Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Phishing-Zip-Anhang auf PC und Handy geöffnet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.06.2016, 17:50   #1
Erthos
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



Hallo Zusammen,

ich könnte gerade explodieren vor Wut, aber das bringt ja nichts - was ich brauche, ist schnelle Hilfe...

Ein Kumpel fand' es scheinbar witzig mir eine an ihn adressierte Phishing-Mail von "Rechnungsstelle GiroPay AG" mit Anhang weiterzuleiten. Naja, auf jeden Fall ist mein Mail-Account so eingestellt, dass es Anhänge von ihm direkt runterlädt und öffnet, daher hab' ich den potentiellen Schaden jetzt auf Handy [Android] und PC [Windows 8].
Meine Fragen sind jetzt: Wie kann ich überprüfen, was an Daten, etc. schon verloren ist und geändert werden sollte? Und wie krieg' ich das Ganze effektiv wieder von meinen Geräten, sodass ich sie wieder gefahrlos benutzen kann?

Es handelte sich um eine Zip-Datei, die wie üblich im Download-Ordner abgespeichert wurde. Gerade läuft ein Avira-Scan [schon seit über einer Stunde], habe hier allerdings schon mehrfach gelesen, dass das nicht den durchschlagenden Effekt hat. Außerdem habe ich die entsprechende Datei in den Papierkorb verschoben und ihn entleert.

Beste Grüße und Danke an schnelle Helfer,
Erthos

Avira-Export:

Code:
ATTFilter
Exportierte Ereignisse:

21.06.2016 17:38 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vera\AppData\Roaming\opamp-15\opamp-9.exe'
      enthält folgendes Muster 'TR/Crypt.Xpack.zwpz' [trojan]
      Ausgeführte Aktion(en):
      Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler 
      aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
      Die Quelldatei konnte nicht gefunden werden.
      Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
      Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
      Der Bootsektor wurde aufgrund des inkompatiblen Formats nicht gescannt.
      Die Datei wurde zum Löschen nach einem Neustart markiert.
      Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.

21.06.2016 17:34 [Echtzeit-Scanner] Malware gefunden
      Muster 'TR/Crypt.Xpack.zwpz [trojan]'
      in Datei 'C:\Users\Vera\AppData\Roaming\opamp-15\opamp-9.exe gefunden.
      Durchgeführte Aktion: Zugriff verweigern

21.06.2016 17:29 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\WINDOWS\system32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys'
      enthält folgendes Muster 'Adware/BrowseFox.drc' [adware]
      Ausgeführte Aktion(en):
      Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler 
      aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
      Die Quelldatei konnte nicht gefunden werden.
      Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
      Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
      Die Datei existiert nicht!

21.06.2016 17:29 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\AdwCleaner\Quarantine\C\Users\Vera\AppData\Local\Temp\OCS\ocs_v71.exe.vir'
      enthält folgendes Muster 'PUA/DownloadSponsor.Gen' [riskware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '6d2ab98a.qua' 
      verschoben!

21.06.2016 17:28 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\AdwCleaner\Quarantine\C\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\
      extensions\Extensions\pricepeep@getpricepeep.com.xpi.vir'
      enthält folgendes Muster 'Adware/PricePeep.P' [adware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4673e58e.qua' 
      verschoben!

21.06.2016 17:28 [System-Scanner] Malware gefunden
      Die Datei 'C:\Program Files (x86)\Freemake\Freemake Video 
      Converter\SetupUpdate.exe'
      enthält folgendes Muster 'PUA/OpenCandy.Gen' [riskware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '33ef9db7.qua' 
      verschoben!

21.06.2016 17:28 [System-Scanner] Malware gefunden
      Die Datei 'C:\Program Files (x86)\Mozilla Firefox\dbghelp.dll'
      enthält folgendes Muster 'ADWARE/MultiPlug.Gen7' [adware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '11e0cfd2.qua' 
      verschoben!

21.06.2016 17:27 [System-Scanner] Malware gefunden
      Die Datei 'C:\ProgramData\40fc97ae000019be\40fc97ae000019be.dll'
      enthält folgendes Muster 'ADWARE/MultiPlug.Gen7' [adware]
      Ausgeführte Aktion(en):
      Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler 
      aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
      Die Quelldatei konnte nicht gefunden werden.
      Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
      Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
      Der Bootsektor wurde aufgrund des inkompatiblen Formats nicht gescannt.
      Die Datei wurde zum Löschen nach einem Neustart markiert.
      Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.

21.06.2016 17:27 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\ProgramData\{02bca1cf-8ab1-2d98-02bc-ca1cf8ab873e}\hqghumeaylnlf.exe'
      enthält folgendes Muster 'PUA/SpeedUpMyPC.Gen' [riskware]
      Ausgeführte Aktion(en):
      Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler 
      aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
      Die Quelldatei konnte nicht gefunden werden.
      Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
      Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
      Der Bootsektor wurde aufgrund des inkompatiblen Formats nicht gescannt.
      Die Datei wurde zum Löschen nach einem Neustart markiert.
      Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.

21.06.2016 17:26 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vera\AppData\Local\Temp\DwlTempFolder\temp.exe'
      enthält folgendes Muster 'Adware/Agent.81920.132' [adware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1f7b8066.qua' 
      verschoben!

21.06.2016 17:26 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vera\AppData\Local\Temp\st1260.tmp\dup.exe'
      enthält folgendes Muster 'ADWARE/Adware.Gen7' [adware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0c90bcf2.qua' 
      verschoben!

21.06.2016 17:26 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vera\AppData\Local\Temp\st1260.tmp\zlib1.dll'
      enthält folgendes Muster 'Adware/ELEX.SKDE' [adware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '694cc877.qua' 
      verschoben!

21.06.2016 17:25 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vera\AppData\Local\Temp\stAED8.tmp\dup.exe'
      enthält folgendes Muster 'ADWARE/Adware.Gen7' [adware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0ceb8b01.qua' 
      verschoben!

21.06.2016 17:25 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vera\Downloads\flstudio_11.1.exe'
      enthält folgendes Muster 'PUA/OpenCandy.Gen' [riskware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '6dceaa86.qua' 
      verschoben!

21.06.2016 17:24 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vera\Downloads\FreemakeVideoConverter419Full.exe'
      enthält folgendes Muster 'PUA/OpenCandy.Gen' [riskware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '38f8ec45.qua' 
      verschoben!

21.06.2016 17:24 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vera\Downloads\FreeScreenVideoRecorder.exe'
      enthält folgendes Muster 'PUA/OpenCandy.Gen' [riskware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '188ee8d5.qua' 
      verschoben!

21.06.2016 17:24 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys'
      enthält folgendes Muster 'Adware/BrowseFox.drc' [adware]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '70f092b6.qua' 
      verschoben!

21.06.2016 17:17 [System-Scanner] Malware gefunden
      Die Datei 'C:\Windows\Temp\tmpnq81cy\GoogleUpdateHelper.dll'
      enthält folgendes Muster 'TR/ExtenBro.uhng' [trojan]
      Ausgeführte Aktion(en):
      Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler 
      aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
      Die Quelldatei konnte nicht gefunden werden.
      Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
      Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
      Der Bootsektor wurde aufgrund des inkompatiblen Formats nicht gescannt.
      Die Datei wurde zum Löschen nach einem Neustart markiert.
      Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.

21.06.2016 17:16 [System-Scanner] Malware gefunden
      Die Datei 'C:\Windows\Temp\tmpxlvcqe\dljbcjbfojhlfhgenhepllagfecdpchb\lsdb.js'
      enthält folgendes Muster 'JS/Agent.tsax' [virus]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4584db4b.qua' 
      verschoben!

21.06.2016 17:16 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\Windows\Temp\tmpxlvcqe\dljbcjbfojhlfhgenhepllagfecdpchb\content.js'
      enthält folgendes Muster 'JS/Agent.tsaq' [virus]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0926f705.qua' 
      verschoben!

21.06.2016 17:16 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\Windows\Temp\tmpzaqnen\mphdpmllmopekbialgcdpofndkpbecdg\content.js'
      enthält folgendes Muster 'JS/Agent.tsaq' [virus]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3a85e92d.qua' 
      verschoben!

21.06.2016 17:16 [System-Scanner] Malware gefunden
      Die Datei 'C:\Windows\Temp\tmpzaqnen\mphdpmllmopekbialgcdpofndkpbecdg\lsdb.js'
      enthält folgendes Muster 'JS/Agent.tsax' [virus]
      Ausgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7f1bc417.qua' 
      verschoben!

20.06.2016 13:14 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

17.06.2016 15:55 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

14.06.2016 15:40 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

14.06.2016 15:40 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

12.06.2016 12:18 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

12.06.2016 12:18 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

05.06.2016 06:11 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

05.06.2016 06:11 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

04.06.2016 17:45 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

04.06.2016 17:44 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

02.06.2016 12:36 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

01.06.2016 12:45 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

29.05.2016 08:49 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

28.05.2016 20:11 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

28.05.2016 19:58 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

27.05.2016 14:23 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

27.05.2016 14:23 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

23.05.2016 12:32 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern

22.05.2016 23:16 [Echtzeit-Scanner] Malware gefunden
      Muster 'ADWARE/BrowseFox.drc [adware]'
      in Datei 
      'C:\Windows\System32\drivers\{972dc55c-c6c0-44f6-8b54-5599004975cf}w64.sys 
      gefunden.
      Durchgeführte Aktion: Zugriff verweigern
         

Alt 21.06.2016, 19:10   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 22.06.2016, 11:55   #3
Erthos
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
durchgeführt von Vera (Administrator) auf VERAS-PC (22-06-2016 11:49:23)
Gestartet von C:\Users\Vera\Desktop
Geladene Profile: UpdatusUser & Vera (Verfügbare Profile: UpdatusUser & Vera)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Akamai Technologies, Inc.) C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(acer) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
( ) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-01-28] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-14] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-06-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [156448 2012-05-04] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-11-23] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [766464 2016-02-29] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Google Update] => "C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [class-57] => C:\ProgramData\class-58\class-8.exe [476672 2016-06-22] (Red Line Software)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\RunOnce: [analog-45] => C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe [505344 2016-06-22] ()
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {2ab3442b-78c5-11e5-801a-b888e359abb6} - "E:\AutoRun.exe" 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {736f669c-3581-11e3-bf6a-b888e359abb6} - "E:\AutoRun.exe" 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {736f672e-3581-11e3-bf6a-b888e359abb6} - "E:\AutoRun.exe" 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2012-12-28]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decibel-6.lnk [2016-06-21]
ShortcutTarget: decibel-6.lnk -> C:\Users\Vera\AppData\Roaming\decibel-28\decibel-5.exe (COBRA)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2016-05-19]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 129.206.100.126 129.206.210.127
Tcpip\..\Interfaces\{FC7B690A-ABE8-4FEF-9430-9736C44DA543}: [DhcpNameServer] 129.206.100.126 129.206.210.127

Internet Explorer:
==================
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1421356061&from=cor&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C326327563275&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1421356061&from=cor&uid=WDCXWD5000LPVT-22G33T0_WD-WX71C326327563275&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrM2icxpsh_UTXjWxkoiojE1w,,&q={searchTerms}
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrM2icxpsh_UTXjWxkoiojE1w,,&q={searchTerms}
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w
URLSearchHook: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 - (Kein Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Keine Datei
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=626a7b7b-442c-4a30-9136-26b3b71ea222&ref=toolbox&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> {2C7D51A4-33DF-4526-A44F-34E61322EA22} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> {36437782-15CF-4097-ABA2-39E22089CE35} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Gravity Space -> {8788dd2d-bed5-4071-8439-c822cef57bc8} -> C:\Program Files (x86)\Gravity Space\Extensions\8788dd2d-bed5-4071-8439-c822cef57bc8.dll => Keine Datei
IE Session Restore: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> ist aktiviert.

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vera\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-02-09] ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-25] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (YouTube) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-25] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (Adblock Plus) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-25] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (Google-Suche) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-25] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (SiteAdvisor) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-25] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (Google Docs Offline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-25] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ACHTUNG
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Google Mail) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-25] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ACHTUNG
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-06-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-15] (Dritek System INC.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [274208 2012-05-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-06-04] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R1 inpoutx64; C:\Windows\System32\drivers\inpoutx64.sys [15008 2016-03-08] (Highresolution Enterprises [www.highrez.co.uk])
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 PRTDRV; C:\Windows\System32\Drivers\PRTDRV.sys [33640 2012-06-15] (Psychology Software Tools)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-15] (Dritek System Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2015-02-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gw64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys [61080 2014-09-07] (StdLib)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-22 11:50 - 2016-06-22 11:50 - 00000000 ____D C:\ProgramData\kelvin-6
2016-06-22 11:49 - 2016-06-22 11:49 - 00030034 _____ C:\Users\Vera\Desktop\FRST.txt
2016-06-22 11:49 - 2016-06-22 11:49 - 00000000 ____D C:\FRST
2016-06-22 11:48 - 2016-06-22 11:48 - 02387456 _____ (Farbar) C:\Users\Vera\Desktop\FRST64.exe
2016-06-22 11:48 - 2016-06-22 11:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\analog-1
2016-06-22 11:46 - 2016-06-22 11:46 - 00000000 ____D C:\ProgramData\class-58
2016-06-21 17:47 - 2016-06-21 17:47 - 00029134 _____ C:\Users\Vera\Documents\Ereignisse.txt
2016-06-21 17:46 - 2016-06-21 17:47 - 00029134 _____ C:\Users\Vera\Desktop\Ereignisse.txt
2016-06-21 12:21 - 2016-06-21 12:21 - 00000000 ____D C:\Users\Vera\AppData\Roaming\decibel-28
2016-06-21 11:37 - 2016-06-21 12:23 - 00000000 ____D C:\ProgramData\ct
2016-06-17 15:18 - 2016-06-17 15:18 - 00036663 _____ C:\Users\Vera\Downloads\learningpathsbachelorspsychologyradboud_20162017.pdf
2016-06-14 11:20 - 2016-06-14 11:20 - 00080896 _____ C:\Users\Vera\Downloads\Fachdidaktik_SoSe2015.xls
2016-06-06 13:18 - 2016-06-06 13:18 - 00041444 _____ C:\Users\Vera\Downloads\Tsvgg_Beitragsordnung_2015.pdf
2016-06-04 17:25 - 2016-06-04 17:25 - 00033415 _____ C:\Users\Vera\Downloads\Frauen Vortest Seiler.sav
2016-06-03 17:05 - 2016-06-03 17:05 - 00000000 ____D C:\Users\Vera\Documents\IBM
2016-06-03 17:00 - 2016-06-03 17:00 - 00000000 ____D C:\ProgramData\IBM
2016-06-03 16:53 - 2016-06-03 16:53 - 00000000 ____D C:\Program Files (x86)\IBM
2016-06-03 16:45 - 2016-03-03 09:59 - 856246096 _____ (IBM Corp) C:\Users\Vera\Desktop\SPSS_Statistics_24_win32.exe
2016-06-01 19:44 - 2016-06-01 19:45 - 00957112 _____ (Microsoft Corporation) C:\Users\Vera\Downloads\SaveAsPDFandXPS.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-21 21:43 - 2015-11-13 15:20 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-21 21:12 - 2015-07-18 13:55 - 00000000 ____D C:\Users\Vera\AppData\Local\Deployment
2016-06-21 20:47 - 2012-11-17 15:16 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4105031019-3425876013-4116755172-1002
2016-06-21 17:46 - 2014-07-31 03:32 - 00000000 ___DO C:\Users\Vera\OneDrive
2016-06-21 17:42 - 2015-10-04 01:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\Skype
2016-06-21 17:41 - 2015-01-24 20:19 - 00000000 ____D C:\Users\Vera\AppData\Local\LogMeIn Hamachi
2016-06-21 17:40 - 2015-11-13 15:20 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-21 17:40 - 2015-07-29 15:03 - 00000382 _____ C:\WINDOWS\Tasks\RNKCKUYTBN1.job
2016-06-21 17:39 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-21 17:39 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-21 17:35 - 2015-07-31 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-21 17:28 - 2013-12-20 18:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 14:36 - 2016-03-14 12:31 - 00000000 ____D C:\Users\Vera\AppData\Local\Microsoft Help
2016-06-21 14:32 - 2016-04-26 14:37 - 00000000 ____D C:\Users\Vera\AppData\Roaming\avidemux
2016-06-21 14:06 - 2015-07-18 13:55 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core.job
2016-06-21 13:56 - 2013-10-15 21:38 - 00000000 ____D C:\Users\Vera\Desktop\UNI Stuttgart
2016-06-21 13:53 - 2014-03-18 12:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-21 13:53 - 2014-03-18 11:25 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-21 13:53 - 2014-03-18 11:25 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-21 13:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-21 12:34 - 2013-12-06 22:30 - 00000000 ____D C:\Users\Vera\AppData\Roaming\vlc
2016-06-21 12:32 - 2015-07-26 12:32 - 00000370 _____ C:\WINDOWS\Tasks\FileInspect.job
2016-06-21 12:32 - 2015-07-24 12:32 - 00000368 _____ C:\WINDOWS\Tasks\EasyCite.job
2016-06-21 12:32 - 2015-07-18 18:32 - 00000368 _____ C:\WINDOWS\Tasks\PhraseSmartifier.job
2016-06-21 12:32 - 2015-07-17 12:32 - 00000370 _____ C:\WINDOWS\Tasks\InfoHider.job
2016-06-21 12:32 - 2015-07-16 18:32 - 00000368 _____ C:\WINDOWS\Tasks\WordSpill.job
2016-06-21 12:32 - 2015-07-15 00:32 - 00000370 _____ C:\WINDOWS\Tasks\WordWiz.job
2016-06-21 11:46 - 2015-07-31 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-20 11:49 - 2015-11-13 15:21 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-20 11:49 - 2015-11-13 15:21 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-19 23:29 - 2012-11-21 14:22 - 00000000 ____D C:\Users\Vera\Documents\Story
2016-06-19 22:01 - 2015-12-18 23:16 - 00008628 _____ C:\Users\Vera\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2016-06-17 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-15 11:14 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-10 20:55 - 2015-10-04 01:47 - 00000000 ____D C:\ProgramData\Skype
2016-06-10 20:54 - 2016-01-15 16:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-10 19:22 - 2013-12-06 22:31 - 00000000 ____D C:\Users\Vera\AppData\Roaming\dvdcss
2016-06-06 12:13 - 2014-01-10 19:56 - 00006656 _____ C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-04 17:17 - 2015-07-31 17:27 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-04 17:17 - 2015-07-31 17:27 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-03 17:00 - 2014-07-31 02:50 - 00000000 ____D C:\Users\Vera
2016-06-03 16:59 - 2015-12-09 14:08 - 00000000 ____D C:\Users\Vera\AppData\Local\javasharedresources
2016-06-03 16:57 - 2015-12-04 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2016-06-03 16:51 - 2015-12-04 20:50 - 00000219 _____ C:\WINDOWS\SysWOW64\lsprst7.tgz
2016-06-03 16:51 - 2015-12-04 20:50 - 00000205 _____ C:\WINDOWS\SysWOW64\lsprst7.dll
2016-06-03 16:51 - 2015-12-04 20:50 - 00000016 ____H C:\WINDOWS\SysWOW64\servdat.slm
2016-06-01 19:45 - 2015-01-19 16:18 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-06-01 16:58 - 2013-01-03 13:33 - 00000000 ____D C:\Users\Vera\Downloads\Bank
2016-05-29 10:58 - 2016-04-28 10:49 - 00002323 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-05-29 10:58 - 2016-04-26 18:47 - 00003178 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4105031019-3425876013-4116755172-1002
2016-05-27 15:39 - 2013-07-16 22:33 - 00000000 ____D C:\Users\Vera\Desktop\Veras Zeug

