C49-AB5D-C699A097B550}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E7B30437-E8BC-41D2-811D-971508B49E6D}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{5CCCC094-2886-4C11-801F-CC7199863D2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{2234A9B3-0BB8-4B4E-82A7-B49C03BB9AEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{A6448B94-7EB5-429E-9C8F-B0B4B20F2C2D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{FB01BFF8-B2A3-4F3B-A42E-73F5070AEED2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{F2901F1C-2C29-4600-B339-411DC52EE8B6}C:\program files (x86)\outlast-whistleblower\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlast-whistleblower\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{8FC7271F-5F27-406D-8436-7CC1B41483A4}C:\program files (x86)\outlast-whistleblower\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlast-whistleblower\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{95E758E8-6327-46EF-9E46-A3F19F2D3C2B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3D7EAC98-4483-4264-A0EE-EAEEEC61801D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C49BD856-200E-4D97-A86A-4425203DB68E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{0E856CDC-5C8C-478B-912A-094BF92B6F92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{071EE0BB-BADD-4BCB-AA57-FCB562EE453A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{351D6BA4-B673-4259-BC3A-433660ABF473}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{FBED7AD9-EC6B-435A-A653-BD602EAFD200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{0AF7B1A1-E329-46CD-9C03-C68FF72E65D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{89AE01C2-20D6-4565-8D1D-690CF919C98E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{D9717ADF-767C-4A60-9E4C-B9FD2FA825CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{836F416F-B9AD-43E8-A566-F8B80EE8A404}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7FDF5A46-63A9-471F-BC2C-A0896EFCEB9F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{2BDEB9ED-78A1-4449-8FCD-70AE8B9DD477}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D33850E0-7BFA-45D6-8EF6-F64CA5642ECF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{F7540E8A-47DA-4A7D-A871-7CEF63D5B6C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1A8920D0-A332-4C01-BAF3-6B0A5FF2C532}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F478CE63-AC52-4F96-A4C3-2602321CABEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{7F7A721E-93D0-4AD7-9A7B-67BA481CA2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{949228D6-786F-4D4D-91FE-F79283F0D51A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{F18C6EED-E3C0-46E9-957E-EFB789BE1AD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{6144ABD9-6B89-4709-B5CD-793CAE422FC1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{0D0160A4-1961-48A9-ABB5-82210565AB77}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{835FA948-A930-46D0-B0AB-367172FF2365}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{A59DFE90-68C8-4946-B47F-06F36EDB9B80}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [TCP Query User{35FBEC9A-748D-440A-8051-D3663E187A19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{05656E42-03A7-49AE-B68D-F7DAF7AED2AC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{79C324DB-EBD1-48DD-84EF-B042A26176C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{3C98C062-C2EA-4564-AE68-095B374C24CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{4B6A00F7-F11A-4AAA-B093-067C29088579}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{5326F735-9821-4131-AE75-AB7093EDD9F3}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{CF86F525-C1E4-45AC-8293-977D62615AEA}] => (Allow) C:\Program Files\SoftEther VPN Client Manager\vpncmd_x64.exe
FirewallRules: [{34312623-6D4E-4A28-8889-946612852C49}] => (Allow) C:\Program Files\SoftEther VPN Client Manager\vpncmgr_x64.exe
FirewallRules: [TCP Query User{355A2110-0667-4EDD-89E9-01CB6F6BCD9E}C:\users\sonny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sonny\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E47CAE95-5666-4988-94AD-833DD4F13B38}C:\users\sonny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sonny\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6E3D497D-9CDD-41C6-A58B-90EB25E564B1}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{BA778C88-EA4E-4BC1-80B0-BD7A3F22B0B8}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{90415CA9-53C3-421C-9762-8B9C4AF03B60}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{18C0A487-25D3-43B5-AA33-B33FC9C5BAA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{8954B28F-0BE0-4972-B7A1-AFE6F5C3EF82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{AAB65BA1-0C73-437D-BB08-AF445BB11094}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{5C6CFA00-2238-404F-891E-8CAE12FDFBFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{1A335CE4-A404-4EDE-8A78-1B214F0BCD9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F606F0F9-B84F-4323-BB4C-C1ED38AF3C5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{52592E1B-9B26-455C-942A-5C2B52556207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D53A82D6-086F-460D-BD79-D24F0620DCCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{85D611CD-514B-4DE7-942F-230AFAD6FBDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40BD89CC-ACE0-4CA1-AF80-FA080F104BA4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ED491681-DE8D-43FB-BD07-BA83ACCB3191}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{536B782A-EBDF-4570-A1DC-A7CC9062E01E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F083E633-DD01-464E-BEEB-43B6669CFAD7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{46183588-864B-42D1-BB95-E902E127C2BF}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe
FirewallRules: [{EB7FA9B0-B4D8-4C25-A63C-4D289CB5C42B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{714AB528-1953-41F7-ABB9-9CE888E93F70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{D133B9F6-96B9-416B-87E7-FB310078BCAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alien Swarm\swarm.exe
FirewallRules: [{5C42B90F-FD2E-4BBF-93F0-22ED7FF9896A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alien Swarm\swarm.exe
FirewallRules: [{4CAD1426-71A2-4253-8CC1-57798C2B30C3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1EADE86F-961B-4781-9FFA-CADD6C0D809C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DA4EF769-AB67-4192-B73C-879F12DBBD9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{55DF36C0-013D-4B2C-B6CF-313542EBAA96}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{26CC0DB9-98A2-4F44-BC43-973F5D506FFE}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/10/2015 01:59:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI_SAMDAR)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/10/2015 01:59:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.17905, Zeitstempel: 0x557f547f
Name des fehlerhaften Moduls: MSIB934.tmp, Version: 9.0.328.0, Zeitstempel: 0x561baab5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010404
ID des fehlerhaften Prozesses: 0x12b0
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5

Error: (11/10/2015 01:50:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x1c5c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (11/10/2015 01:50:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x1de4
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (11/10/2015 01:50:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0xc78
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (11/10/2015 01:50:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0xac8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (11/10/2015 01:50:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x184
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (11/10/2015 01:49:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x1e8c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (11/10/2015 01:49:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x1cec
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (11/10/2015 01:49:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x10d8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5


Systemfehler:
=============
Error: (11/10/2015 06:46:07 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "OS_Install" wurde eine Beschädigung erkannt.

Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.

Error: (11/10/2015 02:03:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/10/2015 01:59:46 PM) (Source: DCOM) (EventID: 10010) (User: MSI_SAMDAR)
Description: Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.4

Error: (11/10/2015 11:56:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/10/2015 11:56:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (11/09/2015 07:22:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (11/09/2015 07:22:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (11/09/2015 11:31:11 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (11/09/2015 11:31:11 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (11/09/2015 11:23:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


CodeIntegrity:
===================================
  Date: 2015-11-10 14:14:56.293
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-10 14:14:56.043
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-20 20:30:34.395
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-20 20:30:32.205
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-20 20:30:32.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-20 20:30:26.948
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-20 20:25:18.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-20 20:21:40.514
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-20 20:20:07.425
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-20 20:20:07.310
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 8111.19 MB
Verfügbarer physikalischer RAM: 3627.11 MB
Summe virtueller Speicher: 9391.19 MB
Verfügbarer virtueller Speicher: 3992.76 MB

==================== Laufwerke ================================

Drive c: (OS_Install) (Fixed) (Total:586.05 GB) (Free:288.72 GB) NTFS
Drive d: (Data) (Fixed) (Total:325.59 GB) (Free:317.04 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 76D1827D)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
--- --- ---

Alt 11.11.2015, 17:01   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Setup



  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.11.2015, 00:57   #6
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



Hier der Logfile vom mbar.exe: Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2015.11.11.05
rootkit: v2015.11.04.02

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18098
Sonny :: MSI_SAMDAR [administrator]

11/11/2015 20:21:57
mbar-log-2015-11-11 (20-21-57).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 385870
Time elapsed: 33 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\END (Adware.Trace) -> Delete on reboot. [caf7eb915d2e171fd20040965aa9d12f]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Da der log vom TSSD zu lang ist teil ich ihn in 2 posts auf der eine ist die Weiterführung des nächsten logischerweise ^.^