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-26 15:18 - 2015-07-29 15:44 - 0000024 _____ () C:\Users\Vera\AppData\Roaming\appdataFr25.bin
2015-12-18 23:16 - 2016-06-19 22:01 - 0008628 _____ () C:\Users\Vera\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-01-10 19:56 - 2016-06-06 12:13 - 0006656 _____ () C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-05 19:55 - 2016-04-05 19:55 - 0001477 _____ () C:\Users\Vera\AppData\Local\recently-used.xbel
2015-07-16 18:36 - 2015-07-16 18:36 - 0000000 _____ () C:\Users\Vera\AppData\Local\Temp.dat
2015-01-04 16:31 - 2015-01-04 16:31 - 0000016 ___SH () C:\ProgramData\ncli3f42.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\ncli3f42.dat


Einige Dateien in TEMP:
====================
C:\Users\Vera\AppData\Local\Temp\AutoRun.exe
C:\Users\Vera\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Vera\AppData\Local\Temp\avgnt.exe
C:\Users\Vera\AppData\Local\Temp\CmdLineExt01.dll
C:\Users\Vera\AppData\Local\Temp\eauninstall.exe
C:\Users\Vera\AppData\Local\Temp\ijl11.dll
C:\Users\Vera\AppData\Local\Temp\javagiac0.6939667421270448.dll
C:\Users\Vera\AppData\Local\Temp\ose00000.exe
C:\Users\Vera\AppData\Local\Temp\pegavi.dll
C:\Users\Vera\AppData\Local\Temp\pegcore.dll
C:\Users\Vera\AppData\Local\Temp\SIntf16.dll
C:\Users\Vera\AppData\Local\Temp\SIntf32.dll
C:\Users\Vera\AppData\Local\Temp\SIntfNT.dll
C:\Users\Vera\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Vera\AppData\Local\Temp\supoptsetup.exe
C:\Users\Vera\AppData\Local\Temp\The Sims 2 Glamour Life Stuff_uninst.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-21 22:59

==================== Ende von FRST.txt ============================
         
Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Vera (2016-06-22 11:51:34)
Gestartet von C:\Users\Vera\Desktop
Windows 8.1 (Update) (X64) (2014-07-31 01:26:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4105031019-3425876013-4116755172-500 - Administrator - Disabled)
Gast (S-1-5-21-4105031019-3425876013-4116755172-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-4105031019-3425876013-4116755172-1001 - Limited - Enabled) => C:\Users\UpdatusUser
Vera (S-1-5-21-4105031019-3425876013-4116755172-1002 - Administrator - Enabled) => C:\Users\Vera

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Abe's Oddysee (HKLM-x32\...\Abe's Oddysee) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Reader XI (11.0.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.307 - ArcSoft)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{761cd2c4-5249-4346-8318-a499d06d2681}) (Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version:  - )
Canon iP2600 series Benutzerregistrierung (HKLM-x32\...\Canon iP2600 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.14018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.14018 - Cisco Systems, Inc.) Hidden
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D.Radio (HKLM-x32\...\{213E2CCF-8265-444F-A6CA-40BD946A8D4A}) (Version: 1.1.5 - Geniatech)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Die Sims™ 2: Glamour-Accessoires (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version:  - )
EA SPORTS online 2004 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version:  - )
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden
E-Prime 2.0 (2.0.8.90) (HKLM-x32\...\{77C74D8A-2014-4107-BE3F-DF879A443E0B}) (Version: 2.0.08090 - Psychology Software Tools, Inc.)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
FIFA 2004 (HKLM-x32\...\{782DDB70-3DF4-4366-00BF-E3767BCD173B}) (Version:  - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeMat (HKLM-x32\...\FreeMat) (Version: 4.2 - Humanity)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Genius Biologie Demoversion (remove only) (HKLM-x32\...\Genius Biologie Demoversion) (Version:  - )
Genius Physik (remove only) (HKLM-x32\...\Genius Physik) (Version:  - )
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.8.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Harry Potter und der Gefangene von Askaban(TM) (HKLM-x32\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version:  - )
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
IBM SPSS Statistics 24 (HKLM-x32\...\{4762AE15-E5A3-43BF-8822-1CFC70FB147A}) (Version: 24.0.0.0 - IBM Corp)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Inkscape 0.48.5 (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Inkscape) (Version: 0.48.5 - )
Inquisit 5 (HKLM-x32\...\Inquisit 5 5.0.1) (Version: 5.0.1 - Millisecond Software)
Inquisit 5 (Version: 5.0.1 - Millisecond Software) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kinovea (HKLM-x32\...\Kinovea) (Version: 0.8.15 - Kinovea)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.3 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyoResearch XP Master 1.08.27 (HKLM-x32\...\MyoResearch XP Master 1.08.27) (Version: Master 1.08 - Noraxon U.S.A. Inc.)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3102 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version:  - )
ScenalyzerLive (entfernen) (HKLM-x32\...\ScenalyzerLive) (Version:  - )
SecurityUtility (HKLM-x32\...\SecurityUtility) (Version:  - ) <==== ACHTUNG
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
TotalMedia Setup (HKLM-x32\...\{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}) (Version: 1.00.0000 - Conexant)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warcraft II BNE (HKLM-x32\...\Warcraft II BNE) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20} - System32\Tasks\WordSpill => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe <==== ACHTUNG
Task: {17E4CA9F-25FD-494E-BB74-B84A209FCA12} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {37660E5E-8A00-4829-B992-ECD0A5F396C9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002UA => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4BD91451-E5D0-44B0-BC66-CA629F52CFA6} - System32\Tasks\FileInspect => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe <==== ACHTUNG
Task: {5031E43D-8433-478B-ADEF-ED7A3609D51E} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {56D1C32C-601E-46D3-94C4-FDDD32C0C6DF} - System32\Tasks\RNKCKUYTBN1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
Task: {5A090A2A-1532-41D9-B014-D1DAA9FE16FE} - System32\Tasks\{7B191E72-26D1-4676-A94A-49D7D0D747F6} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {610E2F79-6BCC-476A-BA7D-A02C89B2F451} - System32\Tasks\WordWiz => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe <==== ACHTUNG
Task: {62E6E7F0-46E8-4077-B4B3-BBA069067EE2} - System32\Tasks\EasyCite => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe <==== ACHTUNG
Task: {6CB76679-0DA2-425F-9125-9EEB99CF1CDF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {7879C2EC-5773-4BAC-AE6A-A70CB56758E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.)
Task: {912C5971-B1DE-471E-852F-76E5FB35C78C} - System32\Tasks\PhraseSmartifier => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe <==== ACHTUNG
Task: {9613AC98-897D-400D-8ECF-E0E7781A2448} - System32\Tasks\InfoHider => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe <==== ACHTUNG
Task: {98CEFDC9-4187-453C-A3B4-C49FB9152592} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {A8701A53-BDEB-4875-AD33-424591258A36} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4105031019-3425876013-4116755172-1002 => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-29] (Microsoft Corporation)
Task: {A8943ACC-07D9-4B3F-B0C4-92CB380090D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {A915BF41-31C2-42E4-BD22-01E939E09DE2} - System32\Tasks\{3EFEC5D9-1D52-48FB-B382-C489FF10193D} => pcalua.exe -a C:\Users\Vera\Downloads\sclive20060412g\sclive.exe -d C:\Users\Vera\Downloads\sclive20060412g
Task: {A99F043E-634C-40F9-A6EE-2F4E90DE5FF7} - System32\Tasks\BoBrowser => C:\Users\Vera\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ACHTUNG
Task: {B95DD6AF-F8F9-4F0B-9AE1-10717A9AFD37} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4105031019-3425876013-4116755172-1002
Task: {C724FC1B-D5B1-4755-9754-A03B17BA053A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {D133FAB6-652A-4BDA-9C0A-E35FBA3E9FF5} - \Run_Bobby_Browser -> Keine Datei <==== ACHTUNG
Task: {DB52C38A-7BED-4C11-8C09-4DA13108FB1A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {E7F15A4F-84A8-4C14-B142-9F5F2BF683E7} - System32\Tasks\{EFF710BD-CF61-4810-8F4E-857944983CEF} => pcalua.exe -a D:\autostart.exe -d D:\
Task: {EF7B119D-D1F7-4F8A-B349-98D194BC932B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.)
Task: {F2C4B45D-8EAE-4FFD-8F99-54C2E2754DF6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {F83191E3-E913-4DC2-BE22-C614E7BF5FB0} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EasyCite.job => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\FileInspect.job => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core.job => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002UA.job => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\InfoHider.job => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\PhraseSmartifier.job => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\RNKCKUYTBN1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\WordSpill.job => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\WordWiz.job => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-22 16:08 - 2012-05-04 17:19 - 00274208 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2016-05-29 10:57 - 2016-05-29 10:57 - 00959168 _____ () C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2013-01-28 17:21 - 2013-01-28 17:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-22 16:08 - 2012-05-04 17:19 - 00156448 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2015-12-11 18:30 - 2015-11-23 17:05 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-02-29 12:16 - 2016-02-29 12:16 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-07-31 01:04 - 2012-07-31 01:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 02289808 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\QtCore4.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 08173712 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\QtGui4.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 00197264 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\QtSql4.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 00921232 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\QtNetwork4.dll
2012-07-20 14:51 - 2012-07-20 14:51 - 00277136 _____ () C:\Program Files (x86)\Acer\clear.fi Photo\libcurl.dll
2012-11-22 15:33 - 2001-11-07 15:53 - 00310835 _____ () C:\program files (x86)\firefly studios\stronghold crusader\binkw32.dll
2012-11-22 15:33 - 2001-10-16 16:55 - 00348160 _____ () C:\program files (x86)\firefly studios\stronghold crusader\mss32.dll
2016-06-20 11:48 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-20 11:48 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2012-08-15 21:02 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-06-20 20:35 - 2016-06-20 20:35 - 00035472 _____ () C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\695e7e06\00901b68_b247cd01\PowerPointAddIn.DLL
2006-10-26 13:56 - 2006-10-26 13:56 - 00757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-05-15 01:16 - 2016-05-15 01:16 - 00034960 _____ () C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Vera\Pictures\Make History.jpg
DNS Servers: 129.206.100.126 - 129.206.210.127
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "TMMonitor.lnk"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{562AD6BE-EF65-4195-AAA5-F374590DD5E3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{67FEACB2-2401-4122-8D3D-66FAE5F98D53}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{7D0B75D0-989B-4913-BC73-E6996719AC85}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{16658953-BD08-4DE2-B7DA-F2D1B24B8872}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{484F0461-88EE-48FA-9FD8-BBCBF3E6E495}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F979EA54-0E59-49F8-B3A9-6A785542724F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{DFB3C773-7010-42DD-A159-29ED99BBAF03}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BD89FC6D-7633-42E8-A848-B61956B3B4AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB1D5594-C388-47E8-906D-80FE30EAC961}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D0E5BD68-B928-4989-B5F5-4C16AEC18868}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9661D67B-EAE3-4D42-AF33-E1D499220CD2}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{7704B728-7C00-442C-9AC8-2FE6B8A7F972}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{ACAD114C-735F-49BC-AB98-39CFB4FF1DDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{644A48DF-D8D1-42A0-BB7B-E4AA842EFC6E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{BB1A121B-2AC5-40E4-8B11-51910ED459C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{7EA55DA8-A5C0-4A69-BC29-2F28BE9EBA2E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{46C920C4-2E27-4A82-92E1-634F16ED18D2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{32B571B2-721F-4ACF-A816-F9B89001BF01}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{C4FB7AFE-D859-430E-BBF0-D49809786B14}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{B7D0094A-6789-49D2-AA2A-2E30A40D1397}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{6CD5F020-CB4D-41CB-B44B-B947BDD8B91E}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{3298A79E-04A7-4179-AC81-49ED4EABC1E5}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{4EA3AAB1-1CA0-4243-9A03-6A911B74DA56}] => (Allow) D:\AliceSetup.exe
FirewallRules: [{B0A151C9-F47C-4313-A4DD-FE26082A72CF}] => (Allow) D:\AliceSetup.exe
FirewallRules: [{9A009534-4288-44B3-8FA6-1B0B017660EC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{6D86272D-1F6E-43CE-89D7-0FFB40901B4E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{996E0AB8-043B-450A-A7FD-1825D9F9D03B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{EFFE22F3-ED01-4532-8488-1C1E4728F1C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{A87A6C22-D2DD-4F74-8706-23414A196020}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{10B14768-23FB-461A-888B-927744D74680}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{D511C497-9324-4CAD-9DF4-B0A66D476F5E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{3C8D17B8-783D-4B7B-8FAB-D91CCD9EE9A7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{92047C36-3FCF-4D60-8ABD-8E24D42294FB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{B72996AF-9E68-485C-B0AA-56521F1F0447}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{9101CCED-69A9-4B46-BBAB-7D39AA1FA45B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{6EE1F738-5154-4C11-B395-44D4963E581D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{3CCB51CF-1423-46ED-935E-E8BB081B5CD2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{32087D8E-507C-4CA1-89F4-15E56D11E319}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{C203FD96-1A43-4529-A0AB-08D0577083CF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{440E6ED9-62D2-4DB8-A42D-386381109FBF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E04C7F9F-DD2C-44F1-92B7-4F912A562F86}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{81562EA2-47D6-4F07-8FE6-4A0B0A20C097}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{6E911494-19DD-4B8E-A761-F30BB5871777}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E82CAC18-872F-42EB-8783-E55F1BB9DB71}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{4D211644-52DE-4B61-99A1-6263E6D00570}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{686F6810-3EE6-4DE8-A966-3824652A6A7D}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{D51C58D9-3849-4C5A-9795-B768CC4945D6}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{923BE562-A799-42B5-B859-1024B80F9757}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{DCAFFC6C-52FC-44DB-A66A-E4EE531C54E3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7FCACBBA-EA9E-47CB-B482-ADB67EB134FD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{3819FFFA-43A3-439F-B66F-AB80BC4D2349}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{0A9C6167-2BE5-4A96-BBD4-BF86CADDF56F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{3FD434BD-90E7-4BA3-9A32-7077F9B7998A}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B2D1AE20-8130-4070-8F07-B8E8E8730099}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{8F1D89C3-6D2F-44DF-B791-C0E75D71E3ED}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{19F500C0-F9C9-47DF-A48A-D4DA51833C9D}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{52E05373-D082-4DB4-BFDD-0355CF15E95E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{8497445D-8DFE-4732-8EF6-37CE0A7E0BF8}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{619D59EA-6C80-4BD6-A3FE-53F8E6403314}C:\users\vera\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E6809B4C-FEDE-4376-96FE-702471B7EB86}C:\users\vera\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4CA4F3FF-9067-403F-9FEE-E26381E28312}] => (Block) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BA7D56D1-3498-486B-9BDC-C0F5001F9367}] => (Block) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8E85D61B-BB0C-4E82-99D6-A48EBAA6C8CE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A38B098D-A33F-4BAF-ACEF-8925AB5D5200}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{055B3FEA-BCEA-4955-9844-53BA93A95A2D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{CC21E86E-C529-4CB6-A783-87F73ECA058F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{BBA1B2B2-21ED-49CF-92FF-D2DC20359C66}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{3D210D07-9D27-40EE-87CF-9594869764E9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{98B7060E-8C5B-4082-94B7-2D45335D9F48}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B58A47C5-B9EC-4D04-9F3C-00F5F4041113}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{F0226214-72F3-4793-ABE0-C1B9A1A22CB5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{1BC83989-0069-45D9-84E0-90D91721646F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [TCP Query User{79AEF083-0C85-484F-B074-056CF8EC7A19}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [UDP Query User{72C0C118-6D78-4742-A974-60AA12810129}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{57302029-5538-4FEF-839D-F80C8F5C1862}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{D0377A42-2018-425E-ACAE-7A0C038BF4F2}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{87589F37-408D-495A-8089-1D8C094026E5}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{6C78C0A7-1F14-4797-88FA-B72C1EADCCCD}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{C48D38E2-2A41-44BA-BCA0-42946E775322}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{38635752-3029-44E9-AE0C-D3D55F32B7DC}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [TCP Query User{B602313F-5169-4A26-9BBD-561393F6689D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{96AF43C9-96C5-4B32-BA5C-FAA8B068688F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7A0847FC-FEA1-432B-8BFC-AB20ECFA7576}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E0DBB789-3A15-492D-8B85-625F50575877}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B44E32F2-9A7D-4DFD-877C-8698EA6D0E73}C:\users\vera\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\vera\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3CBBCD8E-1B68-4D78-AE4A-4AE88E72D45A}C:\users\vera\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\vera\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{56B9702D-145B-41E4-BF03-456E9FAD4C54}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{23E563C7-A7F1-4675-92CE-FB66EA5DF961}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{60F9E8D2-4D59-43C8-A01F-B7D637B7ECD5}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{DFF96C53-0C9E-4646-A57D-6D5875B826C4}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{AC297AC9-5F33-4519-B52B-C3A0617CFD8D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{9A51A890-1A62-4786-845D-A83FFE873F1F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [TCP Query User{274B6FDC-0868-49C4-819E-20BE2B0708EF}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8038CF78-DD98-4889-9861-B9D4CE174D05}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{0A2277FB-2C4F-4A94-A5C4-F2B69D9BCFFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04B24D0B-EDFA-4A01-B92F-D305A37FA9A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E3DDE46-5A35-4B99-9A5F-CD345E305107}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5C1221A3-1EA7-4ACE-A6E6-97E0DC251EF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C429BF7-C815-449D-9EB1-DA395C172958}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F0432ACB-D720-4AC6-8F92-A4D0FC9532FD}C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe] => (Allow) C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [UDP Query User{DC956E12-076B-4F89-BFD0-751BEB95625C}C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe] => (Allow) C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [{14703AC8-061F-40D1-8730-EBC5A3D2EB89}] => (Allow) C:\Users\Vera\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{ABECCAC8-12FA-4E97-903B-EC2368B534E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2477C121-1E85-4DED-8F8E-A593CAA5FF08}] => (Allow) LPort=2869
FirewallRules: [{324CB72E-D18D-4F12-8EB2-ECAC2413CDA0}] => (Allow) LPort=1900
FirewallRules: [{726E4AFF-EB8E-4CCB-9279-C3F070A1DBAC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{58141989-8739-4F57-AD9D-448C3086F8C1}C:\program files (x86)\ibm\spss\statistics\24\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [UDP Query User{AE00DB7C-F24A-42AE-9C42-3A66C3E8D1C7}C:\program files (x86)\ibm\spss\statistics\24\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{2BB771B0-48DA-4041-8A11-34FB0A6E8836}] => (Block) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{31BFAC32-D47D-49F9-BA77-1A5546C18EC2}] => (Block) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{04CF2B76-CB79-47FE-8185-C9711F8CD11F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

03-06-2016 16:49:35 Installed IBM SPSS Statistics 24.
12-06-2016 12:33:05 Geplanter Prüfpunkt
20-06-2016 18:58:44 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/22/2016 11:45:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VERAS-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/21/2016 05:41:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Name des fehlerhaften Moduls: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001af76
ID des fehlerhaften Prozesses: 0x116c
Startzeit der fehlerhaften Anwendung: 0xACDaemon.exe0
Pfad der fehlerhaften Anwendung: ACDaemon.exe1
Pfad des fehlerhaften Moduls: ACDaemon.exe2
Berichtskennung: ACDaemon.exe3
Vollständiger Name des fehlerhaften Pakets: ACDaemon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ACDaemon.exe5

Error: (06/21/2016 05:34:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Name des fehlerhaften Moduls: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001af76
ID des fehlerhaften Prozesses: 0x12a0
Startzeit der fehlerhaften Anwendung: 0xACDaemon.exe0
Pfad der fehlerhaften Anwendung: ACDaemon.exe1
Pfad des fehlerhaften Moduls: ACDaemon.exe2
Berichtskennung: ACDaemon.exe3
Vollständiger Name des fehlerhaften Pakets: ACDaemon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ACDaemon.exe5

Error: (06/21/2016 05:17:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1134

Startzeit: 01d1cbcf45084c4c

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 3929a031-37c3-11e6-8040-b888e359abb6

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/21/2016 05:07:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 11.0.16.13, Zeitstempel: 0x571b4006
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003c60c
ID des fehlerhaften Prozesses: 0x2078
Startzeit der fehlerhaften Anwendung: 0xAcroRd32.exe0
Pfad der fehlerhaften Anwendung: AcroRd32.exe1
Pfad des fehlerhaften Moduls: AcroRd32.exe2
Berichtskennung: AcroRd32.exe3
Vollständiger Name des fehlerhaften Pakets: AcroRd32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcroRd32.exe5

Error: (06/21/2016 05:02:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 11.0.16.13, Zeitstempel: 0x571b4006
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003c600
ID des fehlerhaften Prozesses: 0xf74
Startzeit der fehlerhaften Anwendung: 0xAcroRd32.exe0
Pfad der fehlerhaften Anwendung: AcroRd32.exe1
Pfad des fehlerhaften Moduls: AcroRd32.exe2
Berichtskennung: AcroRd32.exe3
Vollständiger Name des fehlerhaften Pakets: AcroRd32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcroRd32.exe5

Error: (06/21/2016 04:47:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16ec

Startzeit: 01d1cbcb1430c5ea

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 081c61dd-37bf-11e6-8040-b888e359abb6

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/21/2016 04:09:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hh.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450543c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00000000000ec180
ID des fehlerhaften Prozesses: 0x1f68
Startzeit der fehlerhaften Anwendung: 0xhh.exe0
Pfad der fehlerhaften Anwendung: hh.exe1
Pfad des fehlerhaften Moduls: hh.exe2
Berichtskennung: hh.exe3
Vollständiger Name des fehlerhaften Pakets: hh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hh.exe5

Error: (06/21/2016 01:55:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 12.0.6514.5001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18e4

Startzeit: 01d1cbb30baf96a8

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

Berichts-ID: fd9e5d79-37a6-11e6-8040-b888e359abb6

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/21/2016 10:52:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VERAS-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (06/21/2016 12:43:27 PM) (Source: DCOM) (EventID: 10010) (User: VERAS-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/21/2016 12:42:04 PM) (Source: DCOM) (EventID: 10010) (User: VERAS-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/15/2016 10:48:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Avira.ServiceHost erreicht.

Error: (06/10/2016 01:43:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.


Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/10/2016 01:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/10/2016 12:36:35 PM) (Source: DCOM) (EventID: 10010) (User: VERAS-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}


CodeIntegrity:
===================================
  Date: 2015-06-18 22:12:10.901
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 21:59:20.509
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 21:59:20.426
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 21:59:20.416
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 12:24:13.835
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 09:35:03.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:52:48.344
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:35:19.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:27:42.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:11:18.359
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3909.28 MB
Verfügbarer physikalischer RAM: 2014.79 MB
Summe virtueller Speicher: 6341.28 MB
Verfügbarer virtueller Speicher: 3471.52 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:445.41 GB) (Free:67.11 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4FB6F86F)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________

Alt 22.06.2016, 12:27   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 22.06.2016, 12:46   #5
Erthos
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