00:46:28.0361 0x0230 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
00:46:28.0361 0x0230 UEFI system
00:46:32.0244 0x0230 ============================================================
00:46:32.0244 0x0230 Current date / time: 2015/11/12 00:46:32.0244
00:46:32.0244 0x0230 SystemInfo:
00:46:32.0244 0x0230
00:46:32.0244 0x0230 OS Version: 6.3.9600 ServicePack: 0.0
00:46:32.0244 0x0230 Product type: Workstation
00:46:32.0244 0x0230 ComputerName: MSI_SAMDAR
00:46:32.0245 0x0230 UserName: Sonny
00:46:32.0245 0x0230 Windows directory: C:\Windows
00:46:32.0245 0x0230 System windows directory: C:\Windows
00:46:32.0245 0x0230 Running under WOW64
00:46:32.0245 0x0230 Processor architecture: Intel x64
00:46:32.0245 0x0230 Number of processors: 8
00:46:32.0245 0x0230 Page size: 0x1000
00:46:32.0245 0x0230 Boot type: Normal boot
00:46:32.0245 0x0230 ============================================================
00:46:33.0940 0x0230 KLMD registered as C:\Windows\system32\drivers\56367276.sys
00:46:38.0837 0x0230 System UUID: {10732CB3-B413-A1BD-9BC5-9E369D844DC4}
00:46:39.0760 0x0230 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:46:39.0763 0x0230 ============================================================
00:46:39.0763 0x0230 \Device\Harddisk0\DR0:
00:46:39.0763 0x0230 GPT partitions:
00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {561D05A1-5BB1-45C4-9946-31D55578F5E7}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CC045C0D-9D4E-43FE-AFCD-50619B17F6AE}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {653368BC-2279-40E5-A851-686B15B0607A}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DA8B207D-F772-4BB9-9BA7-87D957D0348A}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x49418800
00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2C56B739-4CBA-4A2A-9DE1-40F62ACF2DD2}, Name: Basic data partition, StartLBA 0x4961B000, BlocksNum 0x28B2F000
00:46:39.0763 0x0230 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4EB162E9-742C-4514-AFC5-756ECB853BA2}, Name: Basic data partition, StartLBA 0x7214A000, BlocksNum 0x25BC800
00:46:39.0763 0x0230 MBR partitions:
00:46:39.0764 0x0230 ============================================================
00:46:39.0772 0x0230 C: <-> \Device\Harddisk0\DR0\Partition4
00:46:39.0805 0x0230 D: <-> \Device\Harddisk0\DR0\Partition5
00:46:39.0805 0x0230 ============================================================
00:46:39.0805 0x0230 Initialize success
00:46:39.0805 0x0230 ============================================================
00:47:18.0183 0x18cc ============================================================
00:47:18.0183 0x18cc Scan started
00:47:18.0183 0x18cc Mode: Manual; SigCheck; TDLFS;
00:47:18.0183 0x18cc ============================================================
00:47:18.0183 0x18cc KSN ping started
00:47:20.0550 0x18cc KSN ping finished: true
00:47:22.0248 0x18cc ================ Scan system memory ========================
00:47:22.0248 0x18cc System memory - ok
00:47:22.0249 0x18cc ================ Scan services =============================
00:47:22.0371 0x18cc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
00:47:22.0454 0x18cc 1394ohci - ok
00:47:22.0474 0x18cc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
00:47:22.0559 0x18cc 3ware - ok
00:47:22.0598 0x18cc [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:47:22.0654 0x18cc ACPI - ok
00:47:22.0681 0x18cc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
00:47:22.0697 0x18cc acpiex - ok
00:47:22.0701 0x18cc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
00:47:22.0748 0x18cc acpipagr - ok
00:47:22.0767 0x18cc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
00:47:22.0851 0x18cc AcpiPmi - ok
00:47:22.0855 0x18cc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
00:47:22.0886 0x18cc acpitime - ok
00:47:23.0012 0x18cc [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:47:23.0327 0x18cc AdobeFlashPlayerUpdateSvc - ok
00:47:23.0365 0x18cc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
00:47:23.0396 0x18cc ADP80XX - ok
00:47:23.0434 0x18cc [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:47:23.0556 0x18cc AeLookupSvc - ok
00:47:23.0598 0x18cc [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
00:47:23.0669 0x18cc AFD - ok
00:47:23.0699 0x18cc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:47:23.0730 0x18cc agp440 - ok
00:47:23.0762 0x18cc [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
00:47:23.0846 0x18cc ahcache - ok
00:47:23.0882 0x18cc [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
00:47:23.0945 0x18cc ALG - ok
00:47:23.0979 0x18cc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
00:47:24.0078 0x18cc AmdK8 - ok
00:47:24.0100 0x18cc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
00:47:24.0139 0x18cc AmdPPM - ok
00:47:24.0158 0x18cc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:47:24.0193 0x18cc amdsata - ok
00:47:24.0211 0x18cc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
00:47:24.0229 0x18cc amdsbs - ok
00:47:24.0235 0x18cc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:47:24.0249 0x18cc amdxata - ok
00:47:24.0281 0x18cc [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
00:47:24.0354 0x18cc AppID - ok
00:47:24.0382 0x18cc [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:47:24.0405 0x18cc AppIDSvc - ok
00:47:24.0438 0x18cc [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
00:47:24.0538 0x18cc Appinfo - ok
00:47:24.0565 0x18cc [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
00:47:24.0662 0x18cc AppReadiness - ok
00:47:24.0721 0x18cc [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
00:47:24.0859 0x18cc AppXSvc - ok
00:47:24.0889 0x18cc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:47:24.0906 0x18cc arcsas - ok
00:47:24.0910 0x18cc [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:47:25.0002 0x18cc AsyncMac - ok
00:47:25.0006 0x18cc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
00:47:25.0042 0x18cc atapi - ok
00:47:25.0069 0x18cc [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
00:47:25.0157 0x18cc AudioEndpointBuilder - ok
00:47:25.0191 0x18cc [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:47:25.0268 0x18cc Audiosrv - ok
00:47:25.0296 0x18cc [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:47:25.0416 0x18cc AxInstSV - ok
00:47:25.0457 0x18cc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
00:47:25.0493 0x18cc b06bdrv - ok
00:47:25.0513 0x18cc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
00:47:25.0589 0x18cc BasicDisplay - ok
00:47:25.0629 0x18cc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
00:47:25.0721 0x18cc BasicRender - ok
00:47:25.0750 0x18cc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
00:47:25.0792 0x18cc bcmfn2 - ok
00:47:25.0868 0x18cc [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\Windows\System32\bdesvc.dll
00:47:25.0953 0x18cc BDESVC - ok
00:47:25.0962 0x18cc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
00:47:26.0032 0x18cc Beep - ok
00:47:26.0082 0x18cc [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\Windows\System32\bfe.dll
00:47:26.0190 0x18cc BFE - ok
00:47:26.0225 0x18cc [ B1EAED166CC8942F49B3391D5C2007DD, F07648493F68D22594FEAE746BF3B2BA2262707FE21216E87500E407FEDCC2CC ] BfLwf C:\Windows\system32\DRIVERS\bwcW8x64.sys
00:47:26.0267 0x18cc BfLwf - ok
00:47:26.0399 0x18cc [ F0F1D0C0854978F9187EAA047E407EE6, C90B529F8A11F48C353450E932C85BEE3158E2E34A270A3676F4BE367DDBCAF1 ] BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys
00:47:26.0564 0x18cc BHDrvx64 - ok
00:47:26.0612 0x18cc [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
00:47:26.0680 0x18cc BITS - ok
00:47:26.0759 0x18cc [ A8E05BE650637FC1B9CA5A4AD5893D61, A13F902F64BC906473E6576745D9024D157E87F5FDE9B28B5DCAA248BDB3E7CA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
00:47:27.0123 0x18cc Bluetooth Device Monitor - ok
00:47:27.0163 0x18cc [ 889AED9D7E57139956C5B03D93386A10, A7988A977C9B6AEFB83B9D3BD60CF49D757A5436D782F840C073C4E5B89D370A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
00:47:27.0477 0x18cc Bluetooth OBEX Service - ok
00:47:27.0500 0x18cc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:47:27.0576 0x18cc bowser - ok
00:47:27.0606 0x18cc [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
00:47:27.0704 0x18cc BrokerInfrastructure - ok
00:47:27.0731 0x18cc [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
00:47:27.0823 0x18cc Browser - ok
00:47:27.0852 0x18cc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
00:47:27.0922 0x18cc BthAvrcpTg - ok
00:47:27.0950 0x18cc [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
00:47:28.0058 0x18cc BthEnum - ok
00:47:28.0077 0x18cc [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
00:47:28.0148 0x18cc BthHFEnum - ok
00:47:28.0153 0x18cc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
00:47:28.0198 0x18cc bthhfhid - ok
00:47:28.0241 0x18cc [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
00:47:28.0313 0x18cc BthHFSrv - ok
00:47:28.0353 0x18cc [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
00:47:28.0420 0x18cc BthLEEnum - ok
00:47:28.0444 0x18cc [ 8E601CA574B33308F3C95C89B75F0EED, BE2B3EB9F2E62E9DD070E7CC0BCB9F7A594E3BA5A12E53FFA502BFA210800008 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
00:47:28.0473 0x18cc BTHMODEM - detected UnsignedFile.Multi.Generic ( 1 )
00:47:30.0889 0x18cc Detect skipped due to KSN trusted
00:47:30.0889 0x18cc BTHMODEM - ok
00:47:30.0932 0x18cc [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
00:47:31.0008 0x18cc BthPan - ok
00:47:31.0060 0x18cc [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
00:47:31.0132 0x18cc BTHPORT - ok
00:47:31.0164 0x18cc [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
00:47:31.0241 0x18cc bthserv - ok
00:47:31.0336 0x18cc [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
00:47:31.0369 0x18cc BTHUSB - ok
00:47:31.0393 0x18cc [ E55812A296C23169DEDB8841A0684958, D170365CEFBEE39A0784ECDCDEA158A0CDCFEE12DF1FB638CEECD4798C1E759C ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
00:47:31.0428 0x18cc btmaux - ok
00:47:31.0474 0x18cc [ EAAE1737D2209701E203BA017F57E579, B0CA6FDE97DEBAF2FC6FDEA0BB1A0C4234A75133E64C7739B2392F85C1E69E22 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
00:47:31.0522 0x18cc btmhsf - ok
00:47:31.0546 0x18cc [ 6DD9550A2C5A94306275E0360903F7E2, 1F0C8AB0B76FE52EE461EBA6AE8B47A15AE9D3F7E119078F44292D00B9200B1C ] busenum C:\Windows\System32\drivers\SteelBus64.sys
00:47:31.0643 0x18cc busenum - ok
00:47:31.0683 0x18cc [ A5C16A0BE89EE409732178BEB62F7EA7, D4B993F63CFD9B487BD53B532AB9435084B4C752F2731E189FA1420D516A4E95 ] ccSet_NARA C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys
00:47:31.0741 0x18cc ccSet_NARA - ok
00:47:31.0811 0x18cc [ A5C16A0BE89EE409732178BEB62F7EA7, D4B993F63CFD9B487BD53B532AB9435084B4C752F2731E189FA1420D516A4E95 ] ccSet_NAT C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys
00:47:31.0829 0x18cc ccSet_NAT - ok
00:47:31.0884 0x18cc [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys
00:47:31.0928 0x18cc ccSet_NIS - ok
00:47:31.0947 0x18cc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:47:32.0013 0x18cc cdfs - ok
00:47:32.0044 0x18cc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
00:47:32.0073 0x18cc cdrom - ok
00:47:32.0142 0x18cc [ 4484FCD04FE8FDE734C34244B8D0DDE2, 20AF117DA803C1A92F02FD4F9E4A82EFE82F9E45005AF05B31B3482BA7B9BD8B ] CEDRIVER60 C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys
00:47:32.0200 0x18cc CEDRIVER60 - ok
00:47:32.0230 0x18cc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
00:47:32.0281 0x18cc CertPropSvc - ok
00:47:32.0298 0x18cc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
00:47:32.0325 0x18cc circlass - ok
00:47:32.0364 0x18cc [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
00:47:32.0386 0x18cc CLFS - ok
00:47:32.0424 0x18cc [ 0505BFD7D30036DCB39EAFC5ADF07437, 1FB8D9CCA42C1E0757FC744623A668BDA5EA8A1C74201A8BB1A3B056EB1D3DFC ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
00:47:32.0543 0x18cc CLKMSVC10_38F51D56 - ok
00:47:32.0564 0x18cc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
00:47:32.0634 0x18cc CmBatt - ok
00:47:32.0675 0x18cc [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\Windows\system32\Drivers\cng.sys
00:47:32.0705 0x18cc CNG - ok
00:47:32.0715 0x18cc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
00:47:32.0743 0x18cc CompositeBus - ok
00:47:32.0746 0x18cc COMSysApp - ok
00:47:32.0767 0x18cc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
00:47:32.0802 0x18cc condrv - ok
00:47:32.0893 0x18cc [ 61BE76F05BDC068B30FEE5B0F19212F0, 3EABFBF31E8498C8AFEA384E9A86C7063DC4E1255874A8E049D1CC99E51B2AD8 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
00:47:33.0055 0x18cc cphs - ok
00:47:33.0085 0x18cc [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:47:33.0174 0x18cc CryptSvc - ok
00:47:33.0205 0x18cc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
00:47:33.0230 0x18cc dam - ok
00:47:33.0280 0x18cc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:47:33.0344 0x18cc DcomLaunch - ok
00:47:33.0395 0x18cc [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
00:47:33.0466 0x18cc defragsvc - ok
00:47:33.0508 0x18cc [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
00:47:33.0554 0x18cc DeviceAssociationService - ok
00:47:33.0614 0x18cc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
00:47:33.0701 0x18cc DeviceInstall - ok
00:47:33.0732 0x18cc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
00:47:33.0797 0x18cc Dfsc - ok
00:47:33.0848 0x18cc [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
00:47:33.0960 0x18cc Dhcp - ok
00:47:34.0030 0x18cc [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll
00:47:34.0134 0x18cc DiagTrack - ok
00:47:34.0161 0x18cc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
00:47:34.0190 0x18cc disk - ok
00:47:34.0213 0x18cc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
00:47:34.0284 0x18cc dmvsc - ok
00:47:34.0324 0x18cc [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:47:34.0362 0x18cc Dnscache - ok
00:47:34.0393 0x18cc [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
00:47:34.0460 0x18cc dot3svc - ok
00:47:34.0503 0x18cc [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
00:47:34.0546 0x18cc DPS - ok
00:47:34.0568 0x18cc [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:47:34.0584 0x18cc drmkaud - ok
00:47:34.0627 0x18cc [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
00:47:34.0676 0x18cc DsmSvc - ok
00:47:34.0739 0x18cc [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:47:34.0797 0x18cc DXGKrnl - ok
00:47:34.0835 0x18cc [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
00:47:34.0909 0x18cc Eaphost - ok
00:47:35.0007 0x18cc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
00:47:35.0121 0x18cc ebdrv - ok
00:47:35.0196 0x18cc [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:47:35.0244 0x18cc eeCtrl - ok
00:47:35.0277 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
00:47:35.0293 0x18cc EFS - ok
00:47:35.0326 0x18cc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
00:47:35.0342 0x18cc EhStorClass - ok
00:47:35.0356 0x18cc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
00:47:35.0372 0x18cc EhStorTcgDrv - ok
00:47:35.0397 0x18cc [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:47:35.0426 0x18cc EraserUtilRebootDrv - ok
00:47:35.0447 0x18cc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
00:47:35.0480 0x18cc ErrDev - ok
00:47:35.0509 0x18cc [ 5DC4A580FB90E083CFF96BFB03EA17EB, A3E273C3A5B4190D9872F64F77455A4E7A3279CAE7E1A191F4F7FFFE9C0E6D9E ] ETD C:\Windows\system32\DRIVERS\ETD.sys
00:47:35.0561 0x18cc ETD - ok
00:47:35.0607 0x18cc [ 31F88205E21FCDCFB9DFB9DF70AB2598, 1A9523A594CF3591F8200FE15EE1DBC57157B362F185FABB95665764DE46071A ] ETDService C:\Program Files\Elantech\ETDService.exe
00:47:35.0675 0x18cc ETDService - ok
00:47:35.0735 0x18cc [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
00:47:35.0799 0x18cc EventSystem - ok
00:47:35.0836 0x18cc [ 55588867D59BADA2F62E58618CE32B03, F7FAF420103272151194A475D6C8EF4449AFCED787AA3DF7C461370D828E522F ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:47:35.0888 0x18cc EvtEng - ok
00:47:35.0913 0x18cc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
00:47:36.0000 0x18cc exfat - ok
00:47:36.0022 0x18cc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:47:36.0040 0x18cc fastfat - ok
00:47:36.0082 0x18cc [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
00:47:36.0199 0x18cc Fax - ok
00:47:36.0218 0x18cc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
00:47:36.0245 0x18cc fdc - ok
00:47:36.0279 0x18cc [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
00:47:36.0349 0x18cc fdPHost - ok
00:47:36.0377 0x18cc [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
00:47:36.0412 0x18cc FDResPub - ok
00:47:36.0448 0x18cc [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
00:47:36.0489 0x18cc fhsvc - ok
00:47:36.0520 0x18cc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:47:36.0546 0x18cc FileInfo - ok
00:47:36.0564 0x18cc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:47:36.0586 0x18cc Filetrace - ok
00:47:36.0610 0x18cc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
00:47:36.0632 0x18cc flpydisk - ok
00:47:36.0679 0x18cc [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:47:36.0713 0x18cc FltMgr - ok
00:47:36.0792 0x18cc [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\Windows\system32\FntCache.dll
00:47:36.0886 0x18cc FontCache - ok
00:47:36.0972 0x18cc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:47:37.0046 0x18cc FontCache3.0.0.0 - ok
00:47:37.0076 0x18cc [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:47:37.0106 0x18cc FsDepends - ok
00:47:37.0152 0x18cc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:47:37.0168 0x18cc Fs_Rec - ok
00:47:37.0226 0x18cc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:47:37.0254 0x18cc fvevol - ok
00:47:37.0272 0x18cc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
00:47:37.0308 0x18cc FxPPM - ok
00:47:37.0321 0x18cc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:47:37.0339 0x18cc gagp30kx - ok
00:47:37.0361 0x18cc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
00:47:37.0380 0x18cc gencounter - ok
00:47:37.0467 0x18cc [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
00:47:37.0525 0x18cc GfExperienceService - ok
00:47:37.0553 0x18cc globalUpdate - ok
00:47:37.0554 0x18cc globalUpdatem - ok
00:47:37.0573 0x18cc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
00:47:37.0590 0x18cc GPIOClx0101 - ok
00:47:37.0648 0x18cc [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
00:47:37.0709 0x18cc gpsvc - ok
00:47:37.0776 0x18cc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:47:37.0846 0x18cc gupdate - ok
00:47:37.0850 0x18cc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:47:37.0876 0x18cc gupdatem - ok
00:47:37.0909 0x18cc [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:47:37.0942 0x18cc HdAudAddService - ok
00:47:37.0966 0x18cc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
00:47:38.0051 0x18cc HDAudBus - ok
00:47:38.0064 0x18cc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
00:47:38.0078 0x18cc HidBatt - ok
00:47:38.0125 0x18cc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
00:47:38.0156 0x18cc HidBth - ok
00:47:38.0160 0x18cc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
00:47:38.0199 0x18cc hidi2c - ok
00:47:38.0221 0x18cc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
00:47:38.0247 0x18cc HidIr - ok
00:47:38.0284 0x18cc [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
00:47:38.0344 0x18cc hidserv - ok
00:47:38.0380 0x18cc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
00:47:38.0462 0x18cc HidUsb - ok
00:47:38.0500 0x18cc [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
00:47:38.0544 0x18cc hkmsvc - ok
00:47:38.0614 0x18cc [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:47:38.0728 0x18cc HomeGroupListener - ok
00:47:38.0766 0x18cc [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:47:38.0800 0x18cc HomeGroupProvider - ok
00:47:38.0828 0x18cc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:47:38.0843 0x18cc HpSAMD - ok
00:47:38.0847 0x18cc HSPADataCardusbmdm - ok
00:47:38.0849 0x18cc HSPADataCardusbnmea - ok
00:47:38.0852 0x18cc HSPADataCardusbser - ok
00:47:38.0901 0x18cc [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:47:38.0958 0x18cc HTTP - ok
00:47:38.0978 0x18cc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:47:38.0994 0x18cc hwpolicy - ok
00:47:39.0020 0x18cc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
00:47:39.0045 0x18cc hyperkbd - ok
00:47:39.0049 0x18cc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
00:47:39.0078 0x18cc HyperVideo - ok
00:47:39.0117 0x18cc [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
00:47:39.0191 0x18cc i8042prt - ok
00:47:39.0196 0x18cc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
00:47:39.0212 0x18cc iaLPSSi_GPIO - ok
00:47:39.0241 0x18cc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
00:47:39.0258 0x18cc iaLPSSi_I2C - ok
00:47:39.0282 0x18cc [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
00:47:39.0325 0x18cc iaStorA - ok
00:47:39.0357 0x18cc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
00:47:39.0389 0x18cc iaStorAV - ok
00:47:39.0434 0x18cc [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
00:47:39.0480 0x18cc IAStorDataMgrSvc - ok
00:47:39.0517 0x18cc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:47:39.0549 0x18cc iaStorV - ok
00:47:39.0580 0x18cc [ E681C3C3D2EFD03F86EAF3CAAEFF6A05, 8416CAB4CC428A8841B2865472F5FFC6AF39588D6B96113090569639752225AB ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
00:47:39.0602 0x18cc ibtusb - ok
00:47:39.0693 0x18cc [ 77AC93E28B5F4DCE317EFA695E3F59E3, 57D510CEE1B777CFB52CECBAB43B0698A53B048B7E0C622473DEA9E03E2D9BEF ] IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140909.001\IDSvia64.sys
00:47:39.0791 0x18cc IDSVia64 - ok
00:47:39.0795 0x18cc IEEtwCollectorService - ok
00:47:39.0901 0x18cc [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:47:40.0041 0x18cc igfx - ok
00:47:40.0076 0x18cc [ 9CD9723D813232FFFFFBC82BC8EDA77E, EE465ADE4BB4594305AC4D9B0856AE9C0FCA981F80EAD400354F50F555446B4D ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
00:47:40.0117 0x18cc igfxCUIService1.0.0.0 - ok
00:47:40.0173 0x18cc [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\Windows\System32\ikeext.dll
00:47:40.0227 0x18cc IKEEXT - ok
00:47:40.0258 0x18cc [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
00:47:40.0292 0x18cc intaud_WaveExtensible - ok
00:47:40.0406 0x18cc [ 689F04285EF20E98B4F338AF7523A4C2, C2D1EB41382A346607BD91CDBFAEACBC4087EC8482312CBE2E6FBCB87E1B8320 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:47:40.0552 0x18cc IntcAzAudAddService - ok
00:47:40.0585 0x18cc [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:47:40.0615 0x18cc IntcDAud - ok
00:47:40.0665 0x18cc [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
00:47:41.0411 0x18cc Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
00:47:43.0779 0x18cc Detect skipped due to KSN trusted
00:47:43.0779 0x18cc Intel(R) Capability Licensing Service Interface - ok
00:47:43.0814 0x18cc [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
00:47:45.0101 0x18cc Intel(R) Capability Licensing Service TCP IP Interface - ok
00:47:45.0139 0x18cc [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
00:47:45.0186 0x18cc Intel(R) ME Service - ok
00:47:45.0218 0x18cc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
00:47:45.0233 0x18cc intelide - ok
00:47:45.0254 0x18cc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
00:47:45.0269 0x18cc intelpep - ok
00:47:45.0296 0x18cc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
00:47:45.0320 0x18cc intelppm - ok
00:47:45.0351 0x18cc [ 44A9B60ECA9F6D760E0292E56127BCED, 1795EBC766D1F29D4F279967D7B08ADC2C673ABD7DD1BC157D2A05BCA6B65986 ] ipadtst C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys
00:47:45.0376 0x18cc ipadtst - ok
00:47:45.0380 0x18cc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:47:45.0417 0x18cc IpFilterDriver - ok
00:47:45.0469 0x18cc [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:47:45.0532 0x18cc iphlpsvc - ok
00:47:45.0562 0x18cc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
00:47:45.0634 0x18cc IPMIDRV - ok
00:47:45.0675 0x18cc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:47:45.0747 0x18cc IPNAT - ok
00:47:45.0776 0x18cc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:47:45.0798 0x18cc IRENUM - ok
00:47:45.0803 0x18cc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:47:45.0817 0x18cc isapnp - ok
00:47:45.0852 0x18cc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
00:47:45.0873 0x18cc iScsiPrt - ok
00:47:45.0906 0x18cc iumsvc - ok
00:47:45.0920 0x18cc [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
00:47:45.0934 0x18cc iwdbus - ok
00:47:45.0967 0x18cc [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
00:47:46.0004 0x18cc jhi_service - ok
00:47:46.0030 0x18cc [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
00:47:46.0045 0x18cc kbdclass - ok
00:47:46.0076 0x18cc [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
00:47:46.0108 0x18cc kbdhid - ok
00:47:46.0138 0x18cc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
00:47:46.0233 0x18cc kdnic - ok
00:47:46.0255 0x18cc [ EB62EE6D52F0D6B76256DBE71C07E26F, D92F2D9B1779DC52918CB5D9F212F62F62E40F7EBB81A865F090B071BE69DE77 ] Ke2200 C:\Windows\system32\DRIVERS\e22w8x64.sys
00:47:46.0287 0x18cc Ke2200 - ok
00:47:46.0312 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
00:47:46.0331 0x18cc KeyIso - ok
00:47:46.0367 0x18cc [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:47:46.0383 0x18cc KSecDD - ok
00:47:46.0406 0x18cc [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:47:46.0424 0x18cc KSecPkg - ok
00:47:46.0441 0x18cc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:47:46.0466 0x18cc ksthunk - ok
00:47:46.0517 0x18cc [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
00:47:46.0553 0x18cc KtmRm - ok
00:47:46.0600 0x18cc [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
00:47:46.0669 0x18cc LanmanServer - ok
00:47:46.0708 0x18cc [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:47:46.0770 0x18cc LanmanWorkstation - ok
00:47:46.0806 0x18cc [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
00:47:46.0881 0x18cc lfsvc - ok
00:47:46.0907 0x18cc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:47:46.0936 0x18cc lltdio - ok
00:47:46.0970 0x18cc [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:47:47.0003 0x18cc lltdsvc - ok
00:47:47.0015 0x18cc [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:47:47.0085 0x18cc lmhosts - ok
00:47:47.0178 0x18cc [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:47:47.0238 0x18cc LMS - ok
00:47:47.0262 0x18cc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:47:47.0278 0x18cc LSI_SAS - ok
00:47:47.0282 0x18cc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
00:47:47.0297 0x18cc LSI_SAS2 - ok
00:47:47.0303 0x18cc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
00:47:47.0317 0x18cc LSI_SAS3 - ok
00:47:47.0322 0x18cc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
00:47:47.0338 0x18cc LSI_SSS - ok
00:47:47.0385 0x18cc [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
00:47:47.0470 0x18cc LSM - ok
00:47:47.0501 0x18cc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
00:47:47.0583 0x18cc luafv - ok
00:47:47.0586 0x18cc massfilter - ok
00:47:47.0615 0x18cc [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
00:47:47.0643 0x18cc MBAMProtector - ok
00:47:47.0736 0x18cc [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
00:47:47.0955 0x18cc MBAMScheduler - ok
00:47:48.0086 0x18cc [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
00:47:48.0224 0x18cc MBAMService - ok
00:47:48.0276 0x18cc [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
00:47:48.0299 0x18cc MBAMWebAccessControl - ok
00:47:48.0319 0x18cc [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
00:47:48.0361 0x18cc MBfilt - ok
00:47:48.0461 0x18cc [ D8DBCF7C20F3D39AA0037C64118A5FC4, B29CD8F9C3AFED9C55716A331496FC98F563BBB895BF7D36A5C54DCEA37A7366 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
00:47:48.0556 0x18cc McComponentHostService - ok
00:47:48.0600 0x18cc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
00:47:48.0624 0x18cc megasas - ok
00:47:48.0710 0x18cc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
00:47:48.0755 0x18cc megasr - ok
00:47:48.0785 0x18cc [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
00:47:48.0816 0x18cc MEIx64 - ok
00:47:48.0886 0x18cc [ 71C6748EE8DE938532057EF10B4B7E44, 455175332156939B3CDA4511A2A6C213ABBFDB85EEECA98B6AB014C994F532C4 ] Micro Star SCM C:\Program Files (x86)\SCM\MSIService.exe
00:47:49.0121 0x18cc Micro Star SCM - detected UnsignedFile.Multi.Generic ( 1 )
00:47:51.0517 0x18cc Detect skipped due to KSN trusted
00:47:51.0517 0x18cc Micro Star SCM - ok
00:47:51.0560 0x18cc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
00:47:51.0655 0x18cc MMCSS - ok
00:47:51.0701 0x18cc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
00:47:51.0741 0x18cc Modem - ok
00:47:51.0760 0x18cc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
00:47:51.0908 0x18cc monitor - ok
00:47:51.0968 0x18cc [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\System32\drivers\MijXfilt.sys
00:47:52.0055 0x18cc MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
00:47:54.0488 0x18cc Detect skipped due to KSN trusted
00:47:54.0488 0x18cc MotioninJoyXFilter - ok
00:47:54.0559 0x18cc [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
00:47:54.0581 0x18cc mouclass - ok
00:47:54.0594 0x18cc [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
00:47:54.0644 0x18cc mouhid - ok
00:47:54.0682 0x18cc [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:47:54.0698 0x18cc mountmgr - ok
00:47:54.0748 0x18cc [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:47:54.0813 0x18cc MozillaMaintenance - ok
00:47:54.0842 0x18cc [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ]

Alt 12.11.2015, 00:57   #7
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:47:54.0915 0x18cc mpsdrv - ok
00:47:54.0974 0x18cc [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
00:47:55.0037 0x18cc MpsSvc - ok
00:47:55.0068 0x18cc [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:47:55.0141 0x18cc MRxDAV - ok
00:47:55.0176 0x18cc [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:47:55.0255 0x18cc mrxsmb - ok
00:47:55.0295 0x18cc [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:47:55.0380 0x18cc mrxsmb10 - ok
00:47:55.0409 0x18cc [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:47:55.0461 0x18cc mrxsmb20 - ok
00:47:55.0495 0x18cc [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
00:47:55.0528 0x18cc MsBridge - ok
00:47:55.0560 0x18cc [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
00:47:55.0583 0x18cc MSDTC - ok
00:47:55.0601 0x18cc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:47:55.0642 0x18cc Msfs - ok
00:47:55.0657 0x18cc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
00:47:55.0673 0x18cc msgpiowin32 - ok
00:47:55.0695 0x18cc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:47:55.0724 0x18cc mshidkmdf - ok
00:47:55.0736 0x18cc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
00:47:55.0764 0x18cc mshidumdf - ok
00:47:55.0787 0x18cc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:47:55.0801 0x18cc msisadrv - ok
00:47:55.0838 0x18cc [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:47:55.0870 0x18cc MSiSCSI - ok
00:47:55.0873 0x18cc msiserver - ok
00:47:55.0895 0x18cc [ B0762157B3CFF4D4782646F009EE8465, 57D48AE041E0528E5CA0F0A300CA32FF114A01750C9E3D49EFAC3EFD3E5E9AF8 ] MSI_SuperCharger C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
00:47:55.0937 0x18cc MSI_SuperCharger - ok
00:47:55.0966 0x18cc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:47:55.0989 0x18cc MSKSSRV - ok
00:47:56.0031 0x18cc [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
00:47:56.0082 0x18cc MsLldp - ok
00:47:56.0117 0x18cc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:47:56.0141 0x18cc MSPCLOCK - ok
00:47:56.0166 0x18cc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:47:56.0193 0x18cc MSPQM - ok
00:47:56.0217 0x18cc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:47:56.0245 0x18cc MsRPC - ok
00:47:56.0257 0x18cc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
00:47:56.0272 0x18cc mssmbios - ok
00:47:56.0299 0x18cc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:47:56.0325 0x18cc MSTEE - ok
00:47:56.0328 0x18cc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
00:47:56.0359 0x18cc MTConfig - ok
00:47:56.0372 0x18cc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
00:47:56.0387 0x18cc Mup - ok
00:47:56.0410 0x18cc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
00:47:56.0437 0x18cc mvumis - ok
00:47:56.0467 0x18cc [ FCDCFEDAF3C1D61DE11FA0DE9453699C, 4E79F1040E62B0DEE00F3035DBFE5241A459FE4C1A46337FF13A25FF8C5A64A5 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:47:56.0525 0x18cc MyWiFiDHCPDNS - ok
00:47:56.0569 0x18cc [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
00:47:56.0608 0x18cc napagent - ok
00:47:56.0672 0x18cc [ 8FA07AF404BC705FDEC03493644970B2, BF3B681AB11D830524607B3C5790B83A886B7CBDE397C3C7C9C96F79E2EC244D ] NAT C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
00:47:56.0733 0x18cc NAT - ok
00:47:56.0769 0x18cc [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:47:56.0852 0x18cc NativeWifiP - ok
00:47:56.0923 0x18cc [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\ENG64.SYS
00:47:56.0946 0x18cc NAVENG - ok
00:47:57.0004 0x18cc [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\EX64.SYS
00:47:57.0094 0x18cc NAVEX15 - ok
00:47:57.0126 0x18cc [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
00:47:57.0181 0x18cc NcaSvc - ok
00:47:57.0210 0x18cc [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
00:47:57.0305 0x18cc NcbService - ok
00:47:57.0334 0x18cc [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
00:47:57.0395 0x18cc NcdAutoSetup - ok
00:47:57.0444 0x18cc [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:47:57.0513 0x18cc NDIS - ok
00:47:57.0543 0x18cc [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:47:57.0573 0x18cc NdisCap - ok
00:47:57.0607 0x18cc [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
00:47:57.0642 0x18cc NdisImPlatform - ok
00:47:57.0661 0x18cc [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:47:57.0717 0x18cc NdisTapi - ok
00:47:57.0750 0x18cc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:47:57.0813 0x18cc Ndisuio - ok
00:47:57.0829 0x18cc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
00:47:57.0863 0x18cc NdisVirtualBus - ok
00:47:57.0890 0x18cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:47:57.0920 0x18cc NdisWan - ok
00:47:57.0925 0x18cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
00:47:57.0950 0x18cc NdisWanLegacy - ok
00:47:57.0978 0x18cc [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:47:58.0000 0x18cc NDProxy - ok
00:47:58.0026 0x18cc [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
00:47:58.0088 0x18cc Ndu - ok
00:47:58.0112 0x18cc [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:47:58.0142 0x18cc NetBIOS - ok
00:47:58.0166 0x18cc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:47:58.0242 0x18cc NetBT - ok
00:47:58.0262 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
00:47:58.0278 0x18cc Netlogon - ok
00:47:58.0319 0x18cc [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
00:47:58.0358 0x18cc Netman - ok
00:47:58.0402 0x18cc [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
00:47:58.0446 0x18cc netprofm - ok
00:47:58.0506 0x18cc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:47:58.0584 0x18cc NetTcpPortSharing - ok
00:47:58.0613 0x18cc [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
00:47:58.0677 0x18cc netvsc - ok
00:47:58.0787 0x18cc [ B6EDB4D2BA55CA06FF679FA4B885B1F4, 3A5E509B52216DEFBEDE2CA35C77A2AB8114E41D702765F6712DD8D24B394826 ] NETwNb64 C:\Windows\system32\DRIVERS\NETwbw02.sys
00:47:58.0919 0x18cc NETwNb64 - ok
00:47:59.0046 0x18cc [ 2393ACEBBCFF7BAFF04EB60C96914E17, DE97BEE4B8454D86B1CF8E2748CFFB3A1560CE962E1F3611E5B3542C1496A038 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
00:47:59.0099 0x18cc NIS - ok
00:47:59.0137 0x18cc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
00:47:59.0181 0x18cc NlaSvc - ok
00:47:59.0354 0x18cc [ 4CA6E1F6A83D74A86850726475DC4462, 9BF8D917141A5736E72A9F51F827D24393509896E866F43FFB079F5BF8EF3F81 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
00:47:59.0747 0x18cc NOBU - ok
00:47:59.0785 0x18cc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:47:59.0801 0x18cc Npfs - ok
00:47:59.0825 0x18cc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
00:47:59.0877 0x18cc npsvctrig - ok
00:47:59.0924 0x18cc [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
00:47:59.0997 0x18cc nsi - ok
00:48:00.0030 0x18cc [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:48:00.0061 0x18cc nsiproxy - ok
00:48:00.0173 0x18cc [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:48:00.0241 0x18cc Ntfs - ok
00:48:00.0296 0x18cc [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys
00:48:00.0319 0x18cc NTIOLib_1_0_3 - ok
00:48:00.0328 0x18cc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
00:48:00.0351 0x18cc Null - ok
00:48:00.0623 0x18cc [ DF2213CF2DD81B790B85541D138D93C7, F00AC7991770C22C89C891009CFDCA3A445279235389F67B6412DBE468D70F5F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:48:00.0973 0x18cc nvlddmkm - ok
00:48:01.0083 0x18cc [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
00:48:01.0646 0x18cc NvNetworkService - ok
00:48:01.0673 0x18cc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:48:01.0691 0x18cc nvraid - ok
00:48:01.0696 0x18cc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:48:01.0716 0x18cc nvstor - ok
00:48:01.0770 0x18cc [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
00:48:01.0798 0x18cc NvStreamKms - ok
00:48:01.0958 0x18cc [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
00:48:02.0681 0x18cc NvStreamSvc - ok
00:48:02.0736 0x18cc [ F029A2C032B4A50DEBB21312CFF76189, F47F0FC39AF6DFC8A9A3F0A486357BE76B8BD0753135B567FDB6E213D11893FD ] nvsvc C:\Windows\system32\nvvsvc.exe
00:48:02.0814 0x18cc nvsvc - ok
00:48:02.0844 0x18cc [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
00:48:02.0871 0x18cc nvvad_WaveExtensible - ok
00:48:02.0902 0x18cc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:48:02.0936 0x18cc nv_agp - ok
00:48:02.0983 0x18cc [ 9130774B6AF49DA8AC51CC69BFA4A6E8, 886A72BBBE93DADB1437D01CEDA884EE4176C085574DCFDF6291A3E20CB5CDB7 ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
00:48:03.0086 0x18cc OkayFreedom VPN Starter Service - ok
00:48:03.0135 0x18cc [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:48:03.0178 0x18cc ose64 - ok
00:48:03.0212 0x18cc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:48:03.0294 0x18cc p2pimsvc - ok
00:48:03.0333 0x18cc [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
00:48:03.0401 0x18cc p2psvc - ok
00:48:03.0419 0x18cc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
00:48:03.0441 0x18cc Parport - ok
00:48:03.0473 0x18cc [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:48:03.0489 0x18cc partmgr - ok
00:48:03.0529 0x18cc [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:48:03.0575 0x18cc PcaSvc - ok
00:48:03.0620 0x18cc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
00:48:03.0672 0x18cc pci - ok
00:48:03.0703 0x18cc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
00:48:03.0717 0x18cc pciide - ok
00:48:03.0746 0x18cc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:48:03.0775 0x18cc pcmcia - ok
00:48:03.0790 0x18cc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
00:48:03.0805 0x18cc pcw - ok
00:48:03.0829 0x18cc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
00:48:03.0846 0x18cc pdc - ok
00:48:03.0890 0x18cc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:48:03.0959 0x18cc PEAUTH - ok
00:48:04.0048 0x18cc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:48:04.0114 0x18cc PerfHost - ok
00:48:04.0183 0x18cc [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
00:48:04.0253 0x18cc pla - ok
00:48:04.0283 0x18cc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:48:04.0301 0x18cc PlugPlay - ok
00:48:04.0349 0x18cc [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:48:04.0365 0x18cc PNRPAutoReg - ok
00:48:04.0395 0x18cc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:48:04.0418 0x18cc PNRPsvc - ok
00:48:04.0452 0x18cc [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:48:04.0482 0x18cc PolicyAgent - ok
00:48:04.0517 0x18cc [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
00:48:04.0592 0x18cc Power - ok
00:48:04.0615 0x18cc [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:48:04.0661 0x18cc PptpMiniport - ok
00:48:04.0778 0x18cc [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
00:48:04.0970 0x18cc PrintNotify - ok
00:48:05.0011 0x18cc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
00:48:05.0043 0x18cc Processor - ok
00:48:05.0083 0x18cc [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
00:48:05.0164 0x18cc ProfSvc - ok
00:48:05.0199 0x18cc [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:48:05.0218 0x18cc Psched - ok
00:48:05.0280 0x18cc [ AC64125A02ACC62B064EAD6EE4920D54, 04623CD0C6DF28892C499B54964B88765BD6A1F48CFC453DA1011A169D4B82D1 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
00:48:05.0322 0x18cc Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
00:48:07.0782 0x18cc Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - warning
00:48:07.0783 0x18cc Force sending object to P2P due to detect: Qualcomm Atheros Killer Service V2
00:48:10.0269 0x18cc Object send P2P result: true
00:48:10.0867 0x1ad8 Object required for P2P: [ DF2213CF2DD81B790B85541D138D93C7 ] nvlddmkm
00:48:12.0848 0x18cc [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
00:48:12.0890 0x18cc QWAVE - ok
00:48:12.0927 0x18cc [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:48:12.0952 0x18cc QWAVEdrv - ok
00:48:12.0968 0x18cc [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:48:13.0004 0x18cc RasAcd - ok
00:48:13.0039 0x18cc [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:48:13.0066 0x18cc RasAgileVpn - ok
00:48:13.0104 0x18cc [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
00:48:13.0135 0x18cc RasAuto - ok
00:48:13.0165 0x18cc [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:48:13.0209 0x18cc Rasl2tp - ok
00:48:13.0252 0x18cc [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
00:48:13.0288 0x18cc RasMan - ok
00:48:13.0293 0x18cc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:48:13.0319 0x18cc RasPppoe - ok
00:48:13.0358 0x18cc [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:48:13.0363 0x1ad8 Object send P2P result: true
00:48:13.0385 0x18cc RasSstp - ok
00:48:13.0427 0x18cc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:48:13.0539 0x18cc rdbss - ok
00:48:13.0553 0x18cc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
00:48:13.0600 0x18cc rdpbus - ok
00:48:13.0634 0x18cc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:48:13.0698 0x18cc RDPDR - ok
00:48:13.0729 0x18cc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:48:13.0747 0x18cc RdpVideoMiniport - ok
00:48:13.0785 0x18cc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:48:13.0826 0x18cc rdyboost - ok
00:48:13.0903 0x18cc [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
00:48:13.0938 0x18cc ReFS - ok
00:48:13.0971 0x18cc [ 5B1F724CBCA8E08DC9D4C158C9BC1C1C, D5B170CF4B5420213130E151AFBBD9B84C5F7E710F5F67066E07095DEC1BD4B9 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:48:14.0000 0x18cc RegSrvc - ok
00:48:14.0033 0x18cc [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:48:14.0073 0x18cc RemoteAccess - ok
00:48:14.0120 0x18cc [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:48:14.0187 0x18cc RemoteRegistry - ok
00:48:14.0226 0x18cc [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
00:48:14.0273 0x18cc RFCOMM - ok
00:48:14.0302 0x18cc [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:48:14.0334 0x18cc RpcEptMapper - ok
00:48:14.0366 0x18cc [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
00:48:14.0395 0x18cc RpcLocator - ok
00:48:14.0451 0x18cc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
00:48:14.0482 0x18cc RpcSs - ok
00:48:14.0502 0x18cc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:48:14.0540 0x18cc rspndr - ok
00:48:14.0575 0x18cc [ D82269634BA995825E5D9166B35F8184, D81B6BE3BA0C1CCB1B89974BE24E02536DF63091871D55F5EF34C689EBEB7D7E ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
00:48:14.0598 0x18cc RTSPER - ok
00:48:14.0617 0x18cc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
00:48:14.0643 0x18cc s3cap - ok
00:48:14.0679 0x18cc [ 6A75424A0D365CF924DF4887BE18A908, C04B1CBE3AA2799984BA9460BF0891457E5811B58230847F151B4265662F4E94 ] SAlphamBth C:\Windows\System32\drivers\SAlphabt64.sys
00:48:14.0709 0x18cc SAlphamBth - ok
00:48:14.0720 0x18cc [ BA61AC30012136452897855B9C623278, FD6338716DF5057C2DAD941932679DD0CB5EF7BA864BE3370B2D2CB5BC53D734 ] SAlphamHid C:\Windows\System32\drivers\SAlpham64.sys
00:48:14.0761 0x18cc SAlphamHid - ok
00:48:14.0777 0x18cc [ 666B8FAA62B38B31BFDCE056ADB07EF3, 3E06EC40922FE3D0F8D74AADD50BB4311BE53CA9B33C92B7DA1D3EF2FB2C80F9 ] SAlphaPS2 C:\Windows\System32\drivers\SAlphaPS264.sys
00:48:14.0818 0x18cc SAlphaPS2 - ok
00:48:14.0848 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
00:48:14.0863 0x18cc SamSs - ok
00:48:14.0893 0x18cc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:48:14.0912 0x18cc sbp2port - ok
00:48:14.0946 0x18cc [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:48:14.0979 0x18cc SCardSvr - ok
00:48:15.0006 0x18cc [ A5C91E4A9B97665E5A10317C1625AFF9, 2B0B5F658AE259DF971112EA1A0266748E6092D08A49F48CE2872CB049B572D8 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
00:48:15.0064 0x18cc SCDEmu - ok
00:48:15.0096 0x18cc [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
00:48:15.0116 0x18cc ScDeviceEnum - ok
00:48:15.0147 0x18cc [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:48:15.0175 0x18cc scfilter - ok
00:48:15.0232 0x18cc [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
00:48:15.0332 0x18cc Schedule - ok
00:48:15.0358 0x18cc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:48:15.0379 0x18cc SCPolicySvc - ok
00:48:15.0420 0x18cc [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
00:48:15.0466 0x18cc sdbus - ok
00:48:15.0490 0x18cc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
00:48:15.0516 0x18cc sdstor - ok
00:48:15.0538 0x18cc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:48:15.0586 0x18cc secdrv - ok
00:48:15.0618 0x18cc [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
00:48:15.0645 0x18cc seclogon - ok
00:48:15.0686 0x18cc [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
00:48:15.0704 0x18cc SENS - ok
00:48:15.0750 0x18cc [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:48:15.0816 0x18cc SensrSvc - ok
00:48:15.0845 0x18cc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
00:48:15.0860 0x18cc SerCx - ok
00:48:15.0865 0x18cc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
00:48:15.0884 0x18cc SerCx2 - ok
00:48:15.0888 0x18cc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
00:48:15.0920 0x18cc Serenum - ok
00:48:15.0947 0x18cc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
00:48:16.0000 0x18cc Serial - ok
00:48:16.0025 0x18cc [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
00:48:16.0057 0x18cc sermouse - ok
00:48:16.0094 0x18cc [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
00:48:16.0166 0x18cc SessionEnv - ok
00:48:16.0170 0x18cc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
00:48:16.0199 0x18cc sfloppy - ok
00:48:16.0257 0x18cc [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:48:16.0297 0x18cc SharedAccess - ok
00:48:16.0334 0x18cc [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:48:16.0420 0x18cc ShellHWDetection - ok
00:48:16.0438 0x18cc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
00:48:16.0452 0x18cc SiSRaid2 - ok
00:48:16.0484 0x18cc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:48:16.0502 0x18cc SiSRaid4 - ok
00:48:16.0555 0x18cc [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:48:16.0621 0x18cc SkypeUpdate - ok
00:48:16.0642 0x18cc [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
00:48:16.0658 0x18cc smphost - ok
00:48:16.0688 0x18cc [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:48:16.0712 0x18cc SNMPTRAP - ok
00:48:16.0761 0x18cc [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
00:48:16.0788 0x18cc spaceport - ok
00:48:16.0800 0x18cc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
00:48:16.0815 0x18cc SpbCx - ok
00:48:16.0863 0x18cc [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
00:48:16.0931 0x18cc Spooler - ok
00:48:17.0075 0x18cc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
00:48:17.0256 0x18cc sppsvc - ok
00:48:17.0321 0x18cc [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS
00:48:17.0372 0x18cc SRTSP - ok
00:48:17.0382 0x18cc [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS
00:48:17.0408 0x18cc SRTSPX - ok
00:48:17.0443 0x18cc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:48:17.0530 0x18cc srv - ok
00:48:17.0573 0x18cc [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:48:17.0626 0x18cc srv2 - ok
00:48:17.0845 0x18cc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:48:18.0193 0x18cc srvnet - ok
00:48:18.0357 0x18cc [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:48:18.0723 0x18cc SSDPSRV - ok
00:48:18.0756 0x18cc [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:48:18.0802 0x18cc SstpSvc - ok
00:48:18.0905 0x18cc [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:48:19.0174 0x18cc Steam Client Service - ok
00:48:19.0205 0x18cc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
00:48:19.0220 0x18cc stexstor - ok
00:48:19.0272 0x18cc [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
00:48:19.0343 0x18cc stisvc - ok
00:48:19.0348 0x18cc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
00:48:19.0366 0x18cc storahci - ok
00:48:19.0404 0x18cc [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:48:19.0436 0x18cc storflt - ok
00:48:19.0442 0x18cc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
00:48:19.0456 0x18cc stornvme - ok
00:48:19.0488 0x18cc [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
00:48:19.0544 0x18cc StorSvc - ok
00:48:19.0549 0x18cc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:48:19.0565 0x18cc storvsc - ok
00:48:19.0617 0x18cc [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
00:48:19.0665 0x18cc svsvc - ok
00:48:19.0691 0x18cc [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
00:48:19.0706 0x18cc swenum - ok
00:48:19.0750 0x18cc [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
00:48:19.0790 0x18cc swprv - ok
00:48:19.0794 0x18cc swsedrvr_vw_1_10_0_25 - ok
00:48:19.0824 0x18cc [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS
00:48:19.0848 0x18cc SymDS - ok
00:48:19.0891 0x18cc [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS
00:48:19.0965 0x18cc SymEFA - ok
00:48:19.0985 0x18cc [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys
00:48:20.0011 0x18cc SymELAM - ok
00:48:20.0035 0x18cc [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
00:48:20.0057 0x18cc SymEvent - ok
00:48:20.0097 0x18cc [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS
00:48:20.0132 0x18cc SymIRON - ok
00:48:20.0156 0x18cc [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS
00:48:20.0206 0x18cc SymNetS - ok
00:48:20.0265 0x18cc [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
00:48:20.0380 0x18cc SysMain - ok
00:48:20.0420 0x18cc [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
00:48:20.0461 0x18cc SystemEventsBroker - ok
00:48:20.0501 0x18cc [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:48:20.0566 0x18cc TabletInputService - ok
00:48:20.0596 0x18cc [ F0B9D3ED88E56D3CD713DFF21E42AAF0, D914422032A6EC6B161F20CD040B631F8AF18D4B942F6CBE7E32069EBF551B6A ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
00:48:20.0628 0x18cc tap0901 - ok
00:48:20.0668 0x18cc [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
00:48:20.0734 0x18cc TapiSrv - ok
00:48:20.0815 0x18cc [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:48:20.0889 0x18cc Tcpip - ok
00:48:20.0939 0x18cc [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:48:21.0006 0x18cc TCPIP6 - ok
00:48:21.0036 0x18cc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:48:21.0091 0x18cc tcpipreg - ok
00:48:21.0117 0x18cc [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:48:21.0152 0x18cc tdx - ok
00:48:21.0308 0x18cc [ A903E5C565A2677F3960E4AAB7B42280, 6D819D4F464005FBAECAAB719EB2D6539E8A48851C09A1AA8E9D48CDFDA9FEE1 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
00:48:21.0657 0x18cc TeamViewer - ok
00:48:21.0697 0x18cc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
00:48:21.0712 0x18cc terminpt - ok
00:48:21.0765 0x18cc [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
00:48:21.0813 0x18cc TermService - ok
00:48:21.0843 0x18cc [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
00:48:21.0875 0x18cc Themes - ok
00:48:21.0905 0x18cc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
00:48:21.0923 0x18cc THREADORDER - ok
00:48:21.0959 0x18cc [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
00:48:22.0025 0x18cc TimeBroker - ok
00:48:22.0054 0x18cc [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
00:48:22.0075 0x18cc TPM - ok
00:48:22.0113 0x18cc [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
00:48:22.0143 0x18cc TrkWks - ok
00:48:22.0185 0x18cc [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:48:22.0227 0x18cc TrustedInstaller - ok
00:48:22.0265 0x18cc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:48:22.0321 0x18cc TsUsbFlt - ok
00:48:22.0358 0x18cc [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
00:48:22.0444 0x18cc TsUsbGD - ok
00:48:22.0466 0x18cc [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:48:22.0527 0x18cc tunnel - ok
00:48:22.0534 0x18cc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:48:22.0549 0x18cc uagp35 - ok
00:48:22.0561 0x18cc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
00:48:22.0580 0x18cc UASPStor - ok
00:48:22.0615 0x18cc [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
00:48:22.0636 0x18cc UCX01000 - ok
00:48:22.0677 0x18cc [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:48:22.0747 0x18cc udfs - ok
00:48:22.0756 0x18cc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
00:48:22.0770 0x18cc UEFI - ok
00:48:22.0795 0x18cc [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:48:22.0834 0x18cc UI0Detect - ok
00:48:22.0873 0x18cc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:48:22.0899 0x18cc uliagpkx - ok
00:48:22.0919 0x18cc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
00:48:22.0940 0x18cc umbus - ok
00:48:22.0944 0x18cc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
00:48:22.0974 0x18cc UmPass - ok
00:48:23.0011 0x18cc [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
00:48:23.0087 0x18cc UmRdpService - ok
00:48:23.0162 0x18cc [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
00:48:23.0233 0x18cc upnphost - ok
00:48:23.0265 0x18cc [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
00:48:23.0307 0x18cc USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
00:48:25.0688 0x18cc Detect skipped due to KSN trusted
00:48:25.0688 0x18cc USBAAPL64 - ok
00:48:25.0739 0x18cc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
00:48:25.0757 0x18cc usbccgp - ok
00:48:25.0791 0x18cc [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
00:48:25.0826 0x18cc usbcir - ok
00:48:25.0850 0x18cc [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
00:48:25.0866 0x18cc usbehci - ok
00:48:25.0893 0x18cc [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
00:48:25.0920 0x18cc usbhub - ok
00:48:25.0990 0x18cc [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
00:48:26.0025 0x18cc USBHUB3 - ok
00:48:26.0052 0x18cc [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
00:48:26.0170 0x18cc usbohci - ok
00:48:26.0174 0x18cc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
00:48:26.0235 0x18cc usbprint - ok
00:48:26.0262 0x18cc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
00:48:26.0279 0x18cc USBSTOR - ok
00:48:26.0290 0x18cc [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
00:48:26.0326 0x18cc usbuhci - ok
00:48:26.0365 0x18cc [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:48:26.0413 0x18cc usbvideo - ok
00:48:26.0460 0x18cc [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
00:48:26.0500 0x18cc USBXHCI - ok
00:48:26.0523 0x18cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
00:48:26.0539 0x18cc VaultSvc - ok
00:48:26.0574 0x18cc [ 87D4E923785CDFA655B53A78DD99BD2B, CCE460ED6C1292284B22B675CEDBB86CC3D329B15B1B9F77EA80AC7EDB774B65 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
00:48:26.0604 0x18cc VBoxNetAdp - ok
00:48:26.0607 0x18cc VBoxNetFlt - ok
00:48:26.0639 0x18cc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:48:26.0654 0x18cc vdrvroot - ok
00:48:26.0710 0x18cc [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
00:48:26.0870 0x18cc vds - ok
00:48:26.0899 0x18cc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
00:48:26.0922 0x18cc VerifierExt - ok
00:48:27.0010 0x18cc [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
00:48:27.0039 0x18cc vhdmp - ok
00:48:27.0057 0x18cc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
00:48:27.0070 0x18cc viaide - ok
00:48:27.0105 0x18cc [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:48:27.0138 0x18cc vmbus - ok
00:48:27.0152 0x18cc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
00:48:27.0170 0x18cc VMBusHID - ok
00:48:27.0234 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
00:48:27.0304 0x18cc vmicguestinterface - ok
00:48:27.0315 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
00:48:27.0343 0x18cc vmicheartbeat - ok
00:48:27.0353 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
00:48:27.0383 0x18cc vmickvpexchange - ok
00:48:27.0394 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
00:48:27.0424 0x18cc vmicrdv - ok
00:48:27.0434 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
00:48:27.0462 0x18cc vmicshutdown - ok
00:48:27.0474 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
00:48:27.0506 0x18cc vmictimesync - ok
00:48:27.0517 0x18cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
00:48:27.0544 0x18cc vmicvss - ok
00:48:27.0558 0x18cc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:48:27.0574 0x18cc volmgr - ok
00:48:27.0591 0x18cc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:48:27.0641 0x18cc volmgrx - ok
00:48:27.0666 0x18cc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:48:27.0688 0x18cc volsnap - ok
00:48:27.0719 0x18cc [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
00:48:27.0739 0x18cc vpci - ok
00:48:27.0759 0x18cc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:48:27.0777 0x18cc vsmraid - ok
00:48:27.0837 0x18cc [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe
00:48:27.0905 0x18cc VSS - ok
00:48:27.0923 0x18cc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
00:48:27.0943 0x18cc VSTXRAID - ok
00:48:27.0977 0x18cc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:48:28.0041 0x18cc vwifibus - ok
00:48:28.0064 0x18cc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:48:28.0089 0x18cc vwififlt - ok
00:48:28.0114 0x18cc [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:48:28.0138 0x18cc vwifimp - ok
00:48:28.0203 0x18cc [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
00:48:28.0288 0x18cc W32Time - ok
00:48:28.0314 0x18cc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
00:48:28.0337 0x18cc WacomPen - ok
00:48:28.0366 0x18cc [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:48:28.0395 0x18cc WANARP - ok
00:48:28.0399 0x18cc [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:48:28.0415 0x18cc Wanarpv6 - ok
00:48:28.0476 0x18cc [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
00:48:28.0562 0x18cc wbengine - ok
00:48:28.0601 0x18cc [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:48:28.0649 0x18cc WbioSrvc - ok
00:48:28.0668 0x18cc [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
00:48:28.0702 0x18cc Wcmsvc - ok
00:48:28.0743 0x18cc [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:48:28.0772 0x18cc wcncsvc - ok
00:48:28.0798 0x18cc [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:48:28.0852 0x18cc WcsPlugInService - ok
00:48:28.0888 0x18cc [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
00:48:28.0921 0x18cc WdBoot - ok
00:48:28.0957 0x18cc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:48:29.0016 0x18cc Wdf01000 - ok
00:48:29.0038 0x18cc [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
00:48:29.0058 0x18cc WdFilter - ok
00:48:29.0086 0x18cc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:48:29.0113 0x18cc WdiServiceHost - ok
00:48:29.0116 0x18cc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:48:29.0134 0x18cc WdiSystemHost - ok
00:48:29.0164 0x18cc [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
00:48:29.0181 0x18cc WdNisDrv - ok
00:48:29.0213 0x18cc WdNisSvc - ok
00:48:29.0252 0x18cc [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll
00:48:29.0317 0x18cc WebClient - ok
00:48:29.0361 0x18cc [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:48:29.0384 0x18cc Wecsvc - ok
00:48:29.0414 0x18cc [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
00:48:29.0438 0x18cc WEPHOSTSVC - ok
00:48:29.0477 0x18cc [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:48:29.0533 0x18cc wercplsupport - ok
00:48:29.0570 0x18cc [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
00:48:29.0596 0x18cc WerSvc - ok
00:48:29.0622 0x18cc [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
00:48:29.0639 0x18cc WFPLWFS - ok
00:48:29.0673 0x18cc [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
00:48:29.0690 0x18cc WiaRpc - ok
00:48:29.0710 0x18cc [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:48:29.0724 0x18cc WIMMount - ok
00:48:29.0725 0x18cc WinDefend - ok
00:48:29.0769 0x18cc [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
00:48:29.0815 0x18cc WinHttpAutoProxySvc - ok
00:48:29.0867 0x18cc [ E815503BDE35026051EB701ACA72B296, 5541FBDA961B403F88BAF720840AB8DF2C96A382CDF97132A5C6A05A5F105E70 ] WINIO C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys
00:48:29.0904 0x18cc WINIO - ok
00:48:30.0005 0x18cc [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:48:30.0081 0x18cc Winmgmt - ok
00:48:30.0173 0x18cc [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
00:48:30.0243 0x18cc WinRM - ok
00:48:30.0275 0x18cc [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
00:48:30.0302 0x18cc WinUsb - ok
00:48:30.0343 0x18cc [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
00:48:30.0417 0x18cc WlanSvc - ok
00:48:30.0475 0x18cc [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
00:48:30.0554 0x18cc wlidsvc - ok
00:48:30.0574 0x18cc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
00:48:30.0596 0x18cc WmiAcpi - ok
00:48:30.0628 0x18cc [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:48:30.0684 0x18cc wmiApSrv - ok
00:48:30.0710 0x18cc WMPNetworkSvc - ok
00:48:30.0741 0x18cc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
00:48:30.0759 0x18cc Wof - ok
00:48:30.0821 0x18cc [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
00:48:30.0900 0x18cc workfolderssvc - ok
00:48:30.0940 0x18cc [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
00:48:30.0971 0x18cc wpcfltr - ok
00:48:30.0990 0x18cc [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:48:31.0031 0x18cc WPCSvc - ok
00:48:31.0071 0x18cc [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:48:31.0103 0x18cc WPDBusEnum - ok
00:48:31.0141 0x18cc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
00:48:31.0155 0x18cc WpdUpFltr - ok
00:48:31.0164 0x18cc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:48:31.0190 0x18cc ws2ifsl - ok
00:48:31.0224 0x18cc [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
00:48:31.0273 0x18cc wscsvc - ok
00:48:31.0276 0x18cc WSearch - ok
00:48:31.0378 0x18cc [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
00:48:31.0480 0x18cc WSService - ok
00:48:31.0591 0x18cc [ 4BD3138EF061E24F9FDC722B49274B40, F9339F6AA8822E5E1334E41BE4140F9E8E5B24D1CD85B4C746D714AFDD485B49 ] wuauserv C:\Windows\system32\wuaueng.dll
00:48:31.0701 0x18cc wuauserv - ok
00:48:31.0742 0x18cc [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:48:31.0814 0x18cc WudfPf - ok
00:48:31.0825 0x18cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
00:48:31.0861 0x18cc WUDFRd - ok
00:48:31.0867 0x18cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\Windows\System32\drivers\WUDFRd.sys
00:48:31.0884 0x18cc WUDFSensorLP - ok
00:48:31.0908 0x18cc [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:48:31.0942 0x18cc wudfsvc - ok
00:48:31.0949 0x18cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
00:48:31.0968 0x18cc WUDFWpdFs - ok
00:48:31.0973 0x18cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
00:48:31.0991 0x18cc WUDFWpdMtp - ok
00:48:32.0028 0x18cc [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:48:32.0066 0x18cc WwanSvc - ok
00:48:32.0068 0x18cc xhunter1 - ok
00:48:32.0105 0x18cc [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\System32\drivers\xusb21.sys
00:48:32.0119 0x18cc xusb21 - ok
00:48:32.0241 0x18cc [ C4C5C3198C3261BEC89E6C3631047BAF, 78E5604B4B2A184B328C0669781DF11A35AFC04E7375CAB4DB9A48D74929137D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
00:48:32.0328 0x18cc ZeroConfigService - ok
00:48:32.0343 0x18cc ================ Scan global ===============================
00:48:32.0381 0x18cc [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
00:48:32.0413 0x18cc [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
00:48:32.0452 0x18cc [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
00:48:32.0484 0x18cc [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
00:48:32.0490 0x18cc [ Global ] - ok
00:48:32.0490 0x18cc ================ Scan MBR ==================================
00:48:32.0503 0x18cc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
00:48:32.0565 0x18cc \Device\Harddisk0\DR0 - ok
00:48:32.0566 0x18cc ================ Scan VBR ==================================
00:48:32.0567 0x18cc [ CF0FAC2514279D8B715B6C1A56296FCF ] \Device\Harddisk0\DR0\Partition1
00:48:32.0604 0x18cc \Device\Harddisk0\DR0\Partition1 - ok
00:48:32.0616 0x18cc [ 5540060FC8897DE9A6B17ACD6849F6CD ] \Device\Harddisk0\DR0\Partition2
00:48:32.0663 0x18cc \Device\Harddisk0\DR0\Partition2 - ok
00:48:32.0764 0x18cc [ 54CC4C5925FD26A23D6655B56E9FD50F ] \Device\Harddisk0\DR0\Partition3
00:48:32.0764 0x18cc \Device\Harddisk0\DR0\Partition3 - ok
00:48:32.0787 0x18cc [ 5953D57C17C5A063D9503DAA77A45ECE ] \Device\Harddisk0\DR0\Partition4
00:48:32.0857 0x18cc \Device\Harddisk0\DR0\Partition4 - ok
00:48:32.0880 0x18cc [ F8C180A9E9CE8F56188A1C9CF045E4E4 ] \Device\Harddisk0\DR0\Partition5
00:48:32.0891 0x18cc \Device\Harddisk0\DR0\Partition5 - ok
00:48:32.0912 0x18cc [ 3DB77100A0EFCFF295C9BFCED9D4C622 ] \Device\Harddisk0\DR0\Partition6
00:48:32.0978 0x18cc \Device\Harddisk0\DR0\Partition6 - ok
00:48:32.0979 0x18cc ================ Scan generic autorun ======================
00:48:33.0301 0x18cc [ 78D93C04E892F50D6264A05F4EBCE150, F24D26CAF44B81725AAE9FE84F24DB848BAA7857C89DC34C2E258617E886EE5B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
00:48:33.0604 0x18cc RTHDVCPL - ok
00:48:33.0658 0x18cc Nvtmru - ok
00:48:33.0688 0x18cc [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
00:48:33.0749 0x18cc ShadowPlay - ok
00:48:33.0797 0x18cc [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
00:48:33.0845 0x18cc IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
00:48:36.0213 0x18cc Detect skipped due to KSN trusted
00:48:36.0213 0x18cc IAStorIcon - ok
00:48:36.0214 0x18cc ETDCtrl - ok
00:48:36.0218 0x18cc BTMTrayAgent - ok
00:48:36.0288 0x18cc [ 815F6E3727453C978FFD721B2BDF48A5, E33A85E8EF80C662C84F705080585B35A899F8E588E8481D48538BA1224B5E57 ] C:\Program Files (x86)\SCM\Radio Manager.exe
00:48:36.0313 0x18cc Radio Manager - detected UnsignedFile.Multi.Generic ( 1 )
00:48:38.0680 0x18cc Detect skipped due to KSN trusted
00:48:38.0681 0x18cc Radio Manager - ok
00:48:38.0768 0x18cc [ 0123AE1BC462CD5F7321E0249B0379E1, 60BDE9BE24B541576F8C929B32C672E9079535FE63D8FAC9B7AD5A50474A515C ] C:\Program Files (x86)\SCM\SCM.exe
00:48:38.0810 0x18cc SCM - detected UnsignedFile.Multi.Generic ( 1 )
00:48:41.0176 0x18cc Detect skipped due to KSN trusted
00:48:41.0176 0x18cc SCM - ok
00:48:41.0221 0x18cc [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\RunDLL32.exe
00:48:41.0241 0x18cc MBCfg64 - ok
00:48:41.0330 0x18cc [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
00:48:41.0476 0x18cc NvBackend - ok
00:48:41.0539 0x18cc [ 4BA4EE813C494E70FF381DB39CEE3F39, 8AF9C9F680145FC2B2DC50317F708A27117BB240652E3EF3A728837DC7D5BB7B ] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
00:48:41.0583 0x18cc Sound Blaster Cinema - detected UnsignedFile.Multi.Generic ( 1 )
00:48:43.0959 0x18cc Detect skipped due to KSN trusted
00:48:43.0959 0x18cc Sound Blaster Cinema - ok
00:48:44.0004 0x18cc [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
00:48:44.0069 0x18cc UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
00:48:46.0439 0x18cc Detect skipped due to KSN trusted
00:48:46.0439 0x18cc UpdReg - ok
00:48:46.0485 0x18cc [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
00:48:47.0217 0x18cc RemoteControl10 - ok
00:48:47.0273 0x18cc [ 7D2A9D5B29A486B55E54AD89B6BFBF23, B5483058BB3255139CBFCB67CA7735197FA6C72BC42F004E51F13C139962E71E ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
00:48:47.0369 0x18cc BDRegion - ok
00:48:47.0417 0x18cc [ F4EC93E4A239F9A27777ED2416F6353D, 347A542146729682027039A92DF8E52FAE283E0DAAED873A59BA17BD1FF26416 ] C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe
00:48:47.0520 0x18cc SUPER CHARGER - ok
00:48:47.0577 0x18cc [ 324EB08C7610095182D5D399ED1A0EB3, 23F0ECA2C830E2593D4325B60B4FCB1E1DF0601E483D4A2E17AB41EC0908F53C ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
00:48:47.0718 0x18cc PWRISOVM.EXE - ok
00:48:47.0771 0x18cc [ 53C6C41356D532FEFD8056AB2906D129, C5E54C571FA44AF7FD1974464CC5D5DD30BA0D31ED20CF6B3DBB5A49FC5F0AC7 ] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
00:48:47.0832 0x18cc Lightshot - ok
00:48:47.0888 0x18cc [ 07A3A88C8E8FD71EAA2B7F39134788DA, 0AAB731BF14B8A96FF6DB84CDD2579C1DFE5E56838EF3D92B03AE738E89A92D1 ] C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
00:48:47.0993 0x18cc ROCCAT Savu Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 )
00:48:50.0360 0x18cc Detect skipped due to KSN trusted
00:48:50.0360 0x18cc ROCCAT Savu Gaming Mouse - ok
00:48:50.0403 0x18cc [ D0B1DA5382433AFBF52DE8815298EB0C, A326D01783359CCA1054210D82F17533638A9769A7A08C2BD0621DE016909359 ] C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE
00:48:50.0556 0x18cc RoccatIsku - detected UnsignedFile.Multi.Generic ( 1 )
00:48:52.0924 0x18cc RoccatIsku ( UnsignedFile.Multi.Generic ) - warning
00:48:55.0345 0x18cc YTDownloader - ok
00:48:55.0474 0x18cc [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:48:55.0727 0x18cc SunJavaUpdateSched - ok
00:48:55.0780 0x18cc [ C1211F321EC4B74DB5BEF65E85AD7E6B, 1D615402CA66AEA3E3C20C2A48BB1BF5F9ED1FFFD5F824395FB337438C66E0A0 ] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
00:48:55.0818 0x18cc SteelSeries Engine - detected UnsignedFile.Multi.Generic ( 1 )
00:48:58.0392 0x18cc Detect skipped due to KSN trusted
00:48:58.0392 0x18cc SteelSeries Engine - ok
00:48:58.0548 0x18cc [ DEB55C327597E42FA14E41F5858F3263, 199300A8E1B0000A82D04CDA2D32C482945AFFE47A037AAA58F89E3EDF059684 ] C:\Program Files\CCleaner\CCleaner64.exe
00:48:59.0286 0x18cc CCleaner Monitoring - ok
00:48:59.0448 0x18cc [ CACBA0704C7A57948B61FA7836B1E133, 3141657246F95353B5043A16F9F0A99CAA26F078D3403A3933E0EB2DA9284186 ] C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
00:49:00.0593 0x18cc OKAYFREEDOM_Agent - ok
00:49:00.0842 0x18cc [ 91C5DE2A06940F79732E9D78C1B280ED, 9809EF3764B4FDD7C613802AA00758748F18E24C61EC6205B9947AD98BD2A198 ] C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe
00:49:01.0675 0x18cc uTorrent - ok
00:49:01.0757 0x18cc Skype - ok
00:49:01.0759 0x18cc YTDownloader - ok
00:49:01.0913 0x18cc CrashService - ok
00:49:01.0914 0x18cc GoogleChromeAutoLaunch_DF971B6E1C7E4227FED899F7F8727B7B - ok
00:49:02.0067 0x18cc [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] C:\Program Files (x86)\Steam\steam.exe
00:49:02.0489 0x18cc Steam - ok
00:49:02.0494 0x18cc Waiting for KSN requests completion. In queue: 4
00:49:03.0494 0x18cc Waiting for KSN requests completion. In queue: 4
00:49:04.0495 0x18cc Waiting for KSN requests completion. In queue: 4
00:49:05.0530 0x18cc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
00:49:05.0539 0x18cc AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x50010 ( disabled : outofdate )
00:49:05.0539 0x18cc FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe ( 21.6.0.0 ), 0x50010 ( disabled )
00:49:05.0573 0x18cc Win FW state via NFP2: enabled ( trusted )
00:49:07.0988 0x18cc ============================================================
00:49:07.0988 0x18cc Scan finished
00:49:07.0988 0x18cc ============================================================
00:49:07.0992 0x1e90 Detected object count: 2
00:49:07.0992 0x1e90 Actual detected object count: 2
00:49:36.0733 0x1e90 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - skipped by user
00:49:36.0733 0x1e90 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:49:36.0734 0x1e90 RoccatIsku ( UnsignedFile.Multi.Generic ) - skipped by user
00:49:36.0734 0x1e90 RoccatIsku ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:49:41.0905 0x1bbc Deinitialize success