Teil1:
Code:
ATTFilter
12:31:54.0109 0x1dbc  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
12:31:54.0109 0x1dbc  UEFI system
12:32:24.0067 0x1dbc  ============================================================
12:32:24.0067 0x1dbc  Current date / time: 2016/06/22 12:32:24.0067
12:32:24.0067 0x1dbc  SystemInfo:
12:32:24.0067 0x1dbc  
12:32:24.0067 0x1dbc  OS Version: 6.3.9600 ServicePack: 0.0
12:32:24.0067 0x1dbc  Product type: Workstation
12:32:24.0067 0x1dbc  ComputerName: VERAS-PC
12:32:24.0067 0x1dbc  UserName: Vera
12:32:24.0067 0x1dbc  Windows directory: C:\WINDOWS
12:32:24.0067 0x1dbc  System windows directory: C:\WINDOWS
12:32:24.0067 0x1dbc  Running under WOW64
12:32:24.0067 0x1dbc  Processor architecture: Intel x64
12:32:24.0067 0x1dbc  Number of processors: 4
12:32:24.0067 0x1dbc  Page size: 0x1000
12:32:24.0067 0x1dbc  Boot type: Normal boot
12:32:24.0067 0x1dbc  ============================================================
12:32:24.0364 0x1dbc  KLMD registered as C:\WINDOWS\system32\drivers\37249822.sys
12:32:24.0848 0x1dbc  System UUID: {0C77AB4B-8A5B-2E14-3F8D-4DC699C7AA39}
12:32:25.0729 0x1dbc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:32:25.0729 0x1dbc  ============================================================
12:32:25.0729 0x1dbc  \Device\Harddisk0\DR0:
12:32:25.0729 0x1dbc  GPT partitions:
12:32:25.0729 0x1dbc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {646C1E67-9640-45CC-9F6F-BC329161B87F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
12:32:25.0729 0x1dbc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {108190A6-72DA-4E52-A97F-66B8F0D11609}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
12:32:25.0729 0x1dbc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CED491D8-D288-49C3-85D0-0C823E2207A5}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
12:32:25.0729 0x1dbc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A019DB5F-CD1F-4BEE-A935-CD6185040928}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x37AD2000
12:32:25.0729 0x1dbc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A9A6A84F-C7AD-4DC1-AB1A-D71AD29F8AB1}, Name: , StartLBA 0x37C70800, BlocksNum 0xE1000
12:32:25.0729 0x1dbc  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {07B020AC-BF9E-42DC-84C7-8AA1250EFDD0}, Name: , StartLBA 0x37D51800, BlocksNum 0xAF000
12:32:25.0729 0x1dbc  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {30F6A9DC-8AC2-4EDC-9766-219F5486A341}, Name: Basic data partition, StartLBA 0x37E00800, BlocksNum 0x2585800
12:32:25.0729 0x1dbc  MBR partitions:
12:32:25.0729 0x1dbc  ============================================================
12:32:25.0744 0x1dbc  C: <-> \Device\Harddisk0\DR0\Partition4
12:32:25.0744 0x1dbc  ============================================================
12:32:25.0744 0x1dbc  Initialize success
12:32:25.0744 0x1dbc  ============================================================
12:33:16.0096 0x1c60  ============================================================
12:33:16.0096 0x1c60  Scan started
12:33:16.0096 0x1c60  Mode: Manual; SigCheck; TDLFS; 
12:33:16.0096 0x1c60  ============================================================
12:33:16.0096 0x1c60  KSN ping started
12:33:27.0481 0x1c60  KSN ping finished: true
12:33:30.0028 0x1c60  ================ Scan system memory ========================
12:33:30.0028 0x1c60  System memory - ok
12:33:30.0028 0x1c60  ================ Scan services =============================
12:33:30.0215 0x1c60  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
12:33:30.0278 0x1c60  1394ohci - ok
12:33:30.0293 0x1c60  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
12:33:30.0309 0x1c60  3ware - ok
12:33:30.0419 0x1c60  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:33:30.0434 0x1c60  ACDaemon - ok
12:33:30.0481 0x1c60  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
12:33:30.0512 0x1c60  ACPI - ok
12:33:30.0559 0x1c60  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
12:33:30.0575 0x1c60  acpiex - ok
12:33:30.0575 0x1c60  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
12:33:30.0590 0x1c60  acpipagr - ok
12:33:30.0622 0x1c60  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
12:33:30.0653 0x1c60  AcpiPmi - ok
12:33:30.0653 0x1c60  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
12:33:30.0669 0x1c60  acpitime - ok
12:33:30.0716 0x1c60  [ F28ADE410436B42A3FCB53C38CEFEFC8, 15FAF5CFC498FA08FF086C2AE50CBD0414D325F92FB1DA44F521CA0F1078B2C3 ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
12:33:30.0731 0x1c60  acsock - ok
12:33:30.0809 0x1c60  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:33:30.0825 0x1c60  AdobeARMservice - ok
12:33:30.0872 0x1c60  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:33:30.0919 0x1c60  ADP80XX - ok
12:33:30.0981 0x1c60  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
12:33:30.0997 0x1c60  AeLookupSvc - ok
12:33:31.0137 0x1c60  [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc             C:\WINDOWS\syswow64\drivers\Afc.sys
12:33:31.0153 0x1c60  Afc - ok
12:33:31.0200 0x1c60  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
12:33:31.0247 0x1c60  AFD - ok
12:33:31.0278 0x1c60  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
12:33:31.0278 0x1c60  agp440 - ok
12:33:31.0325 0x1c60  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:33:31.0356 0x1c60  ahcache - ok
12:33:31.0387 0x1c60  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
12:33:31.0403 0x1c60  ALG - ok
12:33:31.0434 0x1c60  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
12:33:31.0497 0x1c60  AmdK8 - ok
12:33:31.0512 0x1c60  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
12:33:31.0544 0x1c60  AmdPPM - ok
12:33:31.0559 0x1c60  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
12:33:31.0575 0x1c60  amdsata - ok
12:33:31.0606 0x1c60  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
12:33:31.0622 0x1c60  amdsbs - ok
12:33:31.0637 0x1c60  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
12:33:31.0653 0x1c60  amdxata - ok
12:33:31.0747 0x1c60  [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
12:33:31.0794 0x1c60  AntiVirMailService - ok
12:33:31.0841 0x1c60  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
12:33:31.0872 0x1c60  AntiVirSchedulerService - ok
12:33:31.0919 0x1c60  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
12:33:31.0934 0x1c60  AntiVirService - ok
12:33:31.0981 0x1c60  [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
12:33:32.0044 0x1c60  AntiVirWebService - ok
12:33:32.0075 0x1c60  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
12:33:32.0106 0x1c60  AppID - ok
12:33:32.0138 0x1c60  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
12:33:32.0169 0x1c60  AppIDSvc - ok
12:33:32.0216 0x1c60  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
12:33:32.0231 0x1c60  Appinfo - ok
12:33:32.0310 0x1c60  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:33:32.0325 0x1c60  Apple Mobile Device Service - ok
12:33:32.0372 0x1c60  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
12:33:32.0419 0x1c60  AppReadiness - ok
12:33:32.0481 0x1c60  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
12:33:32.0575 0x1c60  AppXSvc - ok
12:33:32.0622 0x1c60  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
12:33:32.0638 0x1c60  arcsas - ok
12:33:32.0638 0x1c60  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:33:32.0685 0x1c60  AsyncMac - ok
12:33:32.0700 0x1c60  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
12:33:32.0716 0x1c60  atapi - ok
12:33:32.0731 0x1c60  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:33:32.0794 0x1c60  AudioEndpointBuilder - ok
12:33:32.0825 0x1c60  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
12:33:32.0888 0x1c60  Audiosrv - ok
12:33:32.0919 0x1c60  [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
12:33:32.0935 0x1c60  avgntflt - ok
12:33:32.0966 0x1c60  [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
12:33:32.0981 0x1c60  avipbb - ok
12:33:33.0060 0x1c60  [ 6458B31DE5443B766DEEFFDF09CAC656, 73449444C38E8D78DE441C3A391B85E181D064FD3B595C3C27CD0DB13CA64645 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:33:33.0075 0x1c60  Avira.ServiceHost - ok
12:33:33.0122 0x1c60  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
12:33:33.0138 0x1c60  avkmgr - ok
12:33:33.0153 0x1c60  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
12:33:33.0169 0x1c60  avnetflt - ok
12:33:33.0200 0x1c60  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
12:33:33.0247 0x1c60  AxInstSV - ok
12:33:33.0294 0x1c60  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
12:33:33.0341 0x1c60  b06bdrv - ok
12:33:33.0372 0x1c60  [ 458AF8D6C7B837B3169750254E531095, 0CA3DB39C706A06D90B95D7377A0FEBEFBBBFAD69F7F5087F7DF128C69D674D9 ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
12:33:33.0388 0x1c60  b57xdbd - ok
12:33:33.0419 0x1c60  [ B97D9ADFEB4F0AADD3DAC9F8D427AA7A, 1F52B09264715192ED73A2871254675425C211BDBFF3575F96A85DE0411B5D7A ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
12:33:33.0435 0x1c60  b57xdmp - ok
12:33:33.0466 0x1c60  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:33:33.0499 0x1c60  BasicDisplay - ok
12:33:33.0505 0x1c60  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
12:33:33.0528 0x1c60  BasicRender - ok
12:33:33.0794 0x1c60  [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
12:33:34.0107 0x1c60  BCM43XX - ok
12:33:34.0154 0x1c60  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
12:33:34.0154 0x1c60  bcmfn2 - ok
12:33:34.0201 0x1c60  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
12:33:34.0247 0x1c60  BDESVC - ok
12:33:34.0294 0x1c60  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:33:34.0341 0x1c60  Beep - ok
12:33:34.0435 0x1c60  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\WINDOWS\System32\bfe.dll
12:33:34.0513 0x1c60  BFE - ok
12:33:34.0607 0x1c60  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
12:33:34.0685 0x1c60  BITS - ok
12:33:34.0716 0x1c60  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:33:34.0747 0x1c60  Bonjour Service - ok
12:33:34.0763 0x1c60  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
12:33:34.0794 0x1c60  bowser - ok
12:33:34.0841 0x1c60  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:33:34.0873 0x1c60  BrokerInfrastructure - ok
12:33:34.0919 0x1c60  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
12:33:34.0935 0x1c60  Browser - ok
12:33:34.0982 0x1c60  [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
12:33:34.0982 0x1c60  bScsiMSa - ok
12:33:35.0029 0x1c60  [ 8168FE3CA8C6C3F18137FF422F3C37DE, 5C0906D50D3585A2850316072FFC8726A70BCFBE7AFB17EE69A70A736125AD7A ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
12:33:35.0029 0x1c60  bScsiSDa - ok
12:33:35.0076 0x1c60  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:33:35.0107 0x1c60  BthAvrcpTg - ok
12:33:35.0154 0x1c60  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
12:33:35.0185 0x1c60  BthHFEnum - ok
12:33:35.0201 0x1c60  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
12:33:35.0232 0x1c60  bthhfhid - ok
12:33:35.0279 0x1c60  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
12:33:35.0294 0x1c60  BthHFSrv - ok
12:33:35.0310 0x1c60  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
12:33:35.0341 0x1c60  BTHMODEM - ok
12:33:35.0373 0x1c60  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
12:33:35.0404 0x1c60  bthserv - ok
12:33:35.0513 0x1c60  [ F9709CC185D19D73F036CF2E47B6DEA5, 9A811FF234EC256A3A9ACDE7CFA23D9797321010E70CA3C2824AB8BBF07B80C0 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
12:33:35.0591 0x1c60  CCDMonitorService - ok
12:33:35.0623 0x1c60  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:33:35.0669 0x1c60  cdfs - ok
12:33:35.0685 0x1c60  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
12:33:35.0716 0x1c60  cdrom - ok
12:33:35.0748 0x1c60  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
12:33:35.0779 0x1c60  CertPropSvc - ok
12:33:35.0826 0x1c60  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
12:33:35.0841 0x1c60  circlass - ok
12:33:35.0873 0x1c60  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
12:33:35.0888 0x1c60  CLFS - ok
12:33:35.0935 0x1c60  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
12:33:35.0982 0x1c60  CmBatt - ok
12:33:36.0029 0x1c60  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
12:33:36.0060 0x1c60  CNG - ok
12:33:36.0076 0x1c60  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
12:33:36.0091 0x1c60  CompositeBus - ok
12:33:36.0107 0x1c60  COMSysApp - ok
12:33:36.0107 0x1c60  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
12:33:36.0154 0x1c60  condrv - ok
12:33:36.0263 0x1c60  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:33:36.0279 0x1c60  cphs - ok
12:33:36.0310 0x1c60  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:33:36.0357 0x1c60  CryptSvc - ok
12:33:36.0357 0x1c60  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
12:33:36.0373 0x1c60  dam - ok
12:33:36.0451 0x1c60  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:33:36.0498 0x1c60  DcomLaunch - ok
12:33:36.0544 0x1c60  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
12:33:36.0607 0x1c60  defragsvc - ok
12:33:36.0654 0x1c60  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:33:36.0685 0x1c60  DeviceAssociationService - ok
12:33:36.0763 0x1c60  [ 6EC5098678F3E8724A9F3E151031FEDE, 50D8BF9AC08497FA45C097186BD5C0E85C265DDC40A48491E78249BB7243649D ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
12:33:36.0779 0x1c60  DeviceFastLaneService - ok
12:33:36.0826 0x1c60  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
12:33:36.0841 0x1c60  DeviceInstall - ok
12:33:36.0873 0x1c60  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
12:33:36.0904 0x1c60  Dfsc - ok
12:33:36.0935 0x1c60  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:33:36.0935 0x1c60  dg_ssudbus - ok
12:33:36.0998 0x1c60  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:33:37.0093 0x1c60  Dhcp - ok
12:33:37.0155 0x1c60  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
12:33:37.0155 0x1c60  disk - ok
12:33:37.0202 0x1c60  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
12:33:37.0233 0x1c60  dmvsc - ok
12:33:37.0280 0x1c60  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:33:37.0312 0x1c60  Dnscache - ok
12:33:37.0374 0x1c60  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:33:37.0405 0x1c60  dot3svc - ok
12:33:37.0452 0x1c60  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
12:33:37.0468 0x1c60  dot4 - ok
12:33:37.0483 0x1c60  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
12:33:37.0483 0x1c60  Dot4Print - ok
12:33:37.0499 0x1c60  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
12:33:37.0515 0x1c60  dot4usb - ok
12:33:37.0561 0x1c60  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
12:33:37.0577 0x1c60  DPS - ok
12:33:37.0608 0x1c60  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:33:37.0624 0x1c60  drmkaud - ok
12:33:37.0686 0x1c60  [ 7C685CB0AC7D4E998D213C8B84FA609F, C4D8D178987FA68BC2A8864CB84AAD47031B5956DECD74929C4ED36AE1F41470 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:33:37.0702 0x1c60  DsiWMIService - ok
12:33:37.0749 0x1c60  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
12:33:37.0780 0x1c60  DsmSvc - ok
12:33:37.0858 0x1c60  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:33:37.0921 0x1c60  DXGKrnl - ok
12:33:37.0968 0x1c60  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
12:33:37.0999 0x1c60  Eaphost - ok
12:33:38.0124 0x1c60  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
12:33:38.0265 0x1c60  ebdrv - ok
12:33:38.0312 0x1c60  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
12:33:38.0327 0x1c60  EFS - ok
12:33:38.0374 0x1c60  [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
12:33:38.0374 0x1c60  EgisTec Ticket Service - ok
12:33:38.0421 0x1c60  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
12:33:38.0437 0x1c60  EhStorClass - ok
12:33:38.0468 0x1c60  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:33:38.0484 0x1c60  EhStorTcgDrv - ok
12:33:38.0562 0x1c60  [ C9455140176A5D1F05FDA44E5F319856, 2FE7ED1C70BFF238F7EB5CFF76552F272A4C95449A8D5C264E340C46281C1F75 ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
12:33:38.0593 0x1c60  ePowerSvc - ok
12:33:38.0609 0x1c60  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
12:33:38.0640 0x1c60  ErrDev - ok
12:33:38.0687 0x1c60  [ 4E8D5177B439872F7AE6DAB7B6859B6B, B0A3C3F0F92ADD3DE57838B213F23984FDFC6DD5B62C317DA519805EC4135E71 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
12:33:38.0702 0x1c60  ETD - ok
12:33:38.0765 0x1c60  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
12:33:38.0828 0x1c60  EventSystem - ok
12:33:38.0859 0x1c60  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
12:33:38.0921 0x1c60  exfat - ok
12:33:38.0968 0x1c60  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
12:33:38.0984 0x1c60  fastfat - ok
12:33:39.0031 0x1c60  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:33:39.0093 0x1c60  Fax - ok
12:33:39.0109 0x1c60  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
12:33:39.0140 0x1c60  fdc - ok
12:33:39.0171 0x1c60  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
12:33:39.0187 0x1c60  fdPHost - ok
12:33:39.0218 0x1c60  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
12:33:39.0234 0x1c60  FDResPub - ok
12:33:39.0281 0x1c60  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
12:33:39.0328 0x1c60  fhsvc - ok
12:33:39.0359 0x1c60  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
12:33:39.0374 0x1c60  FileInfo - ok
12:33:39.0406 0x1c60  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
12:33:39.0421 0x1c60  Filetrace - ok
12:33:39.0468 0x1c60  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:33:39.0499 0x1c60  FLEXnet Licensing Service - ok
12:33:39.0515 0x1c60  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
12:33:39.0531 0x1c60  flpydisk - ok
12:33:39.0578 0x1c60  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:33:39.0609 0x1c60  FltMgr - ok
12:33:39.0687 0x1c60  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
12:33:39.0765 0x1c60  FontCache - ok
12:33:39.0859 0x1c60  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:33:39.0874 0x1c60  FontCache3.0.0.0 - ok
12:33:39.0906 0x1c60  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
12:33:39.0921 0x1c60  FsDepends - ok
12:33:39.0937 0x1c60  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:33:39.0937 0x1c60  Fs_Rec - ok
12:33:39.0999 0x1c60  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:33:40.0031 0x1c60  fvevol - ok
12:33:40.0062 0x1c60  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
12:33:40.0093 0x1c60  FxPPM - ok
12:33:40.0109 0x1c60  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
12:33:40.0124 0x1c60  gagp30kx - ok
12:33:40.0140 0x1c60  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:33:40.0156 0x1c60  GEARAspiWDM - ok
12:33:40.0187 0x1c60  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
12:33:40.0203 0x1c60  gencounter - ok
12:33:40.0218 0x1c60  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:33:40.0234 0x1c60  GPIOClx0101 - ok
12:33:40.0312 0x1c60  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:33:40.0406 0x1c60  gpsvc - ok
12:33:40.0468 0x1c60  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:33:40.0484 0x1c60  gupdate - ok
12:33:40.0499 0x1c60  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:33:40.0499 0x1c60  gupdatem - ok
12:33:40.0546 0x1c60  [ 83BC656EE0821F9E5ED7AE1AE3DEDE0E, 788583DB61677856415588E3D1A2429C6C5DC360DC2CE6185DD73E774DF77C35 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
12:33:40.0546 0x1c60  Hamachi - ok
12:33:40.0640 0x1c60  [ E24E88736B13BC54CA93E7F86A0F4FCF, 0BD480373AE40C1155E4B4C1D5607C7DF9CD4C5D9C5034F7A35993180BDF2665 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:33:40.0703 0x1c60  Hamachi2Svc - ok
12:33:40.0734 0x1c60  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:33:40.0765 0x1c60  HDAudBus - ok
12:33:40.0781 0x1c60  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
12:33:40.0796 0x1c60  HidBatt - ok
12:33:40.0828 0x1c60  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
12:33:40.0859 0x1c60  HidBth - ok
12:33:40.0890 0x1c60  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
12:33:40.0921 0x1c60  hidi2c - ok
12:33:40.0953 0x1c60  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
12:33:40.0968 0x1c60  HidIr - ok
12:33:40.0999 0x1c60  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
12:33:41.0031 0x1c60  hidserv - ok
12:33:41.0062 0x1c60  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:33:41.0093 0x1c60  HidUsb - ok
12:33:41.0125 0x1c60  [ A894FB2CAE6A29F5D9C8EDA47B074623, F39014379B6F546CF3D3F56A343A7173B600A350715638040AE93E03EAB81CAC ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
12:33:41.0140 0x1c60  HipShieldK - ok
12:33:41.0187 0x1c60  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
12:33:41.0218 0x1c60  hkmsvc - ok
12:33:41.0265 0x1c60  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:33:41.0297 0x1c60  HomeGroupListener - ok
12:33:41.0343 0x1c60  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:33:41.0390 0x1c60  HomeGroupProvider - ok
12:33:41.0437 0x1c60  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
12:33:41.0453 0x1c60  HpSAMD - ok
12:33:41.0500 0x1c60  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
12:33:41.0562 0x1c60  HTTP - ok
12:33:41.0609 0x1c60  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
12:33:41.0625 0x1c60  hwpolicy - ok
12:33:41.0640 0x1c60  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
12:33:41.0656 0x1c60  hyperkbd - ok
12:33:41.0672 0x1c60  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:33:41.0672 0x1c60  HyperVideo - ok
12:33:41.0718 0x1c60  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
12:33:41.0750 0x1c60  i8042prt - ok
12:33:41.0765 0x1c60  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:33:41.0765 0x1c60  iaLPSSi_GPIO - ok
12:33:41.0781 0x1c60  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:33:41.0797 0x1c60  iaLPSSi_I2C - ok
12:33:41.0859 0x1c60  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
12:33:41.0875 0x1c60  iaStorA - ok
12:33:41.0906 0x1c60  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
12:33:41.0968 0x1c60  iaStorAV - ok
12:33:42.0000 0x1c60  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
12:33:42.0015 0x1c60  iaStorV - ok
12:33:42.0031 0x1c60  IEEtwCollectorService - ok
12:33:42.0204 0x1c60  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:33:42.0392 0x1c60  igfx - ok
12:33:42.0470 0x1c60  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
12:33:42.0532 0x1c60  IKEEXT - ok
12:33:42.0548 0x1c60  [ 9321A61A25C7961D9F36852ECAA86F55, F8965FDCE668692C3785AFA3559159F9A18287BC0D53ABB21902895A8ECF221B ] inpoutx64       C:\WINDOWS\system32\drivers\inpoutx64.sys
12:33:42.0548 0x1c60  inpoutx64 - ok
12:33:42.0720 0x1c60  [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:33:42.0860 0x1c60  IntcAzAudAddService - ok
12:33:42.0907 0x1c60  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:33:42.0938 0x1c60  IntcDAud - ok
12:33:42.0985 0x1c60  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:33:43.0017 0x1c60  Intel(R) Capability Licensing Service Interface - ok
12:33:43.0032 0x1c60  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
12:33:43.0032 0x1c60  intelide - ok
12:33:43.0064 0x1c60  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
12:33:43.0079 0x1c60  intelpep - ok
12:33:43.0095 0x1c60  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
12:33:43.0095 0x1c60  intelppm - ok
12:33:43.0110 0x1c60  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:33:43.0142 0x1c60  IpFilterDriver - ok
12:33:43.0204 0x1c60  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:33:43.0251 0x1c60  iphlpsvc - ok
12:33:43.0267 0x1c60  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:33:43.0298 0x1c60  IPMIDRV - ok
12:33:43.0329 0x1c60  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
12:33:43.0345 0x1c60  IPNAT - ok
12:33:43.0392 0x1c60  [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:33:43.0407 0x1c60  iPod Service - ok
12:33:43.0454 0x1c60  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
12:33:43.0485 0x1c60  IRENUM - ok
12:33:43.0517 0x1c60  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
12:33:43.0532 0x1c60  isapnp - ok
12:33:43.0579 0x1c60  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
12:33:43.0595 0x1c60  iScsiPrt - ok
12:33:43.0673 0x1c60  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:33:43.0673 0x1c60  jhi_service - ok
12:33:43.0735 0x1c60  [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a        C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
12:33:43.0751 0x1c60  k57nd60a - ok
12:33:43.0798 0x1c60  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
12:33:43.0814 0x1c60  kbdclass - ok
12:33:43.0845 0x1c60  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
12:33:43.0845 0x1c60  kbdhid - ok
12:33:43.0892 0x1c60  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:33:43.0907 0x1c60  kdnic - ok
12:33:43.0907 0x1c60  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
12:33:43.0923 0x1c60  KeyIso - ok
12:33:43.0970 0x1c60  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
12:33:43.0985 0x1c60  KSecDD - ok
12:33:44.0032 0x1c60  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:33:44.0048 0x1c60  KSecPkg - ok
12:33:44.0079 0x1c60  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
12:33:44.0079 0x1c60  ksthunk - ok
12:33:44.0111 0x1c60  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
12:33:44.0142 0x1c60  KtmRm - ok
12:33:44.0189 0x1c60  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
12:33:44.0220 0x1c60  LanmanServer - ok
12:33:44.0283 0x1c60  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:33:44.0298 0x1c60  LanmanWorkstation - ok
12:33:44.0329 0x1c60  [ CB832B008ABB822FD5ECDF03BA46C66E, 9512D5F5FDE1B05B0F2487FFE0E32C9091FD3D829AB8518FCAD660BD03779BB0 ] LcUvcUpper      C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys
12:33:44.0345 0x1c60  LcUvcUpper - ok
12:33:44.0392 0x1c60  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
12:33:44.0454 0x1c60  lfsvc - ok
12:33:44.0470 0x1c60  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:33:44.0486 0x1c60  lltdio - ok
12:33:44.0533 0x1c60  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
12:33:44.0564 0x1c60  lltdsvc - ok
12:33:44.0611 0x1c60  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
12:33:44.0642 0x1c60  lmhosts - ok
12:33:44.0689 0x1c60  [ 02468469C450CD16FB66A56FAB70138B, 9C3788B3DB2DBF9DE192447EADB6F1A17B69FC4813284B86E589784A53154FAA ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:33:44.0704 0x1c60  LMIGuardianSvc - ok
12:33:44.0736 0x1c60  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:33:44.0751 0x1c60  LMS - ok
12:33:44.0798 0x1c60  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
12:33:44.0814 0x1c60  LSI_SAS - ok
12:33:44.0829 0x1c60  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:33:44.0845 0x1c60  LSI_SAS2 - ok
12:33:44.0861 0x1c60  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:33:44.0876 0x1c60  LSI_SAS3 - ok
12:33:44.0892 0x1c60  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
12:33:44.0908 0x1c60  LSI_SSS - ok
12:33:44.0954 0x1c60  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
12:33:45.0048 0x1c60  LSM - ok
12:33:45.0095 0x1c60  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
12:33:45.0111 0x1c60  luafv - ok
12:33:45.0126 0x1c60  [ 035C83CD72E06C47000793D32B1A642D, 38B498D912EB3D0E3EE1266BD559234A5CF463AF81E92D6CBEE83ABECBF5DB74 ] massfilter      C:\WINDOWS\System32\drivers\massfilter.sys
12:33:45.0173 0x1c60  massfilter - ok
12:33:45.0204 0x1c60  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
12:33:45.0220 0x1c60  megasas - ok
12:33:45.0251 0x1c60  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
12:33:45.0283 0x1c60  megasr - ok
12:33:45.0314 0x1c60  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
12:33:45.0329 0x1c60  MEIx64 - ok
12:33:45.0361 0x1c60  [ 450B77CAC7384A9C1BAF476AC302CD4C, 796218B2EE59C1B8DEE1D5A9231CD0627775C79051596B88CFE029927820B798 ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
12:33:45.0376 0x1c60  mferkdet - ok
12:33:45.0408 0x1c60  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
12:33:45.0439 0x1c60  MMCSS - ok
12:33:45.0454 0x1c60  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
12:33:45.0486 0x1c60  Modem - ok
12:33:45.0517 0x1c60  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
12:33:45.0564 0x1c60  monitor - ok
12:33:45.0595 0x1c60  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
12:33:45.0611 0x1c60  mouclass - ok
12:33:45.0642 0x1c60  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
12:33:45.0673 0x1c60  mouhid - ok
12:33:45.0720 0x1c60  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
12:33:45.0736 0x1c60  mountmgr - ok
12:33:45.0767 0x1c60  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
12:33:45.0798 0x1c60  mpsdrv - ok
12:33:45.0861 0x1c60  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
12:33:45.0923 0x1c60  MpsSvc - ok
12:33:46.0001 0x1c60  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
12:33:46.0033 0x1c60  MRxDAV - ok
12:33:46.0064 0x1c60  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:33:46.0111 0x1c60  mrxsmb - ok
12:33:46.0173 0x1c60  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:33:46.0205 0x1c60  mrxsmb10 - ok
12:33:46.0236 0x1c60  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:33:46.0267 0x1c60  mrxsmb20 - ok
12:33:46.0299 0x1c60  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
12:33:46.0330 0x1c60  MsBridge - ok
12:33:46.0377 0x1c60  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:33:46.0392 0x1c60  MSDTC - ok
12:33:46.0439 0x1c60  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:33:46.0455 0x1c60  Msfs - ok
12:33:46.0502 0x1c60  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:33:46.0517 0x1c60  msgpiowin32 - ok
12:33:46.0533 0x1c60  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:33:46.0549 0x1c60  mshidkmdf - ok
12:33:46.0564 0x1c60  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
12:33:46.0564 0x1c60  mshidumdf - ok
12:33:46.0596 0x1c60  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
12:33:46.0596 0x1c60  msisadrv - ok
12:33:46.0642 0x1c60  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
12:33:46.0658 0x1c60  MSiSCSI - ok
12:33:46.0674 0x1c60  msiserver - ok
12:33:46.0705 0x1c60  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:33:46.0721 0x1c60  MSKSSRV - ok
12:33:46.0752 0x1c60  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:33:46.0783 0x1c60  MsLldp - ok
12:33:46.0799 0x1c60  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:33:46.0814 0x1c60  MSPCLOCK - ok
12:33:46.0830 0x1c60  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:33:46.0861 0x1c60  MSPQM - ok
12:33:46.0908 0x1c60  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
12:33:46.0924 0x1c60  MsRPC - ok
12:33:46.0939 0x1c60  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
12:33:46.0955 0x1c60  mssmbios - ok
12:33:46.0971 0x1c60  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
12:33:47.0002 0x1c60  MSTEE - ok
12:33:47.0002 0x1c60  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
12:33:47.0033 0x1c60  MTConfig - ok
12:33:47.0049 0x1c60  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
12:33:47.0064 0x1c60  Mup - ok
12:33:47.0080 0x1c60  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
12:33:47.0096 0x1c60  mvumis - ok
12:33:47.0111 0x1c60  [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter    C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys
12:33:47.0127 0x1c60  mwlPSDFilter - ok
12:33:47.0158 0x1c60  [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ     C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys
12:33:47.0174 0x1c60  mwlPSDNServ - ok
12:33:47.0189 0x1c60  [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk     C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys
12:33:47.0189 0x1c60  mwlPSDVDisk - ok
12:33:47.0236 0x1c60  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
12:33:47.0267 0x1c60  napagent - ok
12:33:47.0330 0x1c60  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:33:47.0361 0x1c60  NativeWifiP - ok
12:33:47.0408 0x1c60  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
12:33:47.0424 0x1c60  NcaSvc - ok
12:33:47.0486 0x1c60  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
12:33:47.0502 0x1c60  NcbService - ok
12:33:47.0533 0x1c60  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
12:33:47.0549 0x1c60  NcdAutoSetup - ok
12:33:47.0627 0x1c60  [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
12:33:47.0705 0x1c60  NDIS - ok
12:33:47.0752 0x1c60  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:33:47.0752 0x1c60  NdisCap - ok
12:33:47.0799 0x1c60  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:33:47.0814 0x1c60  NdisImPlatform - ok
12:33:47.0861 0x1c60  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:33:47.0892 0x1c60  NdisTapi - ok
12:33:47.0924 0x1c60  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:33:47.0939 0x1c60  Ndisuio - ok
12:33:47.0955 0x1c60  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:33:47.0971 0x1c60  NdisVirtualBus - ok
12:33:47.0986 0x1c60  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:33:48.0017 0x1c60  NdisWan - ok
12:33:48.0033 0x1c60  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:33:48.0049 0x1c60  NdisWanLegacy - ok
12:33:48.0096 0x1c60  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:33:48.0111 0x1c60  NDProxy - ok
12:33:48.0143 0x1c60  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:33:48.0158 0x1c60  Ndu - ok
12:33:48.0189 0x1c60  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:33:48.0221 0x1c60  NetBIOS - ok
12:33:48.0252 0x1c60  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:33:48.0283 0x1c60  NetBT - ok
12:33:48.0299 0x1c60  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:33:48.0314 0x1c60  Netlogon - ok
12:33:48.0346 0x1c60  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
12:33:48.0377 0x1c60  Netman - ok
12:33:48.0424 0x1c60  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
12:33:48.0471 0x1c60  netprofm - ok
12:33:48.0518 0x1c60  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:33:48.0564 0x1c60  NetTcpPortSharing - ok
12:33:48.0611 0x1c60  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
12:33:48.0627 0x1c60  netvsc - ok
12:33:48.0674 0x1c60  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
12:33:48.0705 0x1c60  NlaSvc - ok
12:33:48.0752 0x1c60  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:33:48.0783 0x1c60  Npfs - ok
12:33:48.0814 0x1c60  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
12:33:48.0830 0x1c60  npsvctrig - ok
12:33:48.0877 0x1c60  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
12:33:48.0908 0x1c60  nsi - ok
12:33:48.0955 0x1c60  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
12:33:48.0971 0x1c60  nsiproxy - ok
12:33:49.0064 0x1c60  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:33:49.0174 0x1c60  Ntfs - ok
12:33:49.0236 0x1c60  [ FF472A7055E765498AE52564B1503C3F, 89A6E603238F854AA20F9E8EA4A4D4E281B95ED941A087B7E48FE961D1052CBA ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
12:33:49.0252 0x1c60  NTI IScheduleSvc - ok
12:33:49.0268 0x1c60  [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
12:33:49.0283 0x1c60  NTIDrvr - ok
12:33:49.0299 0x1c60  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:33:49.0330 0x1c60  Null - ok
12:33:49.0689 0x1c60  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
12:33:50.0112 0x1c60  nvlddmkm - ok
12:33:50.0143 0x1c60  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
12:33:50.0158 0x1c60  nvpciflt - ok
12:33:50.0190 0x1c60  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
12:33:50.0205 0x1c60  nvraid - ok
12:33:50.0221 0x1c60  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
12:33:50.0237 0x1c60  nvstor - ok
12:33:50.0299 0x1c60  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
12:33:50.0330 0x1c60  nvsvc - ok
12:33:50.0424 0x1c60  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:33:50.0502 0x1c60  nvUpdatusService - ok
12:33:50.0534 0x1c60  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
12:33:50.0549 0x1c60  nv_agp - ok
12:33:50.0627 0x1c60  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:33:50.0643 0x1c60  odserv - ok
12:33:50.0674 0x1c60  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:33:50.0690 0x1c60  ose - ok
12:33:50.0737 0x1c60  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
12:33:50.0768 0x1c60  p2pimsvc - ok
12:33:50.0815 0x1c60  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
12:33:50.0862 0x1c60  p2psvc - ok
12:33:50.0909 0x1c60  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
12:33:50.0924 0x1c60  Parport - ok
12:33:50.0955 0x1c60  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:33:50.0971 0x1c60  partmgr - ok
12:33:51.0018 0x1c60  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
12:33:51.0065 0x1c60  PcaSvc - ok
12:33:51.0096 0x1c60  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
12:33:51.0112 0x1c60  pci - ok
12:33:51.0127 0x1c60  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
12:33:51.0143 0x1c60  pciide - ok
12:33:51.0159 0x1c60  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
12:33:51.0174 0x1c60  pcmcia - ok
12:33:51.0190 0x1c60  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
12:33:51.0190 0x1c60  pcw - ok
12:33:51.0221 0x1c60  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
12:33:51.0237 0x1c60  pdc - ok
12:33:51.0284 0x1c60  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
12:33:51.0362 0x1c60  PEAUTH - ok
12:33:51.0471 0x1c60  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
12:33:51.0487 0x1c60  PerfHost - ok
12:33:51.0580 0x1c60  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
12:33:51.0659 0x1c60  pla - ok
12:33:51.0705 0x1c60  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
12:33:51.0721 0x1c60  PlugPlay - ok
12:33:51.0752 0x1c60  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
12:33:51.0768 0x1c60  PNRPAutoReg - ok
12:33:51.0799 0x1c60  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
12:33:51.0815 0x1c60  PNRPsvc - ok
12:33:51.0862 0x1c60  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:33:51.0909 0x1c60  PolicyAgent - ok
12:33:51.0940 0x1c60  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
12:33:51.0955 0x1c60  Power - ok
12:33:52.0002 0x1c60  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:33:52.0034 0x1c60  PptpMiniport - ok
12:33:52.0190 0x1c60  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:33:52.0346 0x1c60  PrintNotify - ok
12:33:52.0393 0x1c60  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
12:33:52.0409 0x1c60  Processor - ok
12:33:52.0456 0x1c60  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
12:33:52.0487 0x1c60  ProfSvc - ok
12:33:52.0503 0x1c60  [ 60C5C840B019B301650296F2334BDE8D, D03675809F9468140319F7D7D658290A4A23A9C0A7076A3035F81F200196669E ] PRTDRV          C:\WINDOWS\system32\Drivers\PRTDRV.sys
12:33:52.0518 0x1c60  PRTDRV - ok
12:33:52.0556 0x1c60  [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid       C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
12:33:52.0563 0x1c60  Ps2Kb2Hid - ok
12:33:52.0597 0x1c60  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
12:33:52.0612 0x1c60  Psched - ok
12:33:52.0659 0x1c60  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
12:33:52.0706 0x1c60  QWAVE - ok
12:33:52.0784 0x1c60  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
12:33:52.0862 0x1c60  QWAVEdrv - ok
12:33:52.0925 0x1c60  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:33:52.0925 0x1c60  RasAcd - ok
12:33:52.0956 0x1c60  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
12:33:52.0987 0x1c60  RasAgileVpn - ok
12:33:53.0034 0x1c60  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:33:53.0050 0x1c60  RasAuto - ok
12:33:53.0097 0x1c60  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:33:53.0112 0x1c60  Rasl2tp - ok
12:33:53.0159 0x1c60  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:33:53.0191 0x1c60  RasMan - ok
12:33:53.0222 0x1c60  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:33:53.0237 0x1c60  RasPppoe - ok
12:33:53.0269 0x1c60  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
12:33:53.0284 0x1c60  RasSstp - ok
12:33:53.0331 0x1c60  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:33:53.0363 0x1c60  rdbss - ok
12:33:53.0394 0x1c60  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
12:33:53.0425 0x1c60  rdpbus - ok
12:33:53.0441 0x1c60  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
12:33:53.0472 0x1c60  RDPDR - ok
12:33:53.0503 0x1c60  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:33:53.0519 0x1c60  RdpVideoMiniport - ok
12:33:53.0534 0x1c60  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
12:33:53.0550 0x1c60  rdyboost - ok
12:33:53.0628 0x1c60  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
12:33:53.0691 0x1c60  ReFS - ok
12:33:53.0737 0x1c60  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:33:53.0753 0x1c60  RemoteAccess - ok
12:33:53.0800 0x1c60  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:33:53.0816 0x1c60  RemoteRegistry - ok
12:33:53.0847 0x1c60  [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
12:33:53.0863 0x1c60  RfButtonDriverService - ok
12:33:53.0894 0x1c60  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
12:33:53.0909 0x1c60  RpcEptMapper - ok
12:33:53.0956 0x1c60  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:33:53.0972 0x1c60  RpcLocator - ok
12:33:54.0034 0x1c60  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:33:54.0066 0x1c60  RpcSs - ok
12:33:54.0113 0x1c60  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:33:54.0128 0x1c60  rspndr - ok
12:33:54.0159 0x1c60  [ 646B22BADBD24C6D528AA6B8ABE0EC0E, 7A7D5927302CD637ACEA57CCAB5CAB231994ACDE0F2106EF635DF1C1B3F2D544 ] RTL2832UBDA     C:\WINDOWS\system32\drivers\RTL2832UBDA.sys
12:33:54.0175 0x1c60  RTL2832UBDA - ok
12:33:54.0191 0x1c60  [ C4D4EF0FF8F43A4D5C4F5F05A7F13631, DA7D49F4D14E70F90DD80CDAFAEA7529DF94A69CE10B4FC46CF8B644DA20CB50 ] RTL2832UUSB     C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys
12:33:54.0206 0x1c60  RTL2832UUSB - ok
12:33:54.0238 0x1c60  [ 19FAA5E7CF3D5263F4E79450A03E50CA, 372CA259C8996B2B0283698F10A8FFD381E549BC9221EB105056DAEB4023B446 ] RTL2832U_IRHID  C:\WINDOWS\System32\drivers\RTL2832U_IRHID.sys
12:33:54.0253 0x1c60  RTL2832U_IRHID - ok
12:33:54.0269 0x1c60  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
12:33:54.0284 0x1c60  s3cap - ok
12:33:54.0331 0x1c60  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
12:33:54.0347 0x1c60  SamSs - ok
12:33:54.0378 0x1c60  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
12:33:54.0394 0x1c60  sbp2port - ok
12:33:54.0441 0x1c60  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
12:33:54.0472 0x1c60  SCardSvr - ok
12:33:54.0503 0x1c60  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
12:33:54.0519 0x1c60  ScDeviceEnum - ok
12:33:54.0566 0x1c60  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:33:54.0581 0x1c60  scfilter - ok
12:33:54.0659 0x1c60  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:33:54.0738 0x1c60  Schedule - ok
12:33:54.0784 0x1c60  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
12:33:54.0800 0x1c60  SCPolicySvc - ok
12:33:54.0831 0x1c60  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
12:33:54.0863 0x1c60  sdbus - ok
12:33:54.0894 0x1c60  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
12:33:54.0909 0x1c60  sdstor - ok
12:33:54.0956 0x1c60  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
12:33:54.0988 0x1c60  secdrv - ok
12:33:55.0034 0x1c60  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
12:33:55.0050 0x1c60  seclogon - ok
12:33:55.0081 0x1c60  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
12:33:55.0097 0x1c60  SENS - ok
12:33:55.0144 0x1c60  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
12:33:55.0191 0x1c60  SensrSvc - ok
12:33:55.0222 0x1c60  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
12:33:55.0238 0x1c60  SerCx - ok
12:33:55.0253 0x1c60  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
12:33:55.0269 0x1c60  SerCx2 - ok
12:33:55.0284 0x1c60  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
12:33:55.0300 0x1c60  Serenum - ok
12:33:55.0316 0x1c60  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
12:33:55.0331 0x1c60  Serial - ok
12:33:55.0363 0x1c60  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
12:33:55.0378 0x1c60  sermouse - ok
12:33:55.0425 0x1c60  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
12:33:55.0456 0x1c60  SessionEnv - ok
12:33:55.0503 0x1c60  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
12:33:55.0503 0x1c60  sfloppy - ok
12:33:55.0581 0x1c60  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:33:55.0613 0x1c60  SharedAccess - ok
12:33:55.0691 0x1c60  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:33:55.0738 0x1c60  ShellHWDetection - ok
12:33:55.0784 0x1c60  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:33:55.0784 0x1c60  SiSRaid2 - ok
12:33:55.0831 0x1c60  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
12:33:55.0847 0x1c60  SiSRaid4 - ok
12:33:55.0925 0x1c60  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:33:55.0956 0x1c60  SkypeUpdate - ok
12:33:56.0003 0x1c60  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
12:33:56.0019 0x1c60  smphost - ok
12:33:56.0050 0x1c60  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
12:33:56.0066 0x1c60  SNMPTRAP - ok
12:33:56.0113 0x1c60  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
12:33:56.0144 0x1c60  spaceport - ok
12:33:56.0191 0x1c60  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
12:33:56.0207 0x1c60  SpbCx - ok
12:33:56.0269 0x1c60  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
12:33:56.0332 0x1c60  Spooler - ok
12:33:56.0582 0x1c60  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
12:33:56.0863 0x1c60  sppsvc - ok
12:33:56.0910 0x1c60  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:33:56.0972 0x1c60  srv - ok
12:33:57.0019 0x1c60  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
12:33:57.0113 0x1c60  srv2 - ok
12:33:57.0144 0x1c60  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:33:57.0175 0x1c60  srvnet - ok
12:33:57.0238 0x1c60  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:33:57.0269 0x1c60  SSDPSRV - ok
12:33:57.0300 0x1c60  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
12:33:57.0316 0x1c60  SstpSvc - ok
12:33:57.0347 0x1c60  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:33:57.0363 0x1c60  ssudmdm - ok
12:33:57.0410 0x1c60  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
12:33:57.0410 0x1c60  stexstor - ok
12:33:57.0488 0x1c60  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
12:33:57.0550 0x1c60  stisvc - ok
12:33:57.0566 0x1c60  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
12:33:57.0582 0x1c60  storahci - ok
12:33:57.0629 0x1c60  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
12:33:57.0644 0x1c60  storflt - ok
12:33:57.0691 0x1c60  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
12:33:57.0691 0x1c60  stornvme - ok
12:33:57.0738 0x1c60  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
12:33:57.0769 0x1c60  StorSvc - ok
12:33:57.0769 0x1c60  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
12:33:57.0785 0x1c60  storvsc - ok
12:33:57.0816 0x1c60  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
12:33:57.0847 0x1c60  svsvc - ok
12:33:57.0894 0x1c60  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
12:33:57.0910 0x1c60  swenum - ok
12:33:57.0972 0x1c60  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
12:33:58.0035 0x1c60  swprv - ok
12:33:58.0098 0x1c60  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\WINDOWS\system32\sysmain.dll
12:33:58.0176 0x1c60  SysMain - ok
12:33:58.0223 0x1c60  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:33:58.0238 0x1c60  SystemEventsBroker - ok
12:33:58.0301 0x1c60  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:33:58.0348 0x1c60  TabletInputService - ok
12:33:58.0379 0x1c60  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:33:58.0410 0x1c60  TapiSrv - ok
12:33:58.0535 0x1c60  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
12:33:58.0644 0x1c60  Tcpip - ok
12:33:58.0738 0x1c60  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:33:58.0832 0x1c60  TCPIP6 - ok
12:33:58.0879 0x1c60  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
12:33:58.0895 0x1c60  tcpipreg - ok
12:33:58.0957 0x1c60  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
12:33:58.0957 0x1c60  tdx - ok
12:33:59.0004 0x1c60  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
12:33:59.0019 0x1c60  terminpt - ok
12:33:59.0082 0x1c60  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:33:59.0145 0x1c60  TermService - ok
12:33:59.0207 0x1c60  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
12:33:59.0223 0x1c60  Themes - ok
12:33:59.0270 0x1c60  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
12:33:59.0270 0x1c60  THREADORDER - ok
12:33:59.0301 0x1c60  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
12:33:59.0332 0x1c60  TimeBroker - ok
12:33:59.0379 0x1c60  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
12:33:59.0395 0x1c60  TPM - ok
12:33:59.0441 0x1c60  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
12:33:59.0457 0x1c60  TrkWks - ok
12:33:59.0504 0x1c60  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:33:59.0535 0x1c60  TrustedInstaller - ok
12:33:59.0566 0x1c60  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
12:33:59.0582 0x1c60  TsUsbFlt - ok
12:33:59.0629 0x1c60  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:33:59.0645 0x1c60  TsUsbGD - ok
12:33:59.0691 0x1c60  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:33:59.0707 0x1c60  tunnel - ok
12:33:59.0723 0x1c60  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
12:33:59.0738 0x1c60  uagp35 - ok
12:33:59.0785 0x1c60  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
12:33:59.0785 0x1c60  UASPStor - ok
12:33:59.0816 0x1c60  [ 69CC6087483FCE6AEBF1DF5AE791044F, 64A2699447049F77A4A5469537F81124114978BF356C079B123B79782EDC760A ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
12:33:59.0832 0x1c60  UBHelper - ok
12:33:59.0863 0x1c60  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
12:33:59.0879 0x1c60  UCX01000 - ok
12:33:59.0910 0x1c60  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
12:33:59.0957 0x1c60  udfs - ok
12:33:59.0973 0x1c60  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
12:33:59.0988 0x1c60  UEFI - ok
12:34:00.0035 0x1c60  [ C46C4BE1BAB0F0669F6C21151BBDA557, 3E74BF7B0AA65591B76F2E8635CA18F7F078534B3D92DB0F7750C184E58785B9 ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
12:34:00.0051 0x1c60  UI Assistant Service - ok
12:34:00.0098 0x1c60  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
12:34:00.0113 0x1c60  UI0Detect - ok
12:34:00.0145 0x1c60  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
12:34:00.0145 0x1c60  uliagpkx - ok
12:34:00.0176 0x1c60  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
12:34:00.0191 0x1c60  umbus - ok
12:34:00.0207 0x1c60  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
12:34:00.0223 0x1c60  UmPass - ok
12:34:00.0254 0x1c60  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
12:34:00.0301 0x1c60  UmRdpService - ok
12:34:00.0395 0x1c60  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:34:00.0410 0x1c60  UNS - ok
12:34:00.0457 0x1c60  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:34:00.0504 0x1c60  upnphost - ok
12:34:00.0520 0x1c60  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
12:34:00.0551 0x1c60  USBAAPL64 - ok
12:34:00.0598 0x1c60  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
12:34:00.0629 0x1c60  usbaudio - ok
12:34:00.0645 0x1c60  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
12:34:00.0660 0x1c60  usbccgp - ok
12:34:00.0707 0x1c60  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
12:34:00.0723 0x1c60  usbcir - ok
12:34:00.0754 0x1c60  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
12:34:00.0770 0x1c60  usbehci - ok
12:34:00.0801 0x1c60  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
12:34:00.0832 0x1c60  usbhub - ok
12:34:00.0879 0x1c60  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
12:34:00.0926 0x1c60  USBHUB3 - ok
12:34:00.0941 0x1c60  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
12:34:00.0957 0x1c60  usbohci - ok
12:34:00.0973 0x1c60  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
12:34:01.0004 0x1c60  usbprint - ok
12:34:01.0051 0x1c60  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\System32\drivers\usbscan.sys
12:34:01.0067 0x1c60  usbscan - ok
12:34:01.0098 0x1c60  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:34:01.0114 0x1c60  USBSTOR - ok
12:34:01.0145 0x1c60  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
12:34:01.0160 0x1c60  usbuhci - ok
12:34:01.0207 0x1c60  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
12:34:01.0239 0x1c60  usbvideo - ok
12:34:01.0285 0x1c60  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:34:01.0301 0x1c60  USBXHCI - ok
12:34:01.0317 0x1c60  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
12:34:01.0332 0x1c60  VaultSvc - ok
12:34:01.0364 0x1c60  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
12:34:01.0379 0x1c60  vdrvroot - ok
12:34:01.0442 0x1c60  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
12:34:01.0520 0x1c60  vds - ok
12:34:01.0535 0x1c60  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
12:34:01.0551 0x1c60  VerifierExt - ok
12:34:01.0614 0x1c60  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
12:34:01.0660 0x1c60  vhdmp - ok
12:34:01.0692 0x1c60  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
12:34:01.0707 0x1c60  viaide - ok
12:34:01.0730 0x1c60  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
12:34:01.0746 0x1c60  vmbus - ok
12:34:01.0762 0x1c60  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
12:34:01.0793 0x1c60  VMBusHID - ok
12:34:01.0840 0x1c60  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:34:01.0871 0x1c60  vmicguestinterface - ok
12:34:01.0887 0x1c60  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
12:34:01.0918 0x1c60  vmicheartbeat - ok
12:34:01.0933 0x1c60  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:34:01.0965 0x1c60  vmickvpexchange - ok
12:34:01.0980 0x1c60  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
12:34:02.0012 0x1c60  vmicrdv - ok
12:34:02.0027 0x1c60  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
12:34:02.0043 0x1c60  vmicshutdown - ok
12:34:02.0074 0x1c60  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
12:34:02.0090 0x1c60  vmictimesync - ok
12:34:02.0105 0x1c60  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
12:34:02.0137 0x1c60  vmicvss - ok
12:34:02.0152 0x1c60  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
12:34:02.0168 0x1c60  volmgr - ok
12:34:02.0199 0x1c60  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
12:34:02.0215 0x1c60  volmgrx - ok
12:34:02.0262 0x1c60  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
12:34:02.0277 0x1c60  volsnap - ok
12:34:02.0324 0x1c60  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
12:34:02.0324 0x1c60  vpci - ok
12:34:02.0387 0x1c60  [ CED5750ECF0D60F76727BE53CE05ED68, 192E7767BED6C1EA925F5A790EC75A1C2BC4FF20F6C832A1C910D515AA565B69 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
12:34:02.0418 0x1c60  vpnagent - ok
12:34:02.0465 0x1c60  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys
12:34:02.0480 0x1c60  vpnva - ok
12:34:02.0512 0x1c60  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
12:34:02.0527 0x1c60  vsmraid - ok
12:34:02.0605 0x1c60  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
12:34:02.0668 0x1c60  VSS - ok
12:34:02.0699 0x1c60  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
12:34:02.0730 0x1c60  VSTXRAID - ok
12:34:02.0793 0x1c60  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
12:34:02.0809 0x1c60  vwifibus - ok
12:34:02.0840 0x1c60  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:34:02.0855 0x1c60  vwififlt - ok
12:34:02.0887 0x1c60  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
12:34:02.0902 0x1c60  vwifimp - ok
12:34:02.0949 0x1c60  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
12:34:02.0980 0x1c60  W32Time - ok
12:34:03.0012 0x1c60  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
12:34:03.0027 0x1c60  WacomPen - ok
12:34:03.0074 0x1c60  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:34:03.0090 0x1c60  Wanarp - ok
12:34:03.0090 0x1c60  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:34:03.0105 0x1c60  Wanarpv6 - ok
12:34:03.0199 0x1c60  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
12:34:03.0277 0x1c60  wbengine - ok
12:34:03.0324 0x1c60  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
12:34:03.0418 0x1c60  WbioSrvc - ok
12:34:03.0465 0x1c60  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
12:34:03.0496 0x1c60  Wcmsvc - ok
12:34:03.0543 0x1c60  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
12:34:03.0574 0x1c60  wcncsvc - ok
12:34:03.0606 0x1c60  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:34:03.0633 0x1c60  WcsPlugInService - ok
12:34:03.0653 0x1c60  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
12:34:03.0668 0x1c60  WdBoot - ok
12:34:03.0715 0x1c60  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
12:34:03.0762 0x1c60  Wdf01000 - ok
12:34:03.0778 0x1c60  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
12:34:03.0809 0x1c60  WdFilter - ok
12:34:03.0856 0x1c60  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
12:34:03.0871 0x1c60  WdiServiceHost - ok
12:34:03.0871 0x1c60  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
12:34:03.0887 0x1c60  WdiSystemHost - ok
12:34:03.0918 0x1c60  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:34:03.0934 0x1c60  WdNisDrv - ok
12:34:03.0965 0x1c60  WdNisSvc - ok
12:34:03.0996 0x1c60  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:34:04.0043 0x1c60  WebClient - ok
12:34:04.0090 0x1c60  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
12:34:04.0121 0x1c60  Wecsvc - ok
12:34:04.0168 0x1c60  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
12:34:04.0184 0x1c60  WEPHOSTSVC - ok
12:34:04.0215 0x1c60  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
12:34:04.0262 0x1c60  wercplsupport - ok
12:34:04.0293 0x1c60  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
12:34:04.0324 0x1c60  WerSvc - ok
12:34:04.0371 0x1c60  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:34:04.0387 0x1c60  WFPLWFS - ok
12:34:04.0418 0x1c60  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
12:34:04.0434 0x1c60  WiaRpc - ok
12:34:04.0481 0x1c60  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
12:34:04.0496 0x1c60  WIMMount - ok
12:34:04.0496 0x1c60  WinDefend - ok
12:34:04.0559 0x1c60  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:34:04.0621 0x1c60  WinHttpAutoProxySvc - ok
12:34:04.0684 0x1c60  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:34:04.0699 0x1c60  Winmgmt - ok
12:34:04.0824 0x1c60  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:34:04.0934 0x1c60  WinRM - ok
12:34:04.0981 0x1c60  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
12:34:04.0996 0x1c60  WinUsb - ok
12:34:05.0059 0x1c60  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
12:34:05.0137 0x1c60  WlanSvc - ok
12:34:05.0215 0x1c60  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
12:34:05.0293 0x1c60  wlidsvc - ok
12:34:05.0325 0x1c60  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
12:34:05.0340 0x1c60  WmiAcpi - ok
12:34:05.0387 0x1c60  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:34:05.0418 0x1c60  wmiApSrv - ok
12:34:05.0434 0x1c60  WMPNetworkSvc - ok
12:34:05.0481 0x1c60  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:34:05.0497 0x1c60  Wof - ok
12:34:05.0590 0x1c60  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
12:34:05.0668 0x1c60  workfolderssvc - ok
12:34:05.0715 0x1c60  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:34:05.0731 0x1c60  wpcfltr - ok
12:34:05.0762 0x1c60  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
12:34:05.0793 0x1c60  WPCSvc - ok
12:34:05.0825 0x1c60  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
12:34:05.0856 0x1c60  WPDBusEnum - ok
12:34:05.0903 0x1c60  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:34:05.0918 0x1c60  WpdUpFltr - ok
12:34:05.0950 0x1c60  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:34:05.0965 0x1c60  ws2ifsl - ok
12:34:06.0012 0x1c60  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:34:06.0059 0x1c60  wscsvc - ok
12:34:06.0075 0x1c60  WSearch - ok
12:34:06.0200 0x1c60  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
12:34:06.0372 0x1c60  WSService - ok
12:34:06.0512 0x1c60  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
12:34:06.0684 0x1c60  wuauserv - ok
12:34:06.0731 0x1c60  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
12:34:06.0778 0x1c60  WudfPf - ok
12:34:06.0825 0x1c60  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
12:34:06.0840 0x1c60  WUDFRd - ok
12:34:06.0903 0x1c60  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
12:34:06.0919 0x1c60  wudfsvc - ok
12:34:06.0950 0x1c60  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
12:34:06.0965 0x1c60  WUDFWpdFs - ok
12:34:06.0965 0x1c60  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
12:34:06.0997 0x1c60  WUDFWpdMtp - ok
12:34:07.0044 0x1c60  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
12:34:07.0075 0x1c60  WwanSvc - ok
12:34:07.0106 0x1c60  [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbmdm6k     C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
12:34:07.0137 0x1c60  ZTEusbmdm6k - ok
12:34:07.0169 0x1c60  [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbnmea      C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
12:34:07.0184 0x1c60  ZTEusbnmea - ok
12:34:07.0184 0x1c60  [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbser6k     C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
12:34:07.0200 0x1c60  ZTEusbser6k - ok
12:34:07.0231 0x1c60  [ 731AEBADAB92257170D83230589A2FAC, DFC30EBF412B078CCEBD0DE7A75EB021953BB6CDFE3C57950D0743EA4BFE4AF0 ] {5eeb83d0-96ea-4249-942c-beead6847053}Gw64 C:\WINDOWS\system32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys
12:34:07.0247 0x1c60  {5eeb83d0-96ea-4249-942c-beead6847053}Gw64 - ok
12:34:07.0247 0x1c60  ================ Scan global ===============================
12:34:07.0294 0x1c60  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
12:34:07.0340 0x1c60  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
12:34:07.0387 0x1c60  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
12:34:07.0434 0x1c60  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
12:34:07.0434 0x1c60  [ Global ] - ok
12:34:07.0434 0x1c60  ================ Scan MBR ==================================
12:34:07.0450 0x1c60  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:34:07.0575 0x1c60  \Device\Harddisk0\DR0 - ok
12:34:07.0575 0x1c60  ================ Scan VBR ==================================
12:34:07.0575 0x1c60  [ 36E87CEB6825ED22593DDF658BF9715C ] \Device\Harddisk0\DR0\Partition1
12:34:07.0575 0x1c60  \Device\Harddisk0\DR0\Partition1 - ok
12:34:07.0606 0x1c60  [ B639FD34D60D8446DFC89D67C59C38E8 ] \Device\Harddisk0\DR0\Partition2
12:34:07.0622 0x1c60  \Device\Harddisk0\DR0\Partition2 - ok
12:34:07.0622 0x1c60  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
12:34:07.0622 0x1c60  \Device\Harddisk0\DR0\Partition3 - ok
12:34:07.0637 0x1c60  [ 0AD1958067CE237766A7DB0170DD9504 ] \Device\Harddisk0\DR0\Partition4
12:34:07.0637 0x1c60  \Device\Harddisk0\DR0\Partition4 - ok
12:34:07.0669 0x1c60  [ 6DE9ACE9E7EA6190A7DDB3BC535F1507 ] \Device\Harddisk0\DR0\Partition5
12:34:07.0700 0x1c60  \Device\Harddisk0\DR0\Partition5 - ok
12:34:07.0716 0x1c60  [ 1135611D35158181F9856605509CD68D ] \Device\Harddisk0\DR0\Partition6
12:34:07.0731 0x1c60  \Device\Harddisk0\DR0\Partition6 - ok
12:34:07.0747 0x1c60  [ 33FB7924E42BBA158A1ECC934CB00F93 ] \Device\Harddisk0\DR0\Partition7
12:34:07.0762 0x1c60  \Device\Harddisk0\DR0\Partition7 - ok
         