Alt 12.11.2015, 17:16   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.11.2015, 22:40   #9
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 12/11/2015
Suchlaufzeit: 21:17
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.12.04
Rootkit-Datenbank: v2015.11.04.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Sonny

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 384975
Abgelaufene Zeit: 14 Min., 9 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 19
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}, In Quarantäne, [e242dca13a518da9a040122557ab33cd], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}, In Quarantäne, [e242dca13a518da9a040122557ab33cd], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b931a240-e32a-4f2b-97aa-8b01c8e6aa14}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\TYPELIB\{9d34b059-e7dc-43df-bfe5-948a5cb63e60}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\INTERFACE\{69C28999-D17B-4989-BD4F-1A7150D6010F}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{69C28999-D17B-4989-BD4F-1A7150D6010F}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{69C28999-D17B-4989-BD4F-1A7150D6010F}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9d34b059-e7dc-43df-bfe5-948a5cb63e60}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{9d34b059-e7dc-43df-bfe5-948a5cb63e60}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B931A240-E32A-4F2B-97AA-8B01C8E6AA14}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.SuperGreat, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B931A240-E32A-4F2B-97AA-8B01C8E6AA14}, In Quarantäne, [0f1529547912142200ecdc5936cc1de3], 
PUP.Optional.BoBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\crash_service, Löschen bei Neustart, [fa2a3f3ee6a51e1862a9b91ee3204cb4], 
PUP.Optional.MySearch123, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}, In Quarantäne, [1410a3da7e0d65d1e8eb6c69da29dc24], 
PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SWSEDRVR_VW_1_10_0_25, In Quarantäne, [6aba631aed9e72c4338e0d7672908b75], 
PUP.Optional.CrossBrowse, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\CrossBrowser, In Quarantäne, [2ef6a6d7296243f3ed7ee5820003c040], 
PUP.Optional.MyBrowser, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\MyBrowser 1.0.2V21.10, In Quarantäne, [fe26e29b56353204b09bdfa2c0436c94], 
PUP.Optional.SearchProtect, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\SearchProtect, In Quarantäne, [de466f0e98f32313db58baeaa0633ec2], 
PUP.Optional.SuperGreat, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\Super Great, In Quarantäne, [db497b02e8a348ee9d6a95fec1424cb4], 
PUP.Optional.SpaceSoundPro, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\SPACESOUNDPRO, In Quarantäne, [071d0578f99234023944831c51b2a957], 