Alt 22.06.2016, 12:46   #6
Erthos
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



Teil2:
Code:
ATTFilter
12:34:07.0762 0x1c60  ================ Scan generic autorun ======================
12:34:07.0794 0x1c60  ETDCtrl - ok
12:34:08.0216 0x1c60  [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:34:08.0669 0x1c60  RTHDVCPL - ok
12:34:08.0763 0x1c60  [ DB45D01FB4379346A422C6739FF30723, FBBBDAE8127DE99B8BDFB931FA550139C536C78487542AADF545BD5748F19B76 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
12:34:08.0794 0x1c60  CanonSolutionMenu - ok
12:34:08.0872 0x1c60  [ B28AD85B8C199CB573621FCE54D7E19C, 42FFD67529592C5F349936C175E0C40E4E116E20B041042AB1E05FF164AEDD17 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
12:34:08.0935 0x1c60  CanonMyPrinter - ok
12:34:08.0966 0x1c60  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\WINDOWS\system32\igfxtray.exe
12:34:08.0982 0x1c60  IgfxTray - ok
12:34:08.0997 0x1c60  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\WINDOWS\system32\igfxpers.exe
12:34:09.0013 0x1c60  Persistence - ok
12:34:09.0060 0x1c60  [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
12:34:09.0075 0x1c60  iTunesHelper - ok
12:34:09.0138 0x1c60  [ 704A01D402F0275877E7FA1BB151D997, 585C8B31599FFF0EF9B1DF9FD63979E498D2A601497780E07706A99A359AB8B8 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
12:34:09.0169 0x1c60  BakupManagerTray - ok
12:34:09.0169 0x1c60  mcui_exe - ok
12:34:09.0232 0x1c60  [ 7AA219D7AEAA8BADCAC7853AE6AE3BD5, 018F85DCD9EB33DC775CCCB58B999A640B6F8FEF37898EA45600B433E77CF9AE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:34:09.0247 0x1c60  APSDaemon - ok
12:34:09.0310 0x1c60  [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
12:34:09.0325 0x1c60  ArcSoft Connection Service - ok
12:34:09.0357 0x1c60  IR_SERVER - ok
12:34:09.0388 0x1c60  [ C2CE42005E3381A95460876020518440, 562EB30DA9A1DB58DB221423177C0680E69A4C38EEE2D5FD936633B2EB8A616E ] C:\Program Files (x86)\QuickTime\QTTask.exe
12:34:09.0419 0x1c60  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
12:34:19.0483 0x1c60  QuickTime Task ( UnsignedFile.Multi.Generic ) - warning
12:34:21.0890 0x1c60  [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
12:34:21.0936 0x1c60  avgnt - ok
12:34:21.0999 0x1c60  [ 0F23636F5CC526F1B7CD1A749F173610, 75CC836AF8E6E2D505A696A9BEAF30AF0513695DB743B2920B66C2B0D11C5BAA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
12:34:22.0015 0x1c60  Avira SystrayStartTrigger - ok
12:34:22.0046 0x1c60  [ 84A459BB89031D7A662769E2EC73C930, A7FA9D2E60A5B9DEA08134DA3040A1E130148772D3D1D4C9AADF00E6909178FF ] C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
12:34:22.0061 0x1c60  UIExec - ok
12:34:22.0109 0x1c60  [ 0576B37CB84E42110130E267ED98BBDA, EDC954D788755E64E095B5DA18CC035E9F84A577E6E9E394059CA7BEFB33C4E0 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
12:34:22.0124 0x1c60  ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
12:34:24.0422 0x1c60  Detect skipped due to KSN trusted
12:34:24.0422 0x1c60  ProductUpdater - ok
12:34:24.0579 0x1c60  [ B5E3681782D33159AF28CFE2E0E3B9B2, 6E55DADEECD40232CFC2DEC117540A70D69F6075A5A10D9A1F250B2977F33385 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
12:34:24.0728 0x1c60  LogMeIn Hamachi Ui - ok
12:34:24.0779 0x1c60  [ C4FFD238884D74241C9DD3CD9BD1B5F7, AB6C54313A75BB7FF7FAEEC0CC6C4D67805AF89B0692DE2A112928C5F62763EA ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
12:34:24.0825 0x1c60  Cisco AnyConnect Secure Mobility Agent for Windows - ok
12:34:24.0875 0x1c60  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
12:34:24.0937 0x1c60  WAB Migrate - ok
12:34:25.0179 0x1c60  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
12:34:25.0365 0x1c60  Akamai NetSession Interface - ok
12:34:25.0431 0x1c60  Google Update - ok
12:34:25.0473 0x1c60  Skype - ok
12:34:25.0556 0x1c60  [ 79E89B3178AC191C2FFE65D075E7647D, 157A4D1CE683DAFCBA6547CB3268E235D06CE19B0ABD3D4736F6607CD92490C6 ] C:\ProgramData\class-58\class-8.exe
12:34:25.0582 0x1c60  class-57 - detected UnsignedFile.Multi.Generic ( 1 )
12:34:27.0892 0x1c60  class-57 ( UnsignedFile.Multi.Generic ) - warning
12:34:27.0892 0x1c60  Force sending object to P2P due to detect: C:\ProgramData\class-58\class-8.exe
12:34:30.0268 0x1c60  Object send P2P result: true
12:34:32.0662 0x1c60  [ CD4004CAB56EB92A0D205C8C9EAB8A89, 63E1B385F3035C9F9A8ED08FAB4664AB3BDB6D342CEFF9160385E3443E2473CA ] C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe
12:34:32.0684 0x1c60  analog-45 - detected UnsignedFile.Multi.Generic ( 1 )
12:34:35.0000 0x1c60  analog-45 ( UnsignedFile.Multi.Generic ) - warning
12:34:35.0000 0x1c60  Force sending object to P2P due to detect: C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe
12:34:46.0499 0x1c60  Object send P2P result: true
12:34:48.0835 0x1c60  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.17.264 ), 0x41010 ( enabled : outofdate )
12:34:48.0835 0x1c60  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
12:34:48.0839 0x1c60  Win FW state via NFP2: enabled ( trusted )
12:34:51.0169 0x1c60  ============================================================
12:34:51.0169 0x1c60  Scan finished
12:34:51.0169 0x1c60  ============================================================
12:34:51.0180 0x0f58  Detected object count: 3
12:34:51.0180 0x0f58  Actual detected object count: 3
12:35:08.0018 0x0f58  QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:08.0018 0x0f58  QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:35:08.0018 0x0f58  class-57 ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:08.0018 0x0f58  class-57 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:35:08.0033 0x0f58  analog-45 ( UnsignedFile.Multi.Generic ) - skipped by user
12:35:08.0033 0x0f58  analog-45 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Ich hoffe das sieht schlimmer aus, als es ist...

Und besten Dank für Deine Hilfe! :]

Alt 22.06.2016, 21:01   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



Hi,

Schritt 1

Bitte deinstalliere folgende Programme:

Security Utility


Versuche es bei Windows 8 mit der Windowstaste + X über .

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
    Klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
CloseProcesses:
HKLM-x32\...\Run: [LManager] => [X]
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [class-57] => C:\ProgramData\class-58\class-8.exe [476672 2016-06-22] (Red Line Software)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\RunOnce: [analog-45] => C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe [505344 2016-06-22] ()
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decibel-6.lnk [2016-06-21]
ShortcutTarget: decibel-6.lnk -> C:\Users\Vera\AppData\Roaming\decibel-28\decibel-5.exe (COBRA)
GroupPolicy: Beschränkung - Chrome 
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung 
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google: Beschränkung 
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Google: Beschränkung 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung 
URLSearchHook: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 - (Kein Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Keine Datei
BHO-x32: Gravity Space -> {8788dd2d-bed5-4071-8439-c822cef57bc8} -> C:\Program Files (x86)\Gravity Space\Extensions\8788dd2d-bed5-4071-8439-c822cef57bc8.dll => Keine Datei
2016-06-22 11:50 - 2016-06-22 11:50 - 00000000 ____D C:\ProgramData\kelvin-6
2016-06-22 11:48 - 2016-06-22 11:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\analog-1
2016-06-22 11:46 - 2016-06-22 11:46 - 00000000 ____D C:\ProgramData\class-58
2016-06-21 12:21 - 2016-06-21 12:21 - 00000000 ____D C:\Users\Vera\AppData\Roaming\decibel-28
2016-06-21 11:37 - 2016-06-21 12:23 - 00000000 ____D C:\ProgramData\ct
C:\ProgramData\ncli3f42.dat
Task: {08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20} - System32\Tasks\WordSpill => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe 
Task: {4BD91451-E5D0-44B0-BC66-CA629F52CFA6} - System32\Tasks\FileInspect => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe 
Task: {56D1C32C-601E-46D3-94C4-FDDD32C0C6DF} - System32\Tasks\RNKCKUYTBN1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe "
Task: {610E2F79-6BCC-476A-BA7D-A02C89B2F451} - System32\Tasks\WordWiz => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe 
Task: {62E6E7F0-46E8-4077-B4B3-BBA069067EE2} - System32\Tasks\EasyCite => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe 
Task: {912C5971-B1DE-471E-852F-76E5FB35C78C} - System32\Tasks\PhraseSmartifier => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe 
Task: {9613AC98-897D-400D-8ECF-E0E7781A2448} - System32\Tasks\InfoHider => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe 
Task: {A99F043E-634C-40F9-A6EE-2F4E90DE5FF7} - System32\Tasks\BoBrowser => C:\Users\Vera\AppData\Local\BoBrowser\Application\bobrowser.exe 
Task: {D133FAB6-652A-4BDA-9C0A-E35FBA3E9FF5} - \Run_Bobby_Browser -> Keine Datei 
Task: C:\WINDOWS\Tasks\EasyCite.job => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe 
Task: C:\WINDOWS\Tasks\FileInspect.job => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe 
Task: C:\WINDOWS\Tasks\InfoHider.job => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe 
Task: C:\WINDOWS\Tasks\PhraseSmartifier.job => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe 
C:\ProgramData\SecurityUtility
Task: C:\WINDOWS\Tasks\RNKCKUYTBN1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe 
Task: C:\WINDOWS\Tasks\WordSpill.job => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe 
Task: C:\WINDOWS\Tasks\WordWiz.job => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe 
File: C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\695e7e06\00901b68_b247cd01\PowerPointAddIn.DLL
File: "C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL"
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]
CreateRestorePoint:
EmptyTemp:
         
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Schritt 4

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 5



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 23.06.2016, 14:08   #8
Erthos
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



AdwCleaner:
Code:
ATTFilter
# AdwCleaner v5.200 - Bericht erstellt am 23/06/2016 um 11:38:42
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-22.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Vera - VERAS-PC
# Gestartet von : C:\Users\Vera\Desktop\AdwCleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
[-] Ordner gelöscht : C:\ProgramData\14566771537994078081
[-] Ordner gelöscht : C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb
[#] Ordner gelöscht : C:\ProgramData\Application Data\7b24ec7cc000461ebe26d116b88142c8
[#] Ordner gelöscht : C:\ProgramData\Application Data\14566771537994078081
[#] Ordner gelöscht : C:\ProgramData\Application Data\f4ec396c-3454-45dd-b141-69ee6db2debb
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Ordner gelöscht : C:\Program Files (x86)\eye perform
[-] Ordner gelöscht : C:\Users\Vera\AppData\Local\Temp\eye perform
[-] Ordner gelöscht : C:\Users\Vera\AppData\Local\Temp\Iminent
[-] Ordner gelöscht : C:\Users\Vera\AppData\Local\Temp\SmarterPower
[-] Ordner gelöscht : C:\Users\Vera\AppData\Local\globalUpdate

***** [ Dateien ] *****

[-] Datei gelöscht : C:\claraInstaller.txt
[-] Datei gelöscht : C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[#] Datei gelöscht : C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\startfenster.lnk
[-] Datei gelöscht : C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
[#] Datei gelöscht : C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\startfenster.lnk
[-] Datei gelöscht : C:\Users\Vera\Favorites\Startfenster.lnk
[#] Datei gelöscht : C:\Users\Vera\Favorites\startfenster.lnk
[-] Datei gelöscht : C:\Users\Vera\Favorites\Links\Startfenster.lnk
[#] Datei gelöscht : C:\Users\Vera\Favorites\Links\startfenster.lnk
[-] Datei gelöscht : C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] Datei gelöscht : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****

[-] Verknüpfung desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Professor Tim\Sierra Webseite.lnk
[-] Verknüpfung desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\3D Ultra RC Racers Deluxe\Sierra Webseite.lnk
[-] Verknüpfung desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\3D Ultra RC Racers Deluxe\WON.net Webseite.lnk

***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : Run_Bobby_Browser
[-] Geplante Aufgabe gelöscht : BoBrowser
[-] Geplante Aufgabe gelöscht : RNKCKUYTBN1
[-] Geplante Aufgabe gelöscht : RNKCKUYTBN1

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Schlüssel gelöscht : HKLM\SOFTWARE\42f6e9e5-3693-a3b0-6ff0-6683fc65b111
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel gelöscht : HKCU\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
[-] Schlüssel gelöscht : HKCU\Software\foxydeal
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\V9
[-] Schlüssel gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\foxydeal
[-] Schlüssel gelöscht : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Clara
[-] Schlüssel gelöscht : HKLM\SOFTWARE\delta-homesSoftware
[-] Schlüssel gelöscht : HKLM\SOFTWARE\hdcode
[-] Schlüssel gelöscht : HKLM\SOFTWARE\PicexaSvc
[-] Schlüssel gelöscht : HKLM\SOFTWARE\SecurityUtility
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\SecurityUtility
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\BetterDeals-11
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel gelöscht : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\BetterDeals-11
[-] Schlüssel gelöscht : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
[-] Schlüssel gelöscht : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [First Home Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten wiederhergestellt : HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten wiederhergestellt : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [First Home Page]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2C7D51A4-33DF-4526-A44F-34E61322EA22}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{36437782-15CF-4097-ABA2-39E22089CE35}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\start.iminent.com
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [13189 Bytes] - [23/06/2016 11:38:42]
C:\AdwCleaner\AdwCleaner[R0].txt - [15545 Bytes] - [28/12/2013 15:21:21]
C:\AdwCleaner\AdwCleaner[R1].txt - [1116 Bytes] - [28/12/2013 15:29:29]
C:\AdwCleaner\AdwCleaner[S0].txt - [14204 Bytes] - [28/12/2013 15:22:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [22369 Bytes] - [23/06/2016 11:36:03]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13558 Bytes] ##########
         
Fixlog:
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Vera (2016-06-23 11:48:52) Run:1
Gestartet von C:\Users\Vera\Desktop
Geladene Profile: UpdatusUser & Vera (Verfügbare Profile: UpdatusUser & Vera)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKLM-x32\...\Run: [LManager] => [X]
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [class-57] => C:\ProgramData\class-58\class-8.exe [476672 2016-06-22] (Red Line Software)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\RunOnce: [analog-45] => C:\Users\Vera\AppData\Roaming\analog-1\analog-6.exe [505344 2016-06-22] ()
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decibel-6.lnk [2016-06-21]
ShortcutTarget: decibel-6.lnk -> C:\Users\Vera\AppData\Roaming\decibel-28\decibel-5.exe (COBRA)
GroupPolicy: Beschränkung - Chrome 
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung 
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google: Beschränkung 
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Google: Beschränkung 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung 
URLSearchHook: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 - (Kein Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Keine Datei
BHO-x32: Gravity Space -> {8788dd2d-bed5-4071-8439-c822cef57bc8} -> C:\Program Files (x86)\Gravity Space\Extensions\8788dd2d-bed5-4071-8439-c822cef57bc8.dll => Keine Datei
2016-06-22 11:50 - 2016-06-22 11:50 - 00000000 ____D C:\ProgramData\kelvin-6
2016-06-22 11:48 - 2016-06-22 11:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\analog-1
2016-06-22 11:46 - 2016-06-22 11:46 - 00000000 ____D C:\ProgramData\class-58
2016-06-21 12:21 - 2016-06-21 12:21 - 00000000 ____D C:\Users\Vera\AppData\Roaming\decibel-28
2016-06-21 11:37 - 2016-06-21 12:23 - 00000000 ____D C:\ProgramData\ct
C:\ProgramData\ncli3f42.dat
Task: {08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20} - System32\Tasks\WordSpill => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe 
Task: {4BD91451-E5D0-44B0-BC66-CA629F52CFA6} - System32\Tasks\FileInspect => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe 
Task: {56D1C32C-601E-46D3-94C4-FDDD32C0C6DF} - System32\Tasks\RNKCKUYTBN1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe "
Task: {610E2F79-6BCC-476A-BA7D-A02C89B2F451} - System32\Tasks\WordWiz => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe 
Task: {62E6E7F0-46E8-4077-B4B3-BBA069067EE2} - System32\Tasks\EasyCite => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe 
Task: {912C5971-B1DE-471E-852F-76E5FB35C78C} - System32\Tasks\PhraseSmartifier => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe 
Task: {9613AC98-897D-400D-8ECF-E0E7781A2448} - System32\Tasks\InfoHider => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe 
Task: {A99F043E-634C-40F9-A6EE-2F4E90DE5FF7} - System32\Tasks\BoBrowser => C:\Users\Vera\AppData\Local\BoBrowser\Application\bobrowser.exe 
Task: {D133FAB6-652A-4BDA-9C0A-E35FBA3E9FF5} - \Run_Bobby_Browser -> Keine Datei 
Task: C:\WINDOWS\Tasks\EasyCite.job => c:\programdata\{7b6fea1c-e9cb-d135-7b6f-fea1ce9ca873}\140400179043216970e.exe 
Task: C:\WINDOWS\Tasks\FileInspect.job => c:\programdata\{17cbc5c1-e9e5-f826-17cb-bc5c1e9e1707}\3748220276188602595e.exe 
Task: C:\WINDOWS\Tasks\InfoHider.job => c:\programdata\{d1641143-4cc0-f25f-d164-411434cc450d}\6396033697557819698e.exe 
Task: C:\WINDOWS\Tasks\PhraseSmartifier.job => c:\programdata\{a32b674e-e3fd-16c2-a32b-b674ee3f9d3b}\421665687905044199e.exe 
C:\ProgramData\SecurityUtility
Task: C:\WINDOWS\Tasks\RNKCKUYTBN1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe 
Task: C:\WINDOWS\Tasks\WordSpill.job => c:\programdata\{c8666337-99b8-7d21-c866-6633799b8cde}\524393223613268404e.exe 
Task: C:\WINDOWS\Tasks\WordWiz.job => c:\programdata\{0e339c4e-f0a1-3902-0e33-39c4ef0a713b}\1188428227275535720e.exe 
File: C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\695e7e06\00901b68_b247cd01\PowerPointAddIn.DLL
File: "C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL"
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]
CreateRestorePoint:
EmptyTemp:
         
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => Wert erfolgreich entfernt
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Windows\CurrentVersion\Run\\class-57 => Wert nicht gefunden.
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\analog-45 => Wert nicht gefunden.
C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decibel-6.lnk => nicht gefunden.
C:\Users\Vera\AppData\Roaming\decibel-28\decibel-5.exe => nicht gefunden.
"C:\WINDOWS\system32\GroupPolicy\Machine" => nicht gefunden.
HKLM\SOFTWARE\Policies\Google => Schlüssel nicht gefunden. 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google => Schlüssel nicht gefunden. 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Google => Schlüssel nicht gefunden. 
"HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} => Wert nicht gefunden.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8788dd2d-bed5-4071-8439-c822cef57bc8}" => Schlüssel erfolgreich entfernt
"HKCR\Wow6432Node\CLSID\{8788dd2d-bed5-4071-8439-c822cef57bc8}" => Schlüssel erfolgreich entfernt
"C:\ProgramData\kelvin-6" => nicht gefunden.
"C:\Users\Vera\AppData\Roaming\analog-1" => nicht gefunden.
"C:\ProgramData\class-58" => nicht gefunden.
"C:\Users\Vera\AppData\Roaming\decibel-28" => nicht gefunden.
C:\ProgramData\ct => erfolgreich verschoben
C:\ProgramData\ncli3f42.dat => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08A7C61D-00E9-4E17-93DC-1DEA8EA5ED20}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\WordSpill => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordSpill" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BD91451-E5D0-44B0-BC66-CA629F52CFA6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BD91451-E5D0-44B0-BC66-CA629F52CFA6}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\FileInspect => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FileInspect" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56D1C32C-601E-46D3-94C4-FDDD32C0C6DF} => Schlüssel nicht gefunden. 
C:\WINDOWS\System32\Tasks\RNKCKUYTBN1 => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RNKCKUYTBN1 => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{610E2F79-6BCC-476A-BA7D-A02C89B2F451}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{610E2F79-6BCC-476A-BA7D-A02C89B2F451}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\WordWiz => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordWiz" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62E6E7F0-46E8-4077-B4B3-BBA069067EE2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62E6E7F0-46E8-4077-B4B3-BBA069067EE2}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\EasyCite => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyCite" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{912C5971-B1DE-471E-852F-76E5FB35C78C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{912C5971-B1DE-471E-852F-76E5FB35C78C}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\PhraseSmartifier => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhraseSmartifier" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9613AC98-897D-400D-8ECF-E0E7781A2448}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9613AC98-897D-400D-8ECF-E0E7781A2448}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\InfoHider => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\InfoHider" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A99F043E-634C-40F9-A6EE-2F4E90DE5FF7} => Schlüssel nicht gefunden. 
C:\WINDOWS\System32\Tasks\BoBrowser => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BoBrowser => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D133FAB6-652A-4BDA-9C0A-E35FBA3E9FF5} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser => Schlüssel nicht gefunden. 
C:\WINDOWS\Tasks\EasyCite.job => erfolgreich verschoben
C:\WINDOWS\Tasks\FileInspect.job => erfolgreich verschoben
C:\WINDOWS\Tasks\InfoHider.job => erfolgreich verschoben
C:\WINDOWS\Tasks\PhraseSmartifier.job => erfolgreich verschoben
"C:\ProgramData\SecurityUtility" => nicht gefunden.
C:\WINDOWS\Tasks\RNKCKUYTBN1.job => nicht gefunden.
C:\WINDOWS\Tasks\WordSpill.job => erfolgreich verschoben
C:\WINDOWS\Tasks\WordWiz.job => erfolgreich verschoben

========================= File: C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\695e7e06\00901b68_b247cd01\PowerPointAddIn.DLL ========================

Datei ist digital signiert
MD5: A8A06DAE9BEC0E30531AE81E0D344921
Erstellungs- und Änderungsdatum: 2016-06-20 20:35 - 2016-06-20 20:35
Größe: 0035472
Attribute: ----A
Firmenname: 
Interne Name: PowerPointAddIn.dll
Original Name: PowerPointAddIn.dll
Produkt: PowerPointAddIn
Beschreibung: PowerPointAddIn
Datei Version: 1.0.0.0
Produkt Version: 1.0.0.0
Urheberrecht: Copyright ©  2011

====== Ende von File: ======


========================= File: "C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL" ========================

Datei ist digital signiert
MD5: EBA646337DDE481FB0F0DC87DEA0532A
Erstellungs- und Änderungsdatum: 2016-05-15 01:16 - 2016-05-15 01:16
Größe: 0034960
Attribute: ----A
Firmenname: 
Interne Name: WordAddIn.dll
Original Name: WordAddIn.dll
Produkt: WordAddIn
Beschreibung: WordAddIn
Datei Version: 1.0.0.0
Produkt Version: 1.0.0.0
Urheberrecht: Copyright ©  2011

====== Ende von File: ======

C:\ProgramData\Temp => ":373E1720" ADS erfolgreich entfernt.
Wiederherstellungspunkt wurde erfolgreich erstellt.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45276039 B
Java, Flash, Steam htmlcache => 2226 B
Windows/system/drivers => 725822218 B
Edge => 0 B
Chrome => 193535340 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 139 B
LocalService => 8890250 B
NetworkService => 1173636 B
UpdatusUser => 0 B
Vera => 3917164284 B

RecycleBin => 0 B
EmptyTemp: => 4.6 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 11:51:03 ====
         
mbam.txt Teil1:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.06.2016
Suchlaufzeit: 12:13
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.06.23.02
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Vera

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 367097
Abgelaufene Zeit: 1 Std., 32 Min., 32 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 9
PUP.Optional.SnapDo, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [e6782fd16436e94d98811179748efd03], 
PUP.Optional.GravitySpace, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8788DD2D-BED5-4071-8439-C822CEF57BC8}, In Quarantäne, [144a6d939505d561cd0312797e84e21e], 
PUP.Optional.GravitySpace, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8788DD2D-BED5-4071-8439-C822CEF57BC8}, In Quarantäne, [144a6d939505d561cd0312797e84e21e], 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [5c02e719fe9cde58d12c1774d72bd828], 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [a7b7837dc3d749edb949fb91f40ea25e], 
PUP.Optional.GravitySpace, HKLM\SOFTWARE\WOW6432NODE\GravitySpace, In Quarantäne, [5905dc24cbcfc96d7998cdd3a55e1ee2], 
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64, In Quarantäne, [7be31ce49406fa3c64ee416d57ac39c7], 
PUP.Optional.ICinema, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\I - Cinema-nv-ie, In Quarantäne, [f767659b702a39fdbbd5059cb84b5ca4], 
PUP.Optional.CrossRider, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4B93A81-33E6-415E-85EF-DCA9BCC2C963}, In Quarantäne, [302e6a9652484cea16931f7bd33053ad], 

Registrierungswerte: 2
PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, In Quarantäne, [382634cce9b1d36374b8cdc0cb383cc4]
PUP.Optional.CrossRider, HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E4B93A81-33E6-415E-85EF-DCA9BCC2C963}|AppName, Plus-HD-4.8-enabler.exe-buttonutil.exe, In Quarantäne, [302e6a9652484cea16931f7bd33053ad]