Registrierungswerte: 15
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.SHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [a87c4637a6e5b28415eafad56b9849b7], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.WEBP\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [69bbafce5b3058de27d9765aa0639e62], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [c262126b642780b6bd45bf11dd26728e], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.XHT\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [5bc99ce10586a096cb36c10fbc47c937], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.SHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [70b4c1bc9dee5dd939c679569172916f], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.WEBP\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [b76d1964800bc670e719b41c956e47b9], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [43e19edfff8c53e352b047899c6704fc], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.XHT\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [13113b42dead2e08be434d8352b127d9], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.SHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [42e2d2ab325994a20ff0c807669df60a], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.WEBP\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [d4504538b9d24ee8b54beae62cd708f8], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [c064f68799f221157e84ca069c67916f], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.XHT\OPENWITHPROGIDS|CRSBRWSHTML, In Quarantäne, [ec388feecdbeab8bcc35a32d8b787c84], 
PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\swsedrvr_vw_1_10_0_25|ImagePath, system32\drivers\swsedrvr_vw_1_10_0_25.sys, In Quarantäne, [6aba631aed9e72c4338e0d7672908b75]
PUP.Optional.MyBrowser, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_DF971B6E1C7E4227FED899F7F8727B7B, "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window, In Quarantäne, [83a1b1cce6a5a294f9230c9850b3d22e]
PUP.Optional.SpaceSoundPro, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\SPACESOUNDPRO|mj, 15.10.22.0, In Quarantäne, [071d0578f99234023944831c51b2a957]

Registrierungsdaten: 1
PUP.Optional.Trovi, HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV=),Ersetzt,[35ef7c014645be7889357cd5f4104eb2]

Ordner: 156
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [a18379042269af87ee16f09414ee11ef], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [a18379042269af87ee16f09414ee11ef], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], 
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier, In Quarantäne, [44e0de9f56356acccbcbad1dc53e649c], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu, In Quarantäne, [988cc4b964279f97499c334f768c06fa], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common, In Quarantäne, [988cc4b964279f97499c334f768c06fa], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N, In Quarantäne, [988cc4b964279f97499c334f768c06fa], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache, In Quarantäne, [988cc4b964279f97499c334f768c06fa], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\DesktopToolMini_global, In Quarantäne, [988cc4b964279f97499c334f768c06fa], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\InstallHelper, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\nslA483.tmp, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\ScreenSnapshot, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\uninstall_temp_197458421, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\features, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\fonts, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\it, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ar, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\bg, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\bn, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ca, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\cs, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\da, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\de, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\el, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\en_GB, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\en_US, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\es, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\es_419, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\et, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fa, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fi, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fil, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fr, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\he, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hi, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hr, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hu, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\id, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ja, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ko, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\lt, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\lv, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ms, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\nb, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\nl, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pl, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pt_BR, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pt_PT, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ro, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ru, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sk, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sl, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sr, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sv, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ta, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\te, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\th, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\tr, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\uk, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\vi, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\zh_CN, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\zh_TW, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_metadata, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_metadata, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 

Dateien: 334
PUP.Optional.Amonetize, C:\Users\Sonny\AppData\Local\Temp\amisetup1780__15940.exe, In Quarantäne, [0a1ae19c7c0f40f6b13592d92ed38080], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [37edb1ccc3c8da5c3fc5bfc50af88f71], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [6bb9b3cafc8f78bed232b7cda35f4ab6], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [7da77efff398f640f311b4d01ee4ad53], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [38ec4d305f2c91a5a460d7adac562bd5], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [4cd81c611b7089adaf55dba938ca1ae6], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [a67eceaf25667cba4db71272748ec23e], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [ed371e5f197271c51aea8400e02205fb], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [a18379042269af87ee16f09414ee11ef], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [a18379042269af87ee16f09414ee11ef], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [a18379042269af87ee16f09414ee11ef], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [a18379042269af87ee16f09414ee11ef], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [e341f885d8b3be784bba077d51b1da26], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], 
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [c85c8eefeaa11c1a818487fda35f966a], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [d450ed903358c6708481dca8aa58cf31], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], 
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [3ce82c513358d75fd62fcfb50ef4e719], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [70b4c9b41774280e7590fb897191ea16], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], 
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [f82cf08d6823e74f56af04809e64dc24], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\lsdb.js, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\background.html, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\content.js, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgpioppgelcncoplpmjiijhkjgjcgdol\2.0\manifest.json, In Quarantäne, [c65e8eef1477d85ebc49374df50da759], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\lsdb.js, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\background.html, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\content.js, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], 
PUP.Optional.MultiPlug, C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\226\manifest.json, In Quarantäne, [a87c6e0f7714f83e60a52f55bc46936d], 
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, In Quarantäne, [da4a295474170432d895d8b338ca3ac6], 
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, In Quarantäne, [042015681477df57d4993358966cb64a], 
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\notifier.exe.log, In Quarantäne, [44e0de9f56356acccbcbad1dc53e649c], 
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\feeds.dat, In Quarantäne, [44e0de9f56356acccbcbad1dc53e649c], 
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\log.txt, In Quarantäne, [44e0de9f56356acccbcbad1dc53e649c], 
PUP.Optional.BoBrowser, C:\Windows\System32\Tasks\crash_service, In Quarantäne, [d054aecf7d0e86b01fe84790649fc63a], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\conf.db, In Quarantäne, [988cc4b964279f97499c334f768c06fa], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\DesktopToolMini_global\6864513656267629, In Quarantäne, [988cc4b964279f97499c334f768c06fa], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\conf.db, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\ScreenSnapshot\2184535656267636, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\uninstall_temp_197458421\8160280856267705, In Quarantäne, [6eb693ea8803f83e8c5a5f230bf7fc04], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\manifest.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\background.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\block.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\block.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\firstRun.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\firstRun.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\i18n.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\iconAnimation.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\include.postload.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\include.preload.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\notification.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\notification.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\options.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\options.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\popup.html, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\popup.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\popupBlocker.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\stats.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\subscriptions.xml, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\utils.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\webrequest.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext\background.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext\common.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext\content.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\ext\popup.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-critical-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-128.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-16.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-critical-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-notification-information-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-19-whitelisted-notification-information-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-32.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-critical.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-notification-information.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-critical-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-1.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-2.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-3.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-4.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-5.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-6.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-7.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-8.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted-notification-information-9.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38-whitelisted.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-38.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\icons\abp-48.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\jquery-ui-1.8.16.custom.css, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_flat_0_aaaaaa_40x100.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_flat_75_ffffff_40x100.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_55_fbf9ee_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_65_ffffff_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_dadada_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_e6e6e6_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_glass_95_fef1ec_1x400.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-bg_highlight-soft_75_cccccc_1x100.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_222222_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_2e83ff_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_454545_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_888888_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\css\smoothness\images\ui-icons_cd0a0a_256x240.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\js\jquery-1.7.1.min.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\jquery-ui\js\jquery-ui-1.8.16.custom.min.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\adblockplus.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\basedomain.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\compat.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\info.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\io.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\jsbn.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\publicSuffixList.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\punycode.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\rsa.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\lib\sha1.js, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\abp-icon-big.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\ajax-loader.gif, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\background-main.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\background-share.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\background.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\donate.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\firstRun.css, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\popup.css, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\popup.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\features\malware.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\features\social.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\features\tracking.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\fonts\CreteRound-Italic.otf, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\fonts\CreteRound-Regular.otf, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\facebook.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\googleplus.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\renren.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\twitter.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\social\weibo.png, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\it\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ar\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\bg\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\bn\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ca\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\cs\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\da\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\de\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\el\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\en_GB\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\en_US\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\es\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\es_419\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\et\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fa\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fi\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fil\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\fr\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\he\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hi\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hr\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\hu\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\id\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ja\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ko\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\lt\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\lv\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ms\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\nb\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\nl\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pl\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pt_BR\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\pt_PT\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ro\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ru\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sk\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sl\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sr\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\sv\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\ta\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\te\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\th\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\tr\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\uk\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\vi\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\zh_CN\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_locales\zh_TW\messages.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\_metadata\verified_contents.json, In Quarantäne, [45df3548e4a71323446c3149e61edf21], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\manifest.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\craw_background.js, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\craw_window.js, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css\craw_window.css, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html\craw_window.html, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\flapper.gif, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\icon_128.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\icon_16.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_close.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_hover.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_maximize.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_pressed.png, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW\messages.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.HijackModifiedExtension, C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_metadata\verified_contents.json, In Quarantäne, [ee36c4b9e5a656e0bcf46911e81cd52b], 
PUP.Optional.Trovi, C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215");), Ersetzt,[f72d413cb3d86bcb6308b2c4808447b9]
PUP.Optional.Trovi, C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "Trovi");), Ersetzt,[d54f9be2a4e7aa8c1954acca976d9070]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 12.11.2015, 22:42   #10
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



Junkware removal tool.
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 8.1 x64
Ran by Sonny on 12/11/2015 at 23:06:24.72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] lptsystemupdater [Reboot required]



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update sizlsearch



~~~ Files

Successfully deleted: [File] C:\Users\Sonny\AppData\Roaming\appdataFr2.bin
Successfully deleted: [File] C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat



~~~ Folders

Successfully deleted: [Folder] C:\Program Files\005
Successfully deleted: [Folder] C:\Users\Sonny\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Sonny\Appdata\Local\installer
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin



~~~ FireFox

Successfully deleted the following from C:\Users\Sonny\AppData\Roaming\mozilla\firefox\profiles\v0ofh5r4.default-1431427622023\prefs.js

user_pref(browser.search.searchengine.alias, mystartsearch);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.mystartsearch.com/favicon.ico);
user_pref(browser.search.searchengine.name, mystartsearch);
user_pref(browser.search.searchengine.ptid, ima);
user_pref(browser.search.searchengine.uid, HGSTXHTS721010A9E630_JR10006PH901YEH901YEX);
user_pref(browser.search.searchengine.url, hxxp://www.mystartsearch.com/web/?type=ds&ts=1445508415&z=57335279eac5483c7a31a39g1zbzbw1w1e0bcg6qew&from=ima&uid=HGSTXHTS721010A
user_pref(browser.search.selectedEngine, Trovi);
Emptied folder: C:\Users\Sonny\AppData\Roaming\mozilla\firefox\profiles\v0ofh5r4.default-1431427622023\minidumps [2 files]



~~~ Chrome


[C:\Users\Sonny\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Sonny\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Sonny\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Sonny\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/11/2015 at 23:09:26.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Geändert von stefan nur (12.11.2015 um 23:15 Uhr)

Alt 12.11.2015, 23:05   #11
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



...

adwcleaner.txt
Code:
ATTFilter
# AdwCleaner v5.019 - Bericht erstellt am 12/11/2015 um 22:57:58
# Aktualisiert am 08/11/2015 von Xplode
# Datenbank : 2015-11-09.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Sonny - MSI_SAMDAR
# Gestartet von : C:\Users\Sonny\Downloads\AdwCleaner_5.019.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : globalUpdate
[-] Dienst Gelöscht : globalUpdatem

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
[-] Ordner Gelöscht : C:\Program Files (x86)\Uniblue
[-] Ordner Gelöscht : C:\Program Files (x86)\FLV Player
[-] Ordner Gelöscht : C:\Program Files (x86)\Fast-Search
[-] Ordner Gelöscht : C:\Program Files (x86)\00000000-1445361232-0000-0000-448A5B44E892
[-] Ordner Gelöscht : C:\ProgramData\Uniblue
[-] Ordner Gelöscht : C:\ProgramData\YoutubeAdBlocke
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
[-] Ordner Gelöscht : C:\Users\Sonny\AppData\Local\globalUpdate
[-] Ordner Gelöscht : C:\Users\Sonny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk
[-] Ordner Gelöscht : C:\Users\Sonny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk
[-] Ordner Gelöscht : C:\Users\Sonny\AppData\Roaming\Uniblue

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Public\Desktop\driverscanner.lnk
[-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk
[-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\8iq92rbq.default\user.js
[-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\8iq92rbq.default\user.js
[-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\user.js
[-] Datei Gelöscht : C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Aufgabenplanung Gelöscht : driverscanner
[-] Aufgabenplanung Gelöscht : dsmonitor
[-] Aufgabenplanung Gelöscht : update-sys
[-] Aufgabenplanung Gelöscht : crash_service
[-] Aufgabenplanung Gelöscht : update-S-1-5-21-2802146430-1798650074-2620433185-1002
[-] Aufgabenplanung Gelöscht : update-sys
[-] Aufgabenplanung Gelöscht : update-S-1-5-21-2802146430-1798650074-2620433185-1002
[-] Aufgabenplanung Gelöscht : update-sys

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Wert Gelöscht : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FLVPlayer.exe
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [CrashService]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Schlüssel Gelöscht : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Super Great
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
[-] Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Tutorials
[-] Schlüssel Gelöscht : HKCU\Software\DownLite
[-] Schlüssel Gelöscht : HKCU\Software\DAILYPCCLEAN
[-] Schlüssel Gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartWeb
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Clara
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Fast-Search
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SVH
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ShopperPro
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Internetbrowser ] *****

[-] [C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPE608CD9F-69FF-4B1[...]
[-] [C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : istart.webssearches.com
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : webssearches
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : websearch
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : trovi.search
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mystartsearch
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Gelöscht : hxxp://www.mystartsearch.com/webfavicon.ico
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=58&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&q={searchTerms}&SSPV=
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://www.trovi.com/?gd=&ctid=CT3325157&octid=EB_ORIGINAL_CTID&ISID=M73ECFD8F-5806-4F35-9386-1B88F31A67C0&SearchSource=55&CUI=&UM=8&UP=SPE608CD9F-69FF-4B17-BDF5-7AD09590B726&D=102215&SSPV=

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [14465 Bytes] ##########
         

Geändert von stefan nur (12.11.2015 um 23:04 Uhr)

Alt 14.11.2015, 12:07   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.11.2015, 18:12   #13
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de482ec8996d1449ddfc37597c88783
# end=init
# utc_time=2015-11-14 12:55:48
# local_time=2015-11-14 01:55:48 (+0100, Mitteleuropäische Zeit)
# country="United Kingdom"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 26722
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de482ec8996d1449ddfc37597c88783
# end=updated
# utc_time=2015-11-14 12:59:33
# local_time=2015-11-14 01:59:33 (+0100, Mitteleuropäische Zeit)
# country="United Kingdom"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3de482ec8996d1449ddfc37597c88783
# engine=26722
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-14 03:53:48
# local_time=2015-11-14 04:53:48 (+0100, Mitteleuropäische Zeit)
# country="United Kingdom"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 34239439 210113013 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 13664 11305998 0 0
# scanned=363265
# found=83
# cleaned=0
# scan_time=10454
sh=0FB724865515624082A38FAD53CBE4BEDAA1735A ft=1 fh=f938c8f81da27d54 vn="Variante von Win32/Adware.ConvertAd.ABW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\00000000-1445361232-0000-0000-448A5B44E892\rnsc657B.exe.vir"
sh=15ED5B6C5946E85E7A5C77F4A7689E4E76CCBAFB ft=1 fh=c71c0011fe889422 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=8FF07C7F0E7320A1EB53CADD4D30D3154FF33BBA ft=1 fh=f622fe8cae001c0b vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=12EBF6FC8AD543662053CA101C2D5DA175137EB2 ft=1 fh=c71c00119e5c1a87 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir"
sh=8F0ABE23DDA3F9DC04497B1A4F455AF8CE9D45B8 ft=1 fh=787e176d56997de7 vn="Win64/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir"
sh=55B49E6175EC153F5F6D595F7E36CF04D61C70AC ft=1 fh=c71c0011122aac36 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=E9BEAFD5EF09360852ECDCC4312188064742E51A ft=1 fh=c71c0011421e8e27 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir"
sh=504FB0C9D4BCDB5A26A80F08F92D5E4169243B15 ft=1 fh=c7900a4dec9db414 vn="Variante von Win32/Adware.ConvertAd.ABO Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nsdB5CE.tmp"
sh=ADB6ABC5CBECE859182B5032DEA175A7F76EF379 ft=1 fh=134fcde36fa89f8c vn="Variante von Win32/Adware.ConvertAd.ACB.gen Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nsp3F6B.tmp"
sh=E74A8D49B9214920A7ADC978C2D4EAC1F1460B74 ft=1 fh=04f15592e21ed83f vn="Variante von Win32/Adware.ConvertAd.ACB.gen Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nspF2B6.tmp"
sh=A901074F923EFA09A7E4413D55EF30C8FCBD0322 ft=1 fh=eb841dc825cb1c22 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\DMR\dmr_72.exe"
sh=87BAC9D18750AF6FDAF013CE5325914979C5A72A ft=1 fh=4d6154421bc357fe vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\4F9ABF7C_stp\CreateShortcut.dll"
sh=A5BE0C1A6877CFECACE44C10F7A77AE1925F9292 ft=1 fh=5b8d6bde69b054c1 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\6BD96D0D_stp\TaskScheduler.dll"
sh=23DFE11C19F1C88DFCC9AA0D46FFB2013402C5F7 ft=1 fh=c71c0011fa91fe3e vn="Variante von Win32/Toolbar.CrossRider.CM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\cezgufrd.dll"
sh=ADED330884B86CFD119BEB03A5414C940C09AB87 ft=1 fh=30672d4887200e79 vn="Variante von Win32/Toolbar.CrossRider.BW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\phodw.dll"
sh=FA14CDEDC3BCBCB1C8B8487D47BE1E628A930503 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\102.js"
sh=937BEB5AC1F53E7FF1E3EB0BCA48BA7AF2D3664F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\104.js"
sh=F4868E75E21D37FCBC9A5871B6B120EB3E4600DF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\14.js"
sh=C10E64DC01896B43B0C89F53376D4164453BC74E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\178.js"
sh=9CB942D538CEA821683BC9D832014E8EC5FDE2EC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\179.js"
sh=80C90D030EA66EA5346FBF5214670595E3375CAD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\180.js"
sh=0987FB3F0C956A9578B1C3D050189BB99A017FC2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\184.js"
sh=4BCC541E7A14BF89B1633A1BC794E6848B831E80 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\200.js"
sh=4A456E8397DFF5CBB4FF25D8B9710C41A42AFCC3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\223.js"
sh=877349BAD187BE3A07174EA0A6F16A375474C639 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\231.js"
sh=776290247C80F20D24E4BA8F99F13F2D5578ECC8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\232.js"
sh=F3C19FB08E08EEDA6008DFA8175DEDEA51DE1BFA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\234.js"
sh=69F3441DAAA26144ABB42DB33386C549E9F2231D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\242.js"
sh=BEB05642C41381F387B0C8BE3BD0E336A89DB84E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\246.js"
sh=2DE5AADF0BB2BF572B147C4E8F62CAAF44C60A75 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\252.js"
sh=3CA5653E6B858F15992AC689F06C8456A94B0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\253.js"
sh=C7574CAC8611C5FBBE4AE2127C4CA0E2FB58DB69 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\273.js"
sh=18A20E25B540EE4327ACC0859A5778B050529B53 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\277.js"
sh=5443843013D026E8A114EDEC837671DAC84F4AEA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\281.js"
sh=397EC598B400D3A2111C9C0EEA7D85464774BBD7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\288.js"
sh=7A0B43CC3BD069AE9B149EB8F4BEEB6F097837DB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\300.js"
sh=35E8D6275113D6714473490A116CF414F6AA6368 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\311.js"
sh=097FE11FE5038AF11A89B1B2A63F79B9EACE86FF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\334.js"
sh=F830C45582EA30AA81037DD511D6657BAC6D3470 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\335.js"
sh=DAFE26CC2D17C59CC7CA0B0563A50C6215781167 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\339.js"
sh=B6C5BA5027BB472F2E638D3ADBCDB4E46DA77D1B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\348.js"
sh=8431E5A1EAC103CC3A0097EEAFF1B8D06FF39B52 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\357.js"
sh=40C8C98FF8B403FE50791CF29F02FBA28068FD89 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\376.js"
sh=81A6DC2B3E4EB2A7B58E592A3E86C0C858936E87 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\380.js"
sh=46785AF9F3FDFD7BA7E68C918CA9B2BFD5FE81CE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\385.js"
sh=8C03AF269B9B3748482016ABD7F8FDF2BE562177 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\390.js"
sh=B11A64AE212C15C25C435BCE4C67235DDECCE883 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\391.js"
sh=E2C88897AD00452927EC05929A1505DACAEEFB1E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\419.js"
sh=08A2BB08725C99F79A889C6C7CB9C7DD6306E0B6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\424.js"
sh=A12014C968F464836DC0C10A70D977673DFA088E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\91.js"
sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf"
sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\8k4zjaU"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn"
sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk"
sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\ZkvbwFI"
sh=DA9ED783137B5968971C4AC1422C76B3D628B766 ft=1 fh=73057acc53c29ac1 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe"
sh=9958550255192FCC3D111CCA213A8507F3A43CE3 ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Users\Sonny\Desktop\Alte Firefox-Daten\8iq92rbq.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi"
sh=8814F35440264553A63A592D0A1EBF4E748D0872 ft=1 fh=744e3c8b419054c5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\7 Zip 32 Bit - CHIP-Installer.exe"
sh=5C6983B3FDBCAA45979A3039C607995D3F813B87 ft=1 fh=d17e411445ba40bb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Bandicam - CHIP-Installer.exe"
sh=5A4C21A65B60E407D37E65352FAA14595FCA101F ft=1 fh=4bef93f6f5cd2036 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Blockify - CHIP-Installer.exe"
sh=24F1CC17A326945BF071DEBF02F5809521467143 ft=0 fh=0000000000000000 vn="Variante von MSIL/FakeTool.HM Trojaner" ac=I fn="C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55 (1).zip"
sh=24F1CC17A326945BF071DEBF02F5809521467143 ft=0 fh=0000000000000000 vn="Variante von MSIL/FakeTool.HM Trojaner" ac=I fn="C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55.zip"
sh=D58E7BC59198CC94FA5EEED01049BC621A6F99E4 ft=1 fh=bd207fa3779f8737 vn="Variante von Win32/UniBlue.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\driverscanner.exe"
sh=0E59E06CF166E8BD89FC06277E65886535BA0E22 ft=1 fh=f857231acfe66eb4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=625857BDC4DA7A5BEE999E8BE7F31E2112ABBB1B ft=1 fh=d7c13d122a1f6894 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\MotioninJoy - CHIP-Installer.exe"
sh=C31288AD07B76AA2CA302A370F2E2BDB7A165681 ft=1 fh=a62e094c232442d1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Resource Hacker - CHIP-Installer.exe"
sh=5C48204CD61F937B64A3916562208A9A6D13A9EC ft=0 fh=0000000000000000 vn="Variante von Java/Adwind.MH Trojaner" ac=I fn="C:\Users\Sonny\Downloads\RSBot-6058.jar"
sh=5E05411F34C4E6119EEC9C0E171878B7578D72B2 ft=1 fh=e54bda30b9910101 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe"
sh=6D4453EA888CC15EB784D5A68341C525FC26F371 ft=1 fh=fd51312158fb6b8d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Skype - CHIP-Installer.exe"
sh=3396C41A9B092704643AF4BA75BE5D809A720881 ft=1 fh=606cbf97e4e75157 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\SoftEther VPN Client - CHIP-Installer.exe"
sh=186BF6B94203009484FA4C2E9D2E52764FE39103 ft=1 fh=906f839edd58b535 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\TeamViewer - CHIP-Installer.exe"
sh=F69B708BAA723F00058FCBEB95AD7ED451AB3597 ft=1 fh=51dc34a13973cf56 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\uTorrent (1).exe"
sh=F69B708BAA723F00058FCBEB95AD7ED451AB3597 ft=1 fh=51dc34a13973cf56 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\uTorrent.exe"
sh=DA9ED783137B5968971C4AC1422C76B3D628B766 ft=1 fh=73057acc53c29ac1 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\uTorrent891.exe"
sh=BE0775BD8EF12BA7872F98E06B6B16180ED766F8 ft=1 fh=29d678da2f41f286 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sonny\Downloads\Virtual Audio Cable - CHIP-Installer.exe"
sh=EDD453DF5B8E668297451AA81C5E060D807AC594 ft=0 fh=0000000000000000 vn="Variante von MSIL/FakeTool.HM Trojaner" ac=I fn="C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55\Darkorbit Hack v2.55.zip"
sh=EDD453DF5B8E668297451AA81C5E060D807AC594 ft=0 fh=0000000000000000 vn="Variante von MSIL/FakeTool.HM Trojaner" ac=I fn="C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55 (1)\Darkorbit Hack v2.55.zip"
sh=95B785C6D5465575F2B951FC5E31890B84D1FAA9 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\a3ed4.msi"
sh=504FB0C9D4BCDB5A26A80F08F92D5E4169243B15 ft=1 fh=c7900a4dec9db414 vn="Variante von Win32/Adware.ConvertAd.ABO Anwendung" ac=I fn="C:\Windows\Temp\6FDD.tmp"
sh=504FB0C9D4BCDB5A26A80F08F92D5E4169243B15 ft=1 fh=c7900a4dec9db414 vn="Variante von Win32/Adware.ConvertAd.ABO Anwendung" ac=I fn="C:\Windows\Temp\FF9.tmp"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender           
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 65  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	19.0.0.245  
 Mozilla Firefox (41.0.2) 
 Google Chrome (46.0.2490.80) 
 Google Chrome (46.0.2490.86) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Windows Defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Sonny (Administrator) auf MSI_SAMDAR (14-11-2015 18:11:05)
Gestartet von C:\Users\Sonny\Downloads
Geladene Profile: Sonny (Verfügbare Profile: Sonny)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(BitTorrent Inc.) C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.6_41350\utorrentie.exe
(BitTorrent Inc.) C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.6_41350\utorrentie.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.3\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.43\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.169\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Users\Sonny\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Farbar) C:\Users\Sonny\Downloads\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-23] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2014-04-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink)
HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [249856 2014-01-23] (SteelSeries ApS)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [4946856 2014-10-16] (Steganos Software GmbH)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [uTorrent] => C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe [1888792 2015-11-13] (BitTorrent Inc.)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\MountPoints2: {f40e9899-2c5b-11e4-8272-a08869908039} - "F:\windows\Data\setup.exe" 
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-11-12]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53289;https=127.0.0.1:53289
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{067846F7-8DB6-4D95-A851-BECD63790717}: [DhcpNameServer] 10.11.0.1
Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8B10DFEE-2A45-471C-B680-0146B9966FB7}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660324794&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660331387&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660370656&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002 -> {72A48C13-DCBC-4156-9710-EED96895E310} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation)
Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2802146430-1798650074-2620433185-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sonny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-10-09] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon => nicht gefunden
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/?gws_rd=ssl"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll => Keine Datei
CHR Profile: C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-02]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-26] (CyberLink)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2014-04-23] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [321976 2014-10-16] (Steganos Software GmbH)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S3 iumsvc; "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [63488 2014-04-27] (Microsoft Corporation) [Datei ist nicht signiert]
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-05-22] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-04-23] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140909.001\IDSvia64.sys [633560 2014-09-06] (Symantec Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys [20464 2013-11-12] (Windows (R) Win 7 DDK provider)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-04-23] (Realsil Semiconductor Corporation)
S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation)
S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
S3 HSPADataCardusbmdm; \SystemRoot\system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; \SystemRoot\system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; \SystemRoot\system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; \SystemRoot\System32\drivers\massfilter.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-14 18:10 - 2015-11-14 18:10 - 02198528 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64(1).exe
2015-11-14 18:06 - 2015-11-14 18:06 - 00852720 _____ C:\Users\Sonny\Downloads\SecurityCheck.exe
2015-11-14 13:54 - 2015-11-14 13:54 - 02870984 _____ (ESET) C:\Users\Sonny\Downloads\esetsmartinstaller_deu.exe
2015-11-14 02:18 - 2015-11-14 02:18 - 00002196 _____ C:\Users\Sonny\Desktop\ShellExView - CHIP Downloader.lnk
2015-11-14 02:17 - 2015-11-14 02:17 - 00164744 _____ C:\Users\Sonny\Downloads\sview97.zip
2015-11-14 02:16 - 2015-11-14 02:16 - 01466656 _____ C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe
2015-11-14 01:37 - 2015-11-14 01:37 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-11-13 21:30 - 2015-11-09 14:22 - 27330800 _____ C:\Users\Sonny\Desktop\GameIntro_V3_B.bk2
2015-11-13 10:31 - 2015-11-14 13:30 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\uTorrent
2015-11-13 08:30 - 2015-11-13 08:31 - 00000000 ____D C:\Users\Sonny\AppData\Local\Fallout4
2015-11-13 08:30 - 2015-11-13 08:30 - 00000691 _____ C:\Users\Sonny\Desktop\Fallout 4.lnk
2015-11-13 08:30 - 2015-11-13 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2015-11-13 07:59 - 2015-11-13 07:59 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\PowerISO
2015-11-13 01:55 - 2015-11-13 02:12 - 00000000 ____D C:\Users\Sonny\Downloads\Fallout.4-CODEX
2015-11-12 23:09 - 2015-11-12 23:09 - 00002853 _____ C:\Users\Sonny\Desktop\JRT.txt
2015-11-12 23:05 - 2015-11-12 23:05 - 01798976 _____ (Malwarebytes) C:\Users\Sonny\Downloads\JRT.exe
2015-11-12 23:05 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Sonny\Desktop\JRT.exe
2015-11-12 22:59 - 2015-11-14 01:39 - 00198858 _____ C:\Windows\PFRO.log
2015-11-12 22:52 - 2015-11-12 22:52 - 01712128 _____ C:\Users\Sonny\Downloads\AdwCleaner_5.019.exe
2015-11-12 22:38 - 2015-11-12 22:38 - 00115551 _____ C:\mbam.txt
2015-11-12 00:46 - 2015-11-12 00:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Sonny\Downloads\tdsskiller.exe
2015-11-11 19:40 - 2015-11-12 22:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-11 19:38 - 2015-11-11 19:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sonny\Downloads\mbar-1.09.3.1001(1).exe
2015-11-11 19:37 - 2015-11-11 21:11 - 00000000 ____D C:\Users\Sonny\Desktop\mbar
2015-11-11 19:37 - 2015-11-11 19:37 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sonny\Downloads\mbar-1.09.3.1001.exe
2015-11-11 19:34 - 2015-11-11 19:34 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2015-11-11 19:26 - 2015-11-12 21:33 - 00001294 _____ C:\Users\Sonny\Desktop\Revo Uninstaller.lnk
2015-11-11 19:26 - 2015-11-11 19:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sonny\Downloads\revosetup95.exe
2015-11-11 19:26 - 2015-11-11 19:26 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-11 19:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 19:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 19:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 19:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 19:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 19:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 19:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 19:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 19:03 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 19:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 19:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 19:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 19:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 19:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 19:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 19:03 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 19:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 19:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 19:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 19:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 19:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 19:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 19:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 19:03 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 19:03 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 18:05 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 18:05 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 18:05 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 18:05 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 18:05 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 18:05 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 18:05 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 18:05 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 18:05 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 18:05 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 18:05 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 18:05 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 18:05 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 18:05 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 18:05 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 18:05 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 18:05 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 18:05 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 18:05 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 18:05 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 18:05 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 18:05 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 18:05 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 18:05 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 18:05 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 18:05 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 18:05 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 18:05 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 18:05 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 18:05 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 18:05 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 18:05 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 18:05 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 18:05 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 18:05 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 18:05 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 18:05 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 18:05 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 18:05 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 18:05 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 18:05 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 18:05 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 18:05 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 18:05 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 18:05 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 18:05 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-11 18:05 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-11 18:05 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-11 16:28 - 2015-11-11 16:28 - 07681728 _____ (Uniblue Systems Ltd ) C:\Users\Sonny\Downloads\driverscanner.exe
2015-11-10 18:46 - 2015-11-10 18:46 - 00070929 _____ C:\Users\Sonny\Downloads\Addition.txt
2015-11-10 18:44 - 2015-11-14 18:11 - 00030564 _____ C:\Users\Sonny\Downloads\FRST.txt
2015-11-10 18:44 - 2015-11-14 18:11 - 00000000 ____D C:\FRST
2015-11-10 18:44 - 2015-11-10 18:44 - 02198528 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe
2015-11-10 18:43 - 2015-11-10 18:43 - 01702400 _____ (Farbar) C:\Users\Sonny\Downloads\FRST.exe
2015-11-06 11:22 - 2015-11-06 11:22 - 17679448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-06 11:21 - 2015-11-06 11:21 - 15191992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-06 11:20 - 2015-11-06 11:20 - 30503056 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-06 11:20 - 2015-11-06 11:20 - 16170920 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-06 11:20 - 2015-11-06 11:20 - 13284848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 22963344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 11105936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-06 11:19 - 2015-11-06 11:19 - 01070920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 00416912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 00372880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 00185816 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 00164008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 01566352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435435.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 01082000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 01004360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 00512136 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 00416352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 15928728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 12910488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 11853464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 02961224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 02627728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 01907016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435435.dll
2015-11-06 11:15 - 2015-11-06 11:15 - 42740368 _____ C:\Windows\system32\nvcompiler.dll
2015-11-06 11:15 - 2015-11-06 11:15 - 37758280 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-06 11:12 - 2015-11-06 11:12 - 14523248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-06 11:12 - 2015-11-06 11:12 - 00992400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-03 22:22 - 2015-11-03 22:22 - 00061440 _____ (Gary's Hood) C:\Users\Sonny\Downloads\rsclient.exe
2015-11-03 14:35 - 2015-11-03 14:35 - 00017533 _____ C:\Windows\DirectX.log
2015-11-03 13:28 - 2015-11-03 13:28 - 00000219 _____ C:\Users\Sonny\Desktop\Counter-Strike Global Offensive.url
2015-10-28 15:29 - 2015-10-28 15:29 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Tera_Awesomium
2015-10-27 16:14 - 2015-11-14 17:22 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-27 16:14 - 2015-11-12 21:34 - 00000983 _____ C:\Users\Public\Desktop\Steam.lnk
2015-10-27 16:14 - 2015-10-27 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup.exe
2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup (1).exe
2015-10-27 14:06 - 2015-10-27 14:08 - 00000000 ____D C:\Users\Sonny\Desktop\dead realMUH
2015-10-27 13:34 - 2015-10-27 13:34 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\Section Studios_ Inc_
2015-10-27 13:30 - 2015-10-27 13:31 - 734982235 _____ C:\Users\Sonny\Downloads\[www.mpc-g.com]DdRlm144.7z
2015-10-24 18:37 - 2015-10-24 18:37 - 00584288 _____ (Oracle Corporation) C:\Users\Sonny\Downloads\jxpiinstall(1).exe
2015-10-23 20:43 - 2015-11-12 21:33 - 00002060 _____ C:\Users\Sonny\Desktop\RuneScape.lnk
2015-10-23 20:43 - 2015-10-23 20:43 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-10-23 20:39 - 2015-10-23 20:42 - 24219648 _____ C:\Users\Sonny\Downloads\RuneScape (1).msi
2015-10-23 17:55 - 2015-11-14 13:00 - 00004408 _____ C:\Windows\setupact.log
2015-10-23 17:55 - 2015-10-23 17:55 - 00000000 _____ C:\Windows\setuperr.log
2015-10-23 17:22 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-10-23 17:22 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-10-22 17:51 - 2015-11-14 17:17 - 01506840 _____ C:\Windows\WindowsUpdate.log
2015-10-22 11:15 - 2015-10-22 11:15 - 00000000 ____D C:\Users\Sonny\AppData\Local\ESET
2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_.exe
2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_ (1).exe
2015-10-22 11:07 - 2015-10-22 11:07 - 00000000 ____D C:\Program Files (x86)\3ae6c0d0-b937-4081-9be9-f3f58501fc8e
2015-10-21 20:42 - 2015-10-21 20:42 - 01852453 _____ C:\Users\Sonny\AppData\Local\curl.zip
2015-10-21 20:42 - 2015-10-21 20:42 - 00000002 _____ C:\Users\Sonny\AppData\Local\OczLpK.vbs
2015-10-21 20:42 - 2015-10-21 20:42 - 00000000 ____D C:\Users\Sonny\AppData\Local\{FE4CCBE7-EA6F-42D8-88A8-35B174533055}
2015-10-21 18:57 - 2015-11-14 12:59 - 00001008 _____ C:\Windows\Tasks\8k4zjaU.job
2015-10-21 18:57 - 2015-10-21 18:57 - 00004020 _____ C:\Windows\System32\Tasks\8k4zjaU
2015-10-21 18:56 - 2015-11-14 12:59 - 00001042 _____ C:\Windows\Tasks\yR3gyuB665QVn2tdcFm0JVBk.job
2015-10-21 18:56 - 2015-10-21 18:57 - 00004054 _____ C:\Windows\System32\Tasks\yR3gyuB665QVn2tdcFm0JVBk
2015-10-20 19:31 - 2015-11-12 21:33 - 00002226 _____ C:\Users\Sonny\Desktop\chrome.lnk
2015-10-20 19:26 - 2015-11-14 14:46 - 00001048 _____ C:\Windows\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl.job
2015-10-20 19:26 - 2015-11-14 12:59 - 00001030 _____ C:\Windows\Tasks\3c2jDM05M6ay9rgGcf.job
2015-10-20 19:26 - 2015-10-20 19:26 - 00004058 _____ C:\Windows\System32\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl
2015-10-20 19:26 - 2015-10-20 19:26 - 00004042 _____ C:\Windows\System32\Tasks\3c2jDM05M6ay9rgGcf
2015-10-20 19:23 - 2015-10-20 19:23 - 00003910 _____ C:\Windows\System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898
2015-10-20 19:01 - 2015-11-14 14:35 - 00001018 _____ C:\Windows\Tasks\nAuWsaaA3Qnn.job
2015-10-20 19:01 - 2015-11-14 12:59 - 00001008 _____ C:\Windows\Tasks\ZkvbwFI.job
2015-10-20 19:01 - 2015-10-20 19:01 - 00004028 _____ C:\Windows\System32\Tasks\nAuWsaaA3Qnn
2015-10-20 19:01 - 2015-10-20 19:01 - 00004020 _____ C:\Windows\System32\Tasks\ZkvbwFI
2015-10-20 19:00 - 2015-11-14 12:59 - 00001024 _____ C:\Windows\Tasks\PciD5z2oV9Hq4LK.job
2015-10-20 19:00 - 2015-11-14 12:59 - 00001020 _____ C:\Windows\Tasks\tYyezAYRvk8jt.job
2015-10-20 19:00 - 2015-10-20 19:00 - 00004036 _____ C:\Windows\System32\Tasks\PciD5z2oV9Hq4LK
2015-10-20 19:00 - 2015-10-20 19:00 - 00004032 _____ C:\Windows\System32\Tasks\tYyezAYRvk8jt
2015-10-20 18:58 - 2015-10-22 11:56 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-20 18:58 - 2015-10-21 18:01 - 00000000 ____D C:\Program Files (x86)\3ff07109-e80a-45be-86af-4c8a97c65880
2015-10-20 18:23 - 2015-10-20 18:23 - 00003306 _____ C:\Windows\System32\Tasks\{62C4727E-EE8B-4CC4-ACF4-42684399E681}
2015-10-20 18:14 - 2015-09-06 11:15 - 00000856 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-16 17:04 - 2015-10-16 17:04 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Steam
2015-10-16 16:58 - 2015-10-20 19:59 - 00000000 ____D C:\Users\Sonny\Desktop\Life Is Strange
2015-10-16 13:05 - 2015-10-18 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 10:00 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 10:00 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 10:00 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-14 18:11 - 2014-08-20 19:12 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\uTorrent
2015-11-14 18:10 - 2014-07-23 23:29 - 00000000 ____D C:\Users\Sonny\AppData\Local\CrashDumps
2015-11-14 18:02 - 2014-07-31 20:19 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\TS3Client
2015-11-14 17:53 - 2014-07-23 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-14 17:30 - 2014-11-01 16:31 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-14 16:09 - 2014-12-14 15:44 - 00000000 ____D C:\Users\Sonny\AppData\Local\Battle.net
2015-11-14 16:09 - 2014-12-14 15:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-14 15:39 - 2015-07-10 00:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-14 14:48 - 2014-12-14 15:45 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-11-14 13:30 - 2014-11-01 16:31 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-14 13:12 - 2014-07-23 19:25 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CBE7263C-E444-4178-9108-E09677EE42AD}
2015-11-14 13:00 - 2014-07-24 10:11 - 00000000 __RDO C:\Users\Sonny\SkyDrive
2015-11-14 12:59 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-14 12:58 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-14 01:40 - 2014-04-27 02:21 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-13 10:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-13 08:57 - 2014-07-23 19:24 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2802146430-1798650074-2620433185-1002
2015-11-13 08:30 - 2014-08-21 13:11 - 00000000 ____D C:\Users\Sonny\Documents\My Games
2015-11-12 22:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2015-11-12 22:57 - 2014-11-01 16:10 - 00000000 ____D C:\AdwCleaner
2015-11-12 21:35 - 2015-02-14 19:46 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-12 21:35 - 2014-04-27 02:32 - 00001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM.lnk
2015-11-12 21:35 - 2014-04-27 02:20 - 00000712 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2015-11-12 21:35 - 2013-11-13 20:31 - 00001388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-12 21:35 - 2013-11-13 20:31 - 00001319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-12 21:34 - 2015-10-11 00:51 - 00002046 _____ C:\Users\Public\Desktop\TERA Launcher.lnk
2015-11-12 21:34 - 2015-09-09 20:39 - 00001401 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-11-12 21:34 - 2015-07-26 00:55 - 00001956 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-11-12 21:34 - 2015-07-10 00:49 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-12 21:34 - 2015-07-07 03:19 - 00001619 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-11-12 21:34 - 2014-12-14 15:45 - 00001175 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-11-12 21:34 - 2014-11-22 20:12 - 00001851 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-12 21:34 - 2014-11-17 19:06 - 00002090 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2015-11-12 21:34 - 2014-10-30 16:12 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-12 21:34 - 2014-10-11 08:25 - 00001937 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\setup.lnk
2015-11-12 21:34 - 2014-08-22 19:10 - 00000295 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-11-12 21:34 - 2014-07-23 19:18 - 00001464 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-12 21:34 - 2013-11-13 20:01 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-11-12 21:33 - 2015-06-14 00:20 - 00000961 _____ C:\Users\Sonny\Desktop\Open Broadcaster Software.lnk
2015-11-12 21:33 - 2014-12-22 21:20 - 00001031 _____ C:\Users\Sonny\Desktop\WinRAR.lnk
2015-11-12 21:33 - 2014-11-15 18:15 - 00000911 _____ C:\Users\Sonny\Desktop\µTorrent.lnk
2015-11-12 21:33 - 2014-11-15 18:15 - 00000891 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-11-12 21:33 - 2014-08-07 22:20 - 00001144 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Minecraft 1.5.2.lnk
2015-11-12 21:17 - 2015-07-10 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-12 21:17 - 2015-07-10 00:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-11 20:08 - 2013-08-22 15:44 - 00486512 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 20:04 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-11 19:52 - 2014-11-05 21:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 19:52 - 2014-11-05 21:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 19:52 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-11 19:33 - 2014-11-13 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-11-11 19:09 - 2014-07-24 10:47 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 19:09 - 2013-08-22 14:25 - 00000167 _____ C:\Windows\win.ini
2015-11-11 19:04 - 2014-07-24 10:47 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 00:53 - 2014-07-23 20:16 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 13:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-09 19:13 - 2014-12-23 12:23 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Skype
2015-11-08 01:46 - 2014-08-10 22:05 - 04537856 ___SH C:\Users\Sonny\Desktop\Thumbs.db
2015-11-07 22:28 - 2014-11-13 20:35 - 00000000 ____D C:\Users\Sonny\Downloads\Gameforge Live
2015-11-07 21:51 - 2015-06-05 21:12 - 00000074 _____ C:\Users\Sonny\Documents\ClownfishForTeamspeak.ini
2015-11-07 17:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-07 03:19 - 2014-10-13 18:31 - 00000044 _____ C:\Users\Sonny\jagex_cl_oldschool_LIVE.dat
2015-11-06 11:14 - 2015-06-15 14:47 - 03020192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-06 11:14 - 2014-11-10 15:03 - 03418456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-06 10:02 - 2014-04-27 02:20 - 00031860 _____ C:\Windows\system32\nvinfo.pb
2015-11-04 13:15 - 2014-07-25 20:46 - 00000000 ____D C:\Users\Sonny\Desktop\Slender v0.9.7
2015-11-03 13:28 - 2014-08-14 17:31 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-02 14:24 - 2015-02-22 01:08 - 00880432 _____ C:\Users\Sonny\Desktop\OSBuddy.exe
2015-10-30 19:23 - 2015-05-13 13:16 - 00000000 ___RD C:\Users\Sonny\OneDrive
2015-10-30 19:23 - 2014-11-01 21:08 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2802146430-1798650074-2620433185-1002
2015-10-28 15:27 - 2013-11-13 20:00 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-27 14:02 - 2014-11-29 10:55 - 00000000 ____D C:\Users\Sonny\Desktop\Neuer Ordner
2015-10-27 13:17 - 2014-08-07 20:10 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\.minecraft
2015-10-27 07:13 - 2013-11-12 22:26 - 00766620 _____ C:\Windows\system32\perfh007.dat
2015-10-27 07:13 - 2013-11-12 22:26 - 00159902 _____ C:\Windows\system32\perfc007.dat
2015-10-27 07:13 - 2013-11-12 21:54 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-24 18:57 - 2014-10-30 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-24 18:40 - 2014-11-17 19:07 - 00000000 ____D C:\.jagex_cache_32
2015-10-24 18:39 - 2015-09-05 08:56 - 00000000 ____D C:\Users\Sonny\.oracle_jre_usage
2015-10-24 18:37 - 2014-10-30 16:56 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-24 18:37 - 2014-08-07 20:09 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-24 13:41 - 2014-11-17 19:07 - 00000023 _____ C:\Users\Sonny\jagexappletviewer.preferences
2015-10-24 13:40 - 2014-11-17 19:07 - 00000044 _____ C:\Users\Sonny\jagex_cl_runescape_LIVE.dat
2015-10-23 20:43 - 2014-10-13 18:31 - 00000000 ____D C:\Users\Sonny\jagexcache
2015-10-22 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-22 14:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\tracing
2015-10-21 17:49 - 2014-12-23 12:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-20 18:20 - 2014-04-27 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-10-20 18:19 - 2015-08-12 19:29 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-20 18:12 - 2015-07-07 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-10-20 18:12 - 2014-11-01 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-19 21:10 - 2014-07-31 20:18 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-10-19 19:45 - 2014-07-23 19:27 - 00000000 ____D C:\Users\Sonny\AppData\Local\Google
2015-10-18 11:26 - 2014-07-23 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-18 11:25 - 2014-12-11 21:01 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-18 11:25 - 2014-07-25 18:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 04:59 - 2014-04-27 02:21 - 06875768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-15 04:59 - 2014-04-27 02:21 - 03496568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-15 04:59 - 2014-04-27 02:21 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-15 04:59 - 2014-04-27 02:21 - 01255544 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-15 04:59 - 2014-04-27 02:21 - 01060472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-10-15 04:59 - 2014-04-27 02:21 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-15 04:59 - 2014-04-27 02:21 - 00075056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-10-15 04:59 - 2014-04-27 02:21 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-15 01:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\8k4zjaU
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK
2005-04-08 03:16 - 2015-02-28 22:03 - 0142572 ____H () C:\Users\Sonny\AppData\Roaming\Sonnylog.dat
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Sonny\AppData\Roaming\ZkvbwFI
2015-10-21 20:42 - 2015-10-21 20:42 - 1852453 _____ () C:\Users\Sonny\AppData\Local\curl.zip
2015-10-21 20:42 - 2015-10-21 20:42 - 0000002 _____ () C:\Users\Sonny\AppData\Local\OczLpK.vbs
2015-03-23 18:53 - 2015-10-11 11:58 - 0007605 _____ () C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg
2015-06-20 15:06 - 2015-06-20 15:06 - 0000003 _____ () C:\Users\Sonny\AppData\Local\updater.log
2015-06-20 15:06 - 2015-10-02 11:12 - 0000424 _____ () C:\Users\Sonny\AppData\Local\UserProducts.xml