Registrierungsdaten: 7
PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[441a19e79efc0c2a63f8eb8037cdbd43]
PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[055916ea108a3df9411a14572cd8aa56]
PUP.Optional.V9.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w, Gut: (www.google.com), Schlecht: (hxxp://www.v9.com?type=hp&ts=1434359636&from=mych123&uid=wdcxwd5000lpvt-22g33t0_wd-wx71c326327563275&z=1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w),Ersetzt,[4717db25623836004e3a0d5e976dfe02]
PUP.Optional.V9.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|First Home Page, hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=httpSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]AGut: (www.google.com)FGut: (www.google.com)Fwww.v9.comSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]FtypeSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dhp%26tsSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D1434359636%26fromSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dmych123%26uidSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dwdcxwd5000lpvtGut: (www.google.com)D22g33t0%5FwdGut: (www.google.com)Dwx71c326327563275%26zSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=httpSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]AGut: (www.google.com)FGut: (www.google.com)Fwww.v9.comGut: (www.google.com)FwebSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]FtypeSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dds%26tsSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D1434359636%26fromSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dzzgbkk123%26uidSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]Dwdcxwd5000lpvtGut: (www.google.com)D22g33t0%5FwdGut: (www.google.com)Dwx71c326327563275%26zSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26qSchlecht: (hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.v9.com%3Ftype%3Dhp%26ts%3D1434359636%26from%3Dmych123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w&OSP=http%3A%2F%2Fwww.v9.com%2Fweb%3Ftype%3Dds%26ts%3D1434359636%26from%3Dzzgbkk123%26uid%3Dwdcxwd5000lpvt%2D22g33t0%5Fwd%2Dwx71c326327563275%26z%3D1acbbd8f2d3317a875f87e0g2z8cbz4c5w1t6qcc7w%26q%3D%7BsearchTerms%7D),Ersetzt,[16480af60d8d79bddbadbbb059ab18e8]D%7BsearchTerms%7D, %4, %5
PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[f866a8585248b680a7b57af130d443bd]
PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[5905cd33c5d5a98d9fbd3536778df010]
PUP.Optional.SafeFinder.ShrtCln, HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880Sv7sAtbkRqk2nM_zupkMETDlI1v03stIQpSPzUdap0N_DWJb-5DfzPudiDN3pvvC7yYspTv3ee4b5-cmD9uFLMx1UCZyrksMAw-lgTauQSw6sqRexWyTx5zeCHOfAMwn0tXMInSLbp2tX5cjrLWtgLxMAgWU6rNoM5jeOPOg,,&q={searchTerms}),Ersetzt,[e17dd62ae9b1191d2a34f5761de715eb]

Ordner: 279
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [e17d9b659ffbc175557eb7dc49b9b24e], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ar, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\bg, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ca, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\cs, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\da, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\de, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\el, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\en_GB, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\en_US, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\es, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\es_419, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\et, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\eu, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fi, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fil, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fr, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\he, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hi, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hr, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hu, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\id, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\it, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ja, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ko, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\lt, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\lv, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ms, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\nl, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\no, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pl, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pt_BR, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pt_PT, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ro, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ru, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sk, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sl, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sr, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sv, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\th, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\tr, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\uk, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\vi, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\zh_CN, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\zh_TW, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_metadata, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ar, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\bg, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ca, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\cs, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\da, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\de, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\el, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\en, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\es, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fi, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fil, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fr, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\he, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hi, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hr, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hu, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\id, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\it, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ja, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ko, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\lt, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\lv, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\nl, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\no, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pl, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pt_BR, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pt_PT, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ro, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ru, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sk, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sl, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sr, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sv, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\th, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\tr, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\uk, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\vi, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\zh_CN, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\zh_TW, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_metadata, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\features, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\fonts, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\id, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ar, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\bg, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\bn, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ca, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\cs, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\da, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\de, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\el, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\en_GB, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\en_US, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\es, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\es_419, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\et, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fa, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fi, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fil, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fr, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\gu, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\he, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hi, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hr, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hu, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\it, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ja, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ko, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\lt, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\lv, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ml, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ms, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\nb, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\nl, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pl, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pt_BR, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pt_PT, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ro, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ru, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sk, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sl, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sr, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sv, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sw, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ta, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\te, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\th, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\tr, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\uk, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\vi, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\zh_CN, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\zh_TW, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_metadata, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\ar, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\bg, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\ca, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\cs, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\da, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\de, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\el, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en_GB, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en_US, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\es, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\es_419, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\et, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fi, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fil, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fr, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\he, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hi, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hr, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hu, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_metadata, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\_metadata, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\button, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ar, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\bg, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ca, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\cs, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\da, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\de, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\el, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\en, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\es, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\fi, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\fr, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\gu, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\he, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\hr, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\hu, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\id, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\it, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ja, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\nb, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\nl, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pl, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pt_BR, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pt_PT, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ro, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ru, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sk, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sl, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sr, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sv, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\te, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\tr, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\uk, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\vi, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\zh_CN, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\zh_TW, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_metadata, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ar, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\bg, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ca, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\cs, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\da, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\de, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\el, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\en, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\es, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fi, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fil, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fr, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hi, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hr, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hu, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\id, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\it, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ja, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ko, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\lt, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\lv, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\nl, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\no, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pl, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pt_BR, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pt_PT, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ro, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ru, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\se, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sk, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sl, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sr, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\th, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\tr, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\uk, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\vi, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\zh_CN, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\zh_TW, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_metadata, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce],
         

Alt 23.06.2016, 14:11   #9
Erthos
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



mbam.txt Teil2:
Code:
ATTFilter
Dateien: 527
PUP.Optional.BrowseFox, C:\WINDOWS\SYSTEM32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys, Löschen bei Neustart, [731aebadab92257170d83230589a2fac], 
PUP.Optional.APNToolBar, C:\Users\Vera\Downloads\YTD471Setup.exe, In Quarantäne, [164829d7762462d4290c69c03dc4f30d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\manifest.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\128.png, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ar\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\bg\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ca\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\cs\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\da\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\de\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\el\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\en_GB\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\en_US\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\es\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\es_419\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\et\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\eu\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fi\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fil\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\fr\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\he\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hi\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hr\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\hu\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\id\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\it\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ja\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ko\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\lt\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\lv\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ms\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\nl\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\no\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pl\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pt_BR\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\pt_PT\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ro\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\ru\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sk\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sl\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sr\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\sv\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\th\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\tr\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\uk\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\vi\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\zh_CN\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_locales\zh_TW\messages.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_1\_metadata\verified_contents.json, In Quarantäne, [9fbf1ce4623810265b43b3e209fbf709], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\manifest.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\128.png, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ar\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\bg\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ca\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\cs\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\da\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\de\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\el\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\en\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\es\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fi\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fil\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\fr\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\he\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hi\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hr\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\hu\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\id\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\it\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ja\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ko\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\lt\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\lv\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\nl\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\no\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pl\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pt_BR\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\pt_PT\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ro\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\ru\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sk\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sl\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sr\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\sv\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\th\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\tr\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\uk\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\vi\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\zh_CN\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_locales\zh_TW\messages.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\_metadata\verified_contents.json, In Quarantäne, [ec7208f80e8cb185831b4c497a8a2fd1], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\manifest.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\managed-storage-schema.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\background.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\block.html, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\block.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\firstRun.html, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\firstRun.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\i18n.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\include.postload.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\include.preload.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\messageResponder.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\notification.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\options.html, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\options.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\popup.html, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\popup.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\popupBlocker.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\stats.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\subscriptions.xml, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\utils.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\webrequest.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext\background.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext\common.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext\content.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\ext\popup.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-critical-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-16.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-critical-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-notification-information-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-19-whitelisted-notification-information-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-32.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-critical.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-notification-information.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-critical-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-1.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-2.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-3.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-4.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-5.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-6.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-7.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-8.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted-notification-information-9.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38-whitelisted.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\abp-38.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed\abp-128.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed\abp-32.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed\abp-48.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\icons\detailed\abp-64.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\jquery-ui-1.8.16.custom.css, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_flat_0_aaaaaa_40x100.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_flat_75_ffffff_40x100.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_55_fbf9ee_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_65_ffffff_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_dadada_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_e6e6e6_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_95_fef1ec_1x400.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-bg_highlight-soft_75_cccccc_1x100.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_222222_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_2e83ff_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_454545_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_888888_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\css\smoothness\images\ui-icons_cd0a0a_256x240.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\js\jquery-1.7.1.min.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\jquery-ui\js\jquery-ui-1.8.16.custom.min.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\adblockplus.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\compat.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\info.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\jsbn.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\publicSuffixList.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\punycode.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\rsa.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\lib\sha1.js, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\ajax-loader.gif, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\background-main.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\background-share.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\background.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\donate.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\firstRun.css, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\popup.css, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\popup.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\features\malware.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\features\social.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\features\tracking.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\fonts\CreteRound-Italic.otf, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\fonts\CreteRound-Regular.otf, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\facebook.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\googleplus.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\renren.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\twitter.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\social\weibo.png, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\id\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ar\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\bg\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\bn\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ca\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\cs\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\da\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\de\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\el\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\en_GB\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\en_US\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\es\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\es_419\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\et\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fa\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fi\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fil\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\fr\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\gu\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\he\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hi\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hr\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\hu\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\it\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ja\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ko\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\lt\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\lv\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ml\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ms\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\nb\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\nl\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pl\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pt_BR\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\pt_PT\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ro\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ru\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sk\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sl\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sr\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sv\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\sw\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\ta\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\te\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\th\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\tr\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\uk\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\vi\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\zh_CN\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_locales\zh_TW\messages.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_metadata\computed_hashes.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\_metadata\verified_contents.json, In Quarantäne, [8ad4b24e564483b336686035966e936d], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\manifest.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\128.png, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\16.png, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\32.png, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\48.png, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\ar\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\bg\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\ca\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\cs\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\da\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\de\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\el\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en_GB\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\en_US\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\es\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\es_419\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\et\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fi\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fil\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\fr\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\he\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hi\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hr\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_locales\hu\messages.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\_metadata\verified_contents.json, In Quarantäne, [1747f7091b7f4fe73668b3e246be8977], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\manifest.json, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Background.html, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\background.js, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\ContentOnDocStart.js, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\ContentScript.js, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\popup.html, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\popup.js, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\128.png, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_black.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_black_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_black_small.GIF, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_cashback.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_cashback_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_disabled.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_green.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_green_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_grey.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_grey_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_hs.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_hs_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_red.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_red_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_yellow.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\Resources\button_yellow_lock.gif, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\_metadata\computed_hashes.json, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_1\_metadata\verified_contents.json, In Quarantäne, [213d0af6dbbfde58a5f92c690afa40c0], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\manifest.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\adblock_start_chrome.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\adblock_start_common.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\background.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\bandaids.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\CHANGELOG.txt, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\checkupdates.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\chrome_oauth_receiver.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\chrome_oauth_receiver.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\dropbox-datastores.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\functions.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\gab_question.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\idlehandler.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\LICENSE, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\notificationoverlay.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\port.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\punycode.min.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\README.markdown, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\stats.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\survey.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\translators.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\ytchannel.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\button\popup.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\button\popup.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\button\popup.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\domainset.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\filternormalizer.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\filteroptions.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\filterset.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\filtertypes.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\filtering\myfilters.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\delete.gif, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\dropbox1.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\dropbox2.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\dropbox3.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\facebook-sprite.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\gifloader.gif, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\gplus-sprite.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon128.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon16.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon16_grayscale.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon16_grayscale@2x.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon19-grayscale.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon19-whitelisted.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon19.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon24.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon32.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon38-grayscale.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon38-whitelisted.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon38.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\icon48.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\logo.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\twitter-sprite.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\check.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a],
         

Alt 23.06.2016, 14:23   #10
Erthos
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



mbam.txt Teil3:
Code:
ATTFilter
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\magnifying_glass.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\search-engine-card_no-shadow.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\search-engine-icons.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\search-omnibox-card_no-shadow.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\img\search\search_engine_select_arrow.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\jquery-ui.custom.min.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\jquery.cookie.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\jquery.min.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\jquery-ui.custom.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\override-page.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_flat_55_999999_40x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_flat_75_aaaaaa_40x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_glass_45_0078ae_1x400.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_glass_55_f8da4e_1x400.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_glass_75_79c9ec_1x400.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_gloss-wave_50_38cfff_500x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_gloss-wave_75_2191c0_500x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-bg_inset-hard_100_fcfdfd_1x100.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-icons_056b93_256x240.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\jquery\css\images\ui-icons_d8e7f3_256x240.png, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\customize.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\customize.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\filters.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\filters.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\general.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\general.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\index.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\index.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\options.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\support.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\options\support.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\adreport.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\adreport.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\resourceblock.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\resourceblock.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\subscribe.css, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\subscribe.html, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\pages\subscribe.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\load_jquery_ui.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\send_content_to_back.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\top_open_blacklist_ui.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\top_open_whitelist_ui.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\blacklistui.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\clickwatcher.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\elementchain.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\overlay.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\uiscripts\blacklisting\rightclick_hook.js, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ar\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\bg\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ca\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\cs\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\da\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\de\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\el\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\en\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\es\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\fi\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\fr\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\gu\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\he\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\hr\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\hu\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\id\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\it\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ja\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\nb\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\nl\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pl\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pt_BR\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\pt_PT\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ro\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\ru\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sk\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sl\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sr\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\sv\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\te\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\tr\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\uk\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\vi\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\zh_CN\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_locales\zh_TW\messages.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_metadata\computed_hashes.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\_metadata\verified_contents.json, In Quarantäne, [85d952ae970381b5a7f76b2a33d1b64a], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\manifest.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\128.png, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ar\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\bg\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ca\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\cs\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\da\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\de\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\el\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\en\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\es\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fi\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fil\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\fr\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hi\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hr\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\hu\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\id\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\it\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ja\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ko\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\lt\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\lv\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\nl\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\no\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pl\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pt_BR\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\pt_PT\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ro\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\ru\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\se\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sk\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sl\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\sr\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\th\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\tr\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\uk\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\vi\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\zh_CN\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_locales\zh_TW\messages.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 
PUP.Optional.HijackModifiedExtension, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\_metadata\verified_contents.json, In Quarantäne, [f26c7f81772342f4e4ba9cf92ed632ce], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
FRST-Log:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
durchgeführt von Vera (Administrator) auf VERAS-PC (23-06-2016 14:13:25)
Gestartet von C:\Users\Vera\Desktop
Geladene Profile: UpdatusUser & Vera (Verfügbare Profile: UpdatusUser & Vera)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-01-28] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-14] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-06-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [156448 2012-05-04] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-11-23] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [766464 2016-02-29] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Vera\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Google Update] => "C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Run: [hardness-81] => C:\ProgramData\hardness-2\hardness-9.exe [441344 2016-06-23] (Лаборатория Касперского)
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\RunOnce: [receiver-7] => C:\Users\Vera\AppData\Roaming\receiver-31\receiver-16.exe [504320 2016-06-23] ()
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {2ab3442b-78c5-11e5-801a-b888e359abb6} - "E:\AutoRun.exe" 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {736f669c-3581-11e3-bf6a-b888e359abb6} - "E:\AutoRun.exe" 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\MountPoints2: {736f672e-3581-11e3-bf6a-b888e359abb6} - "E:\AutoRun.exe" 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2016-06-23]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\homerf-0.lnk [2016-06-23]
ShortcutTarget: homerf-0.lnk -> C:\Users\Vera\AppData\Roaming\homerf-6\homerf-89.exe (COBRA)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2016-06-23]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 129.206.100.126 129.206.210.127
Tcpip\..\Interfaces\{FC7B690A-ABE8-4FEF-9430-9736C44DA543}: [DhcpNameServer] 129.206.100.126 129.206.210.127

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002 -> ist aktiviert.

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vera\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4105031019-3425876013-4116755172-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-02-09] ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs Offline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-06-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-06-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-15] (Dritek System INC.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [274208 2012-05-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-06-04] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R1 inpoutx64; C:\Windows\System32\drivers\inpoutx64.sys [15008 2016-03-08] (Highresolution Enterprises [www.highrez.co.uk])
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
R0 PRTDRV; C:\Windows\System32\Drivers\PRTDRV.sys [33640 2012-06-15] (Psychology Software Tools)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-15] (Dritek System Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2015-02-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-23 14:02 - 2016-06-23 14:02 - 00199094 _____ C:\Users\Vera\Desktop\mbam.txt
2016-06-23 13:46 - 2016-06-23 13:46 - 00000000 ____D C:\ProgramData\current-2
2016-06-23 12:43 - 2016-06-23 12:43 - 00000000 ____D C:\ProgramData\hardness-2
2016-06-23 12:24 - 2016-06-23 12:24 - 00000000 ____D C:\Users\Vera\AppData\Roaming\homerf-6
2016-06-23 12:10 - 2016-06-23 14:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-23 12:09 - 2016-06-23 13:58 - 00000707 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-23 12:09 - 2016-06-23 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-23 12:09 - 2016-06-23 12:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-23 12:09 - 2016-06-23 12:09 - 00000000 ____D C:\ Malwarebytes Anti-Malware 
2016-06-23 12:09 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-23 12:09 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-23 12:09 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-23 12:03 - 2016-06-23 12:06 - 22851472 _____ (Malwarebytes ) C:\Users\Vera\Desktop\mbam-setup-2.2.1.1043.exe
2016-06-23 11:48 - 2016-06-23 12:23 - 00000000 ____D C:\ProgramData\ct
2016-06-23 11:48 - 2016-06-23 11:51 - 00012765 _____ C:\Users\Vera\Desktop\Fixlog.txt
2016-06-23 11:34 - 2016-06-23 12:24 - 00000000 ____D C:\Users\Vera\AppData\Roaming\microamp-1
2016-06-23 11:32 - 2016-06-23 11:32 - 00000000 ____D C:\Users\Vera\Desktop\RevoUninstallerPortable
2016-06-23 11:31 - 2016-06-23 11:32 - 02785665 _____ (PortableApps.com) C:\Users\Vera\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2016-06-23 11:30 - 2016-06-23 11:30 - 00000000 ____D C:\Users\Vera\AppData\Roaming\receiver-31
2016-06-23 11:25 - 2016-06-23 11:30 - 03703360 _____ C:\Users\Vera\Desktop\AdwCleaner_5.200.exe
2016-06-22 12:31 - 2016-06-22 14:46 - 00245766 _____ C:\TDSSKiller.3.1.0.9_22.06.2016_12.31.54_log.txt
2016-06-22 12:31 - 2016-06-22 12:31 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Vera\Desktop\tdsskiller.exe
2016-06-22 11:51 - 2016-06-22 11:53 - 00060058 _____ C:\Users\Vera\Desktop\Addition.txt
2016-06-22 11:49 - 2016-06-23 14:13 - 00021874 _____ C:\Users\Vera\Desktop\FRST.txt
2016-06-22 11:49 - 2016-06-23 14:13 - 00000000 ____D C:\FRST
2016-06-22 11:48 - 2016-06-22 11:48 - 02387456 _____ (Farbar) C:\Users\Vera\Desktop\FRST64.exe
2016-06-21 17:47 - 2016-06-21 17:47 - 00029134 _____ C:\Users\Vera\Documents\Ereignisse.txt
2016-06-21 17:46 - 2016-06-21 17:47 - 00029134 _____ C:\Users\Vera\Desktop\Ereignisse.txt
2016-06-17 15:18 - 2016-06-17 15:18 - 00036663 _____ C:\Users\Vera\Downloads\learningpathsbachelorspsychologyradboud_20162017.pdf
2016-06-14 11:20 - 2016-06-14 11:20 - 00080896 _____ C:\Users\Vera\Downloads\Fachdidaktik_SoSe2015.xls
2016-06-06 13:18 - 2016-06-06 13:18 - 00041444 _____ C:\Users\Vera\Downloads\Tsvgg_Beitragsordnung_2015.pdf
2016-06-04 17:25 - 2016-06-04 17:25 - 00033415 _____ C:\Users\Vera\Downloads\Frauen Vortest Seiler.sav
2016-06-03 17:05