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Sonny\matrix_cl_CloudIn_LIVE.dat


Einige Dateien in TEMP:
====================
C:\Users\Sonny\AppData\Local\Temp\1da87fe019424c023a8f63d8acc8578f.dll
C:\Users\Sonny\AppData\Local\Temp\cct.dll
C:\Users\Sonny\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\Sonny\AppData\Local\Temp\JavaIC.dll
C:\Users\Sonny\AppData\Local\Temp\msscct32.dll
C:\Users\Sonny\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sonny\AppData\Local\Temp\sqlite3.dll
C:\Users\Sonny\AppData\Local\Temp\YSearchUtil.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-07 22:46

==================== Ende von FRST.txt ============================
         

Alt 15.11.2015, 06:51   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Sonny\AppData\Local\Temp\nsdB5CE.tmp

C:\Users\Sonny\AppData\Local\Temp\nsp3F6B.tmp

C:\Users\Sonny\AppData\Local\Temp\nspF2B6.tmp

C:\Users\Sonny\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\4F9ABF7C_stp\CreateShortcut.dll

C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\6BD96D0D_stp\TaskScheduler.dll

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\cezgufrd.dll

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\phodw.dll

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\102.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\104.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\14.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\178.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\179.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\180.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\184.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\200.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\223.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\231.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\232.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\234.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\242.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\246.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\252.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\253.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\273.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\277.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\281.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\288.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\300.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\311.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\334.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\335.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\339.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\348.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\357.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\376.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\380.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\385.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\390.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\391.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\419.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\424.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\91.js

C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf

C:\Users\Sonny\AppData\Roaming\8k4zjaU

C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn

C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK

C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl

C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt

C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk

C:\Users\Sonny\AppData\Roaming\ZkvbwFI

C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe

C:\Users\Sonny\Desktop\Alte Firefox-Daten\8iq92rbq.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi

C:\Users\Sonny\Downloads\7 Zip 32 Bit - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Bandicam - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Blockify - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55 (1).zip

C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55.zip

C:\Users\Sonny\Downloads\driverscanner.exe

C:\Users\Sonny\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

C:\Users\Sonny\Downloads\MotioninJoy - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Resource Hacker - CHIP-Installer.exe

C:\Users\Sonny\Downloads\RSBot-6058.jar

C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Skype - CHIP-Installer.exe

C:\Users\Sonny\Downloads\SoftEther VPN Client - CHIP-Installer.exe

C:\Users\Sonny\Downloads\TeamViewer - CHIP-Installer.exe

C:\Users\Sonny\Downloads\uTorrent (1).exe

C:\Users\Sonny\Downloads\uTorrent.exe

C:\Users\Sonny\Downloads\uTorrent891.exe

C:\Users\Sonny\Downloads\Virtual Audio Cable - CHIP-Installer.exe

C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55\Darkorbit Hack v2.55.zip

C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55 (1)\Darkorbit Hack v2.55.zip

C:\Windows\Installer\a3ed4.msi

C:\Windows\Temp\6FDD.tmp

C:\Windows\Temp\FF9.tmp
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53289;https=127.0.0.1:53289
RemoveProxy:
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen





und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.11.2015, 17:49   #15
stefan nur
 
Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Standard

Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Sonny (2015-11-15 16:36:54) Run:1
Gestartet von C:\Users\Sonny\Desktop\config
Geladene Profile: Sonny (Verfügbare Profile: Sonny)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Sonny\AppData\Local\Temp\nsdB5CE.tmp

C:\Users\Sonny\AppData\Local\Temp\nsp3F6B.tmp

C:\Users\Sonny\AppData\Local\Temp\nspF2B6.tmp

C:\Users\Sonny\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\4F9ABF7C_stp\CreateShortcut.dll

C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\6BD96D0D_stp\TaskScheduler.dll

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\cezgufrd.dll

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\phodw.dll

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\102.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\104.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\14.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\178.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\179.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\180.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\184.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\200.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\223.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\231.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\232.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\234.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\242.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\246.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\252.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\253.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\273.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\277.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\281.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\288.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\300.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\311.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\334.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\335.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\339.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\348.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\357.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\376.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\380.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\385.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\390.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\391.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\419.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\424.js

C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\91.js

C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf

C:\Users\Sonny\AppData\Roaming\8k4zjaU

C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn

C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK

C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl

C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt

C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk

C:\Users\Sonny\AppData\Roaming\ZkvbwFI

C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe

C:\Users\Sonny\Desktop\Alte Firefox-Daten\8iq92rbq.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi

C:\Users\Sonny\Downloads\7 Zip 32 Bit - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Bandicam - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Blockify - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55 (1).zip

C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55.zip

C:\Users\Sonny\Downloads\driverscanner.exe

C:\Users\Sonny\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

C:\Users\Sonny\Downloads\MotioninJoy - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Resource Hacker - CHIP-Installer.exe

C:\Users\Sonny\Downloads\RSBot-6058.jar

C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe

C:\Users\Sonny\Downloads\Skype - CHIP-Installer.exe

C:\Users\Sonny\Downloads\SoftEther VPN Client - CHIP-Installer.exe

C:\Users\Sonny\Downloads\TeamViewer - CHIP-Installer.exe

C:\Users\Sonny\Downloads\uTorrent (1).exe

C:\Users\Sonny\Downloads\uTorrent.exe

C:\Users\Sonny\Downloads\uTorrent891.exe

C:\Users\Sonny\Downloads\Virtual Audio Cable - CHIP-Installer.exe

C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55\Darkorbit Hack v2.55.zip

C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55 (1)\Darkorbit Hack v2.55.zip

C:\Windows\Installer\a3ed4.msi

C:\Windows\Temp\6FDD.tmp

C:\Windows\Temp\FF9.tmp
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53289;https=127.0.0.1:53289
RemoveProxy:
Emptytemp:
*****************

C:\Users\Sonny\AppData\Local\Temp\nsdB5CE.tmp => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nsp3F6B.tmp => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nspF2B6.tmp => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\DMR\dmr_72.exe => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\4F9ABF7C_stp\CreateShortcut.dll => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\ns6C7051C9\6BD96D0D_stp\TaskScheduler.dll => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\cezgufrd.dll => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\phodw.dll => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\102.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\104.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\14.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\178.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\179.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\180.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\184.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\200.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\223.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\231.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\232.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\234.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\242.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\246.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\252.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\253.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\273.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\277.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\281.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\288.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\300.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\311.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\334.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\335.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\339.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\348.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\357.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\376.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\380.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\385.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\390.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\391.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\419.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\424.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Local\Temp\nswEDB6.tmp\{B9ACB687-EDCE-43A5-9578-44A48433963D}\plugins\91.js => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\3c2jDM05M6ay9rgGcf => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\8k4zjaU => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\nAuWsaaA3Qnn => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\PciD5z2oV9Hq4LK => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\Tx2a5WctpJVeCncNO2s5iTUEFLl => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\tYyezAYRvk8jt => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\yR3gyuB665QVn2tdcFm0JVBk => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\ZkvbwFI => erfolgreich verschoben
C:\Users\Sonny\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe => erfolgreich verschoben
C:\Users\Sonny\Desktop\Alte Firefox-Daten\8iq92rbq.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi => erfolgreich verschoben
C:\Users\Sonny\Downloads\7 Zip 32 Bit - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\Bandicam - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\Blockify - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55 (1).zip => erfolgreich verschoben
C:\Users\Sonny\Downloads\Darkorbit Hack v.2.55.zip => erfolgreich verschoben
C:\Users\Sonny\Downloads\driverscanner.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\MotioninJoy - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\Resource Hacker - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\RSBot-6058.jar => erfolgreich verschoben
C:\Users\Sonny\Downloads\ShellExView - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\Skype - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\SoftEther VPN Client - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\TeamViewer - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\uTorrent (1).exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\uTorrent.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\uTorrent891.exe => erfolgreich verschoben
C:\Users\Sonny\Downloads\Virtual Audio Cable - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55\Darkorbit Hack v2.55.zip => erfolgreich verschoben
C:\Users\Sonny\SkyDrive\Dokumente\Darkorbit Hack v.2.55 (1)\Darkorbit Hack v2.55.zip => erfolgreich verschoben
C:\Windows\Installer\a3ed4.msi => erfolgreich verschoben
C:\Windows\Temp\6FDD.tmp => erfolgreich verschoben
C:\Windows\Temp\FF9.tmp => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========

EmptyTemp: => 1.5 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:37:47 ====
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Sonny (Administrator) auf MSI_SAMDAR (15-11-2015 17:45:51)
Gestartet von C:\Users\Sonny\Desktop\config
Geladene Profile: Sonny (Verfügbare Profile: Sonny)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\MSI\MSI Remind Manager\MSI Reminder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Farbar) C:\Users\Sonny\Desktop\config\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-23] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2014-04-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink)
HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [249856 2014-01-23] (SteelSeries ApS)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [4946856 2014-10-16] (Steganos Software GmbH)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [uTorrent] => C:\Users\Sonny\AppData\Roaming\uTorrent\uTorrent.exe [1888792 2015-11-13] (BitTorrent Inc.)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2802146430-1798650074-2620433185-1002\...\MountPoints2: {f40e9899-2c5b-11e4-8272-a08869908039} - "F:\windows\Data\setup.exe" 
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-11-12]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{067846F7-8DB6-4D95-A851-BECD63790717}: [DhcpNameServer] 10.11.0.1
Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{7CF9BCF8-FDAE-4C28-813C-13345F0FFD96}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8B10DFEE-2A45-471C-B680-0146B9966FB7}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660324794&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660331387&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130898378660370656&GUID=2EAF34BE-DF2E-AFE4-66B9-9D27FEBAE0D0
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2802146430-1798650074-2620433185-1002 -> {72A48C13-DCBC-4156-9710-EED96895E310} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation)
Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2802146430-1798650074-2620433185-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sonny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\v0ofh5r4.default-1431427622023\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-10-09] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon => nicht gefunden
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/?gws_rd=ssl"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll => Keine Datei
CHR Profile: C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-02]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-26] (CyberLink)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2014-04-23] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [321976 2014-10-16] (Steganos Software GmbH)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S3 iumsvc; "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [63488 2014-04-27] (Microsoft Corporation) [Datei ist nicht signiert]
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-05-22] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-04-23] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140909.001\IDSvia64.sys [633560 2014-09-06] (Symantec Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys [20464 2013-11-12] (Windows (R) Win 7 DDK provider)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140909.024\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-04-23] (Realsil Semiconductor Corporation)
S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation)
S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
S3 HSPADataCardusbmdm; \SystemRoot\system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; \SystemRoot\system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; \SystemRoot\system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; \SystemRoot\System32\drivers\massfilter.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-15 16:39 - 2015-11-15 16:39 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-15 02:10 - 2015-11-15 02:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-11-15 02:10 - 2015-11-15 02:10 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-15 00:05 - 2015-11-15 00:06 - 00000030 _____ C:\Users\Sonny\Desktop\boost acc gunjack.txt
2015-11-14 18:06 - 2015-11-14 18:06 - 00852720 _____ C:\Users\Sonny\Downloads\SecurityCheck.exe
2015-11-14 13:54 - 2015-11-14 13:54 - 02870984 _____ (ESET) C:\Users\Sonny\Downloads\esetsmartinstaller_deu.exe
2015-11-14 02:18 - 2015-11-14 02:18 - 00002196 _____ C:\Users\Sonny\Desktop\ShellExView - CHIP Downloader.lnk
2015-11-14 02:17 - 2015-11-14 02:17 - 00164744 _____ C:\Users\Sonny\Downloads\sview97.zip
2015-11-14 01:37 - 2015-11-14 01:37 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-11-13 21:30 - 2015-11-09 14:22 - 27330800 _____ C:\Users\Sonny\Desktop\GameIntro_V3_B.bk2
2015-11-13 08:30 - 2015-11-13 08:31 - 00000000 ____D C:\Users\Sonny\AppData\Local\Fallout4
2015-11-13 08:30 - 2015-11-13 08:30 - 00000691 _____ C:\Users\Sonny\Desktop\Fallout 4.lnk
2015-11-13 08:30 - 2015-11-13 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2015-11-13 07:59 - 2015-11-13 07:59 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\PowerISO
2015-11-13 01:55 - 2015-11-13 02:12 - 00000000 ____D C:\Users\Sonny\Downloads\Fallout.4-CODEX
2015-11-12 23:09 - 2015-11-12 23:09 - 00002853 _____ C:\Users\Sonny\Desktop\JRT.txt
2015-11-12 23:05 - 2015-11-12 23:05 - 01798976 _____ (Malwarebytes) C:\Users\Sonny\Downloads\JRT.exe
2015-11-12 23:05 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Sonny\Desktop\JRT.exe
2015-11-12 22:59 - 2015-11-15 16:38 - 00199700 _____ C:\Windows\PFRO.log
2015-11-12 22:52 - 2015-11-12 22:52 - 01712128 _____ C:\Users\Sonny\Downloads\AdwCleaner_5.019.exe
2015-11-12 22:38 - 2015-11-12 22:38 - 00115551 _____ C:\mbam.txt
2015-11-12 00:46 - 2015-11-12 00:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Sonny\Downloads\tdsskiller.exe
2015-11-11 19:40 - 2015-11-12 22:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-11 19:38 - 2015-11-11 19:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sonny\Downloads\mbar-1.09.3.1001(1).exe
2015-11-11 19:37 - 2015-11-11 21:11 - 00000000 ____D C:\Users\Sonny\Desktop\mbar
2015-11-11 19:37 - 2015-11-11 19:37 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sonny\Downloads\mbar-1.09.3.1001.exe
2015-11-11 19:34 - 2015-11-11 19:34 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2015-11-11 19:26 - 2015-11-12 21:33 - 00001294 _____ C:\Users\Sonny\Desktop\Revo Uninstaller.lnk
2015-11-11 19:26 - 2015-11-11 19:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sonny\Downloads\revosetup95.exe
2015-11-11 19:26 - 2015-11-11 19:26 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-11 19:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 19:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 19:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 19:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 19:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 19:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 19:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 19:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 19:03 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 19:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 19:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 19:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 19:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 19:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 19:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 19:03 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 19:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 19:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 19:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 19:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 19:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 19:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 19:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 19:03 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 19:03 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 18:05 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 18:05 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 18:05 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 18:05 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 18:05 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 18:05 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 18:05 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 18:05 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 18:05 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 18:05 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 18:05 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 18:05 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 18:05 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 18:05 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 18:05 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 18:05 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 18:05 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 18:05 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 18:05 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 18:05 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 18:05 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 18:05 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 18:05 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 18:05 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 18:05 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 18:05 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 18:05 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 18:05 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 18:05 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 18:05 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 18:05 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 18:05 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 18:05 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 18:05 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 18:05 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 18:05 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 18:05 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 18:05 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 18:05 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 18:05 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 18:05 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 18:05 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 18:05 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 18:05 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 18:05 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 18:05 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 18:05 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-11 18:05 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-11 18:05 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-10 18:46 - 2015-11-10 18:46 - 00070929 _____ C:\Users\Sonny\Downloads\Addition.txt
2015-11-10 18:44 - 2015-11-15 17:45 - 00000000 ____D C:\FRST
2015-11-10 18:44 - 2015-11-14 18:11 - 00066074 _____ C:\Users\Sonny\Downloads\FRST.txt
2015-11-10 18:44 - 2015-11-10 18:44 - 02198528 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe
2015-11-10 18:43 - 2015-11-10 18:43 - 01702400 _____ (Farbar) C:\Users\Sonny\Downloads\FRST.exe
2015-11-06 11:22 - 2015-11-06 11:22 - 17679448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-06 11:21 - 2015-11-06 11:21 - 15191992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-06 11:20 - 2015-11-06 11:20 - 30503056 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-06 11:20 - 2015-11-06 11:20 - 16170920 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-06 11:20 - 2015-11-06 11:20 - 13284848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 22963344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 11105936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-06 11:19 - 2015-11-06 11:19 - 01070920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 00416912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 00372880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 00185816 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-06 11:19 - 2015-11-06 11:19 - 00164008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 01566352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435435.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 01082000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 01004360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 00512136 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-11-06 11:18 - 2015-11-06 11:18 - 00416352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 15928728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 12910488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 11853464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 02961224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 02627728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-06 11:17 - 2015-11-06 11:17 - 01907016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435435.dll
2015-11-06 11:15 - 2015-11-06 11:15 - 42740368 _____ C:\Windows\system32\nvcompiler.dll
2015-11-06 11:15 - 2015-11-06 11:15 - 37758280 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-06 11:12 - 2015-11-06 11:12 - 14523248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-06 11:12 - 2015-11-06 11:12 - 00992400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-03 22:22 - 2015-11-03 22:22 - 00061440 _____ (Gary's Hood) C:\Users\Sonny\Downloads\rsclient.exe
2015-11-03 14:35 - 2015-11-03 14:35 - 00017533 _____ C:\Windows\DirectX.log
2015-11-03 13:28 - 2015-11-03 13:28 - 00000219 _____ C:\Users\Sonny\Desktop\Counter-Strike Global Offensive.url
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini
2015-10-28 15:29 - 2015-10-28 15:29 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Tera_Awesomium
2015-10-27 16:14 - 2015-11-15 16:59 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-27 16:14 - 2015-11-12 21:34 - 00000983 _____ C:\Users\Public\Desktop\Steam.lnk
2015-10-27 16:14 - 2015-10-27 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup.exe
2015-10-27 16:13 - 2015-10-27 16:13 - 01476720 _____ C:\Users\Sonny\Downloads\SteamSetup (1).exe
2015-10-27 14:06 - 2015-10-27 14:08 - 00000000 ____D C:\Users\Sonny\Desktop\dead realMUH
2015-10-27 13:34 - 2015-10-27 13:34 - 00000000 ____D C:\Users\Sonny\AppData\LocalLow\Section Studios_ Inc_
2015-10-27 13:30 - 2015-10-27 13:31 - 734982235 _____ C:\Users\Sonny\Downloads\[www.mpc-g.com]DdRlm144.7z
2015-10-24 18:37 - 2015-10-24 18:37 - 00584288 _____ (Oracle Corporation) C:\Users\Sonny\Downloads\jxpiinstall(1).exe
2015-10-23 20:43 - 2015-11-12 21:33 - 00002060 _____ C:\Users\Sonny\Desktop\RuneScape.lnk
2015-10-23 20:43 - 2015-10-23 20:43 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-10-23 20:39 - 2015-10-23 20:42 - 24219648 _____ C:\Users\Sonny\Downloads\RuneScape (1).msi
2015-10-23 17:55 - 2015-11-15 16:39 - 00004756 _____ C:\Windows\setupact.log
2015-10-23 17:55 - 2015-10-23 17:55 - 00000000 _____ C:\Windows\setuperr.log
2015-10-23 17:22 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-10-23 17:22 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-10-22 17:51 - 2015-11-15 17:18 - 01592468 _____ C:\Windows\WindowsUpdate.log
2015-10-22 11:15 - 2015-10-22 11:15 - 00000000 ____D C:\Users\Sonny\AppData\Local\ESET
2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_.exe
2015-10-22 11:10 - 2015-10-22 11:10 - 02837704 _____ (ESET) C:\Users\Sonny\Downloads\eset_smart_security_live_installer_ (1).exe
2015-10-22 11:07 - 2015-10-22 11:07 - 00000000 ____D C:\Program Files (x86)\3ae6c0d0-b937-4081-9be9-f3f58501fc8e
2015-10-21 20:42 - 2015-10-21 20:42 - 01852453 _____ C:\Users\Sonny\AppData\Local\curl.zip
2015-10-21 20:42 - 2015-10-21 20:42 - 00000002 _____ C:\Users\Sonny\AppData\Local\OczLpK.vbs
2015-10-21 20:42 - 2015-10-21 20:42 - 00000000 ____D C:\Users\Sonny\AppData\Local\{FE4CCBE7-EA6F-42D8-88A8-35B174533055}
2015-10-21 18:57 - 2015-11-15 16:39 - 00001008 _____ C:\Windows\Tasks\8k4zjaU.job
2015-10-21 18:57 - 2015-10-21 18:57 - 00004020 _____ C:\Windows\System32\Tasks\8k4zjaU
2015-10-21 18:56 - 2015-11-15 16:39 - 00001042 _____ C:\Windows\Tasks\yR3gyuB665QVn2tdcFm0JVBk.job
2015-10-21 18:56 - 2015-10-21 18:57 - 00004054 _____ C:\Windows\System32\Tasks\yR3gyuB665QVn2tdcFm0JVBk
2015-10-20 19:31 - 2015-11-12 21:33 - 00002226 _____ C:\Users\Sonny\Desktop\chrome.lnk
2015-10-20 19:26 - 2015-11-15 16:39 - 00001048 _____ C:\Windows\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl.job
2015-10-20 19:26 - 2015-11-15 16:39 - 00001030 _____ C:\Windows\Tasks\3c2jDM05M6ay9rgGcf.job
2015-10-20 19:26 - 2015-10-20 19:26 - 00004058 _____ C:\Windows\System32\Tasks\Tx2a5WctpJVeCncNO2s5iTUEFLl
2015-10-20 19:26 - 2015-10-20 19:26 - 00004042 _____ C:\Windows\System32\Tasks\3c2jDM05M6ay9rgGcf
2015-10-20 19:23 - 2015-10-20 19:23 - 00003910 _____ C:\Windows\System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898
2015-10-20 19:01 - 2015-11-15 16:39 - 00001018 _____ C:\Windows\Tasks\nAuWsaaA3Qnn.job
2015-10-20 19:01 - 2015-11-15 16:39 - 00001008 _____ C:\Windows\Tasks\ZkvbwFI.job
2015-10-20 19:01 - 2015-10-20 19:01 - 00004028 _____ C:\Windows\System32\Tasks\nAuWsaaA3Qnn
2015-10-20 19:01 - 2015-10-20 19:01 - 00004020 _____ C:\Windows\System32\Tasks\ZkvbwFI
2015-10-20 19:00 - 2015-11-15 16:39 - 00001024 _____ C:\Windows\Tasks\PciD5z2oV9Hq4LK.job
2015-10-20 19:00 - 2015-11-15 16:39 - 00001020 _____ C:\Windows\Tasks\tYyezAYRvk8jt.job
2015-10-20 19:00 - 2015-10-20 19:00 - 00004036 _____ C:\Windows\System32\Tasks\PciD5z2oV9Hq4LK
2015-10-20 19:00 - 2015-10-20 19:00 - 00004032 _____ C:\Windows\System32\Tasks\tYyezAYRvk8jt
2015-10-20 18:58 - 2015-10-22 11:56 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-20 18:58 - 2015-10-21 18:01 - 00000000 ____D C:\Program Files (x86)\3ff07109-e80a-45be-86af-4c8a97c65880
2015-10-20 18:23 - 2015-10-20 18:23 - 00003306 _____ C:\Windows\System32\Tasks\{62C4727E-EE8B-4CC4-ACF4-42684399E681}
2015-10-20 18:14 - 2015-09-06 11:15 - 00000856 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-16 17:04 - 2015-10-16 17:04 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Steam
2015-10-16 16:58 - 2015-10-20 19:59 - 00000000 ____D C:\Users\Sonny\Desktop\Life Is Strange
2015-10-16 13:05 - 2015-10-18 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-15 17:39 - 2015-07-10 00:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-15 17:30 - 2014-11-01 16:31 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-15 17:29 - 2014-07-31 20:19 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\TS3Client
2015-11-15 16:53 - 2014-07-23 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-15 16:41 - 2014-11-01 16:31 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 16:39 - 2014-08-10 22:05 - 04537856 ___SH C:\Users\Sonny\Desktop\Thumbs.db
2015-11-15 16:39 - 2014-07-24 10:11 - 00000000 __RDO C:\Users\Sonny\SkyDrive
2015-11-15 16:39 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-15 16:38 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-15 16:37 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-11-15 16:37 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-15 16:32 - 2014-07-23 23:29 - 00000000 ____D C:\Users\Sonny\AppData\Local\CrashDumps
2015-11-15 14:37 - 2014-12-14 15:44 - 00000000 ____D C:\Users\Sonny\AppData\Local\Battle.net
2015-11-15 14:37 - 2014-12-14 15:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-15 12:50 - 2014-07-23 19:25 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CBE7263C-E444-4178-9108-E09677EE42AD}
2015-11-15 02:22 - 2014-07-23 19:24 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2802146430-1798650074-2620433185-1002
2015-11-15 02:10 - 2015-07-26 00:55 - 00001960 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-11-14 20:31 - 2014-08-20 19:12 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\uTorrent
2015-11-14 14:48 - 2014-12-14 15:45 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-11-14 01:40 - 2014-04-27 02:21 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-13 10:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-13 08:30 - 2014-08-21 13:11 - 00000000 ____D C:\Users\Sonny\Documents\My Games
2015-11-12 22:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2015-11-12 22:57 - 2014-11-01 16:10 - 00000000 ____D C:\AdwCleaner
2015-11-12 21:35 - 2015-02-14 19:46 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-12 21:35 - 2014-04-27 02:32 - 00001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM.lnk
2015-11-12 21:35 - 2014-04-27 02:20 - 00000712 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2015-11-12 21:35 - 2013-11-13 20:31 - 00001388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-12 21:35 - 2013-11-13 20:31 - 00001319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-12 21:34 - 2015-10-11 00:51 - 00002046 _____ C:\Users\Public\Desktop\TERA Launcher.lnk
2015-11-12 21:34 - 2015-09-09 20:39 - 00001401 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-11-12 21:34 - 2015-07-10 00:49 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-12 21:34 - 2015-07-07 03:19 - 00001619 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-11-12 21:34 - 2014-12-14 15:45 - 00001175 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-11-12 21:34 - 2014-11-22 20:12 - 00001851 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-12 21:34 - 2014-11-17 19:06 - 00002090 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2015-11-12 21:34 - 2014-10-30 16:12 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-12 21:34 - 2014-10-11 08:25 - 00001937 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\setup.lnk
2015-11-12 21:34 - 2014-08-22 19:10 - 00000295 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-11-12 21:34 - 2014-07-23 19:18 - 00001464 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-12 21:34 - 2013-11-13 20:01 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-11-12 21:33 - 2015-06-14 00:20 - 00000961 _____ C:\Users\Sonny\Desktop\Open Broadcaster Software.lnk
2015-11-12 21:33 - 2014-12-22 21:20 - 00001031 _____ C:\Users\Sonny\Desktop\WinRAR.lnk
2015-11-12 21:33 - 2014-11-15 18:15 - 00000911 _____ C:\Users\Sonny\Desktop\µTorrent.lnk
2015-11-12 21:33 - 2014-11-15 18:15 - 00000891 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-11-12 21:33 - 2014-08-07 22:20 - 00001144 _____ C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Minecraft 1.5.2.lnk
2015-11-12 21:17 - 2015-07-10 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-12 21:17 - 2015-07-10 00:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-11 20:08 - 2013-08-22 15:44 - 00486512 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 20:04 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-11 19:52 - 2014-11-05 21:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 19:52 - 2014-11-05 21:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 19:52 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-11 19:33 - 2014-11-13 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-11-11 19:09 - 2014-07-24 10:47 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 19:09 - 2013-08-22 14:25 - 00000167 _____ C:\Windows\win.ini
2015-11-11 19:04 - 2014-07-24 10:47 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 00:53 - 2014-07-23 20:16 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 13:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-09 19:13 - 2014-12-23 12:23 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Skype
2015-11-07 22:28 - 2014-11-13 20:35 - 00000000 ____D C:\Users\Sonny\Downloads\Gameforge Live
2015-11-07 21:51 - 2015-06-05 21:12 - 00000074 _____ C:\Users\Sonny\Documents\ClownfishForTeamspeak.ini
2015-11-07 17:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-07 03:19 - 2014-10-13 18:31 - 00000044 _____ C:\Users\Sonny\jagex_cl_oldschool_LIVE.dat
2015-11-06 11:14 - 2015-06-15 14:47 - 03020192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-06 11:14 - 2014-11-10 15:03 - 03418456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-06 10:02 - 2014-04-27 02:20 - 00031860 _____ C:\Windows\system32\nvinfo.pb
2015-11-04 13:15 - 2014-07-25 20:46 - 00000000 ____D C:\Users\Sonny\Desktop\Slender v0.9.7
2015-11-03 13:28 - 2014-08-14 17:31 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-02 14:24 - 2015-02-22 01:08 - 00880432 _____ C:\Users\Sonny\Desktop\OSBuddy.exe
2015-10-30 19:23 - 2015-05-13 13:16 - 00000000 ___RD C:\Users\Sonny\OneDrive
2015-10-30 19:23 - 2014-11-01 21:08 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2802146430-1798650074-2620433185-1002
2015-10-28 15:27 - 2013-11-13 20:00 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-27 14:02 - 2014-11-29 10:55 - 00000000 ____D C:\Users\Sonny\Desktop\Neuer Ordner
2015-10-27 13:17 - 2014-08-07 20:10 - 00000000 ____D C:\Users\Sonny\AppData\Roaming\.minecraft
2015-10-27 07:13 - 2013-11-12 22:26 - 00766620 _____ C:\Windows\system32\perfh007.dat
2015-10-27 07:13 - 2013-11-12 22:26 - 00159902 _____ C:\Windows\system32\perfc007.dat
2015-10-27 07:13 - 2013-11-12 21:54 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-24 18:57 - 2014-10-30 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-24 18:40 - 2014-11-17 19:07 - 00000000 ____D C:\.jagex_cache_32
2015-10-24 18:39 - 2015-09-05 08:56 - 00000000 ____D C:\Users\Sonny\.oracle_jre_usage
2015-10-24 18:37 - 2014-10-30 16:56 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-24 18:37 - 2014-08-07 20:09 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-24 13:41 - 2014-11-17 19:07 - 00000023 _____ C:\Users\Sonny\jagexappletviewer.preferences
2015-10-24 13:40 - 2014-11-17 19:07 - 00000044 _____ C:\Users\Sonny\jagex_cl_runescape_LIVE.dat
2015-10-23 20:43 - 2014-10-13 18:31 - 00000000 ____D C:\Users\Sonny\jagexcache
2015-10-22 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-22 14:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\tracing
2015-10-21 17:49 - 2014-12-23 12:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-20 18:20 - 2014-04-27 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-10-20 18:19 - 2015-08-12 19:29 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-20 18:12 - 2015-07-07 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-10-20 18:12 - 2014-11-01 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-19 21:10 - 2014-07-31 20:18 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-10-19 19:45 - 2014-07-23 19:27 - 00000000 ____D C:\Users\Sonny\AppData\Local\Google
2015-10-18 11:26 - 2014-07-23 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-18 11:25 - 2014-12-11 21:01 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-18 11:25 - 2014-07-25 18:55 - 00000000 ___SD C:\Windows\system32\CompatTel

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2005-04-08 03:16 - 2015-02-28 22:03 - 0142572 ____H () C:\Users\Sonny\AppData\Roaming\Sonnylog.dat
2015-10-21 20:42 - 2015-10-21 20:42 - 1852453 _____ () C:\Users\Sonny\AppData\Local\curl.zip
2015-10-21 20:42 - 2015-10-21 20:42 - 0000002 _____ () C:\Users\Sonny\AppData\Local\OczLpK.vbs
2015-03-23 18:53 - 2015-10-11 11:58 - 0007605 _____ () C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg
2015-06-20 15:06 - 2015-06-20 15:06 - 0000003 _____ () C:\Users\Sonny\AppData\Local\updater.log
2015-06-20 15:06 - 2015-10-02 11:12 - 0000424 _____ () C:\Users\Sonny\AppData\Local\UserProducts.xml

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Sonny\matrix_cl_CloudIn_LIVE.dat


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-07 22:46

==================== Ende von FRST.txt ============================
         
naja, Probleme keine wäre halt nur froh wenn nach dem ganzen rumgescanne endlich mal Tipps zur Problembehandlung kommen würden :| aber Geduld ist wohl Gefragt

Antwort

Themen zu Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht
admins, aktualisiert, ausführen, bildschirm, blick, cmd, community, desktop, funktioniert, google, krieg, langer, nicht mehr, ordner, problem, programme, rechtsklick, schei, screen, screenshot, sobald, tipps, wenige, windows, ähnliches



Ähnliche Themen: Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht


  1. Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht
    Alles rund um Windows - 12.11.2015 (3)
  2. Rechtsklick auf Dateien nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 07.05.2015 (5)
  3. Rechtsklick auf Anwendungen funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 31.03.2015 (23)
  4. Laptop läuft langsam Win 7, Rechtsklick mit Maus funktioniert nicht, Laptop zickt rum.
    Plagegeister aller Art und deren Bekämpfung - 18.01.2015 (11)
  5. Keine Internetverbindung, Firewall nicht aktivierbar, Explorer crash bei rechtsklick
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (12)
  6. Kann OTL nicht ausführen weil WOW64 nicht funktioniert
    Log-Analyse und Auswertung - 07.01.2014 (12)
  7. adminstrator .. was überwacht er ?
    Überwachung, Datenschutz und Spam - 22.12.2013 (1)
  8. Downloads nicht möglich, zudem Rechtsklick auf Desktop lässt Explorer abstürzen
    Plagegeister aller Art und deren Bekämpfung - 14.11.2013 (31)
  9. .exe files lassen sich nicht ausführen, malware lässt sich nicht ausführen, system wiederherstellung nicht möglich
    Log-Analyse und Auswertung - 25.03.2013 (0)
  10. Rechtsklick auf Datein/Ordner geht nicht mehr
    Alles rund um Windows - 10.06.2012 (1)
  11. Benötige eure Hilfe! Rechtsklick auf Dateien nicht möglich
    Log-Analyse und Auswertung - 28.11.2011 (3)
  12. WTR Loader funktioniert nicht und Host capplication funktioniert nicht (Catalyst Control Center)
    Log-Analyse und Auswertung - 07.05.2011 (23)
  13. Mein PC meldet sich beim Adminstrator immer ab!
    Alles rund um Windows - 26.04.2010 (6)
  14. Intel Atom Laptop - IE Funktioniert nicht, Antivir Programm funktioniert nicht.
    Plagegeister aller Art und deren Bekämpfung - 05.01.2010 (1)
  15. Absturz bei Rechtsklick / Antivir startet nicht
    Log-Analyse und Auswertung - 29.12.2009 (1)
  16. Rechtsklick nicht mehr möglich - Viren?
    Log-Analyse und Auswertung - 01.11.2007 (1)
  17. Eingabeaufforderung/Ausführen... funktioniert nicht mehr
    Log-Analyse und Auswertung - 04.11.2005 (14)

Zum Thema Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht - Hi community, Ich habe anscheinend ein Problem das sehr wenige kennen und haben da ich bei Google nihts ähnliches gefunden hab also.... es ist mir (seit langer zeit, nur nerfts - Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht...
Archiv
Du betrachtest: Rechtsklick (als Adminstrator ausführen) funktioniert bei mir nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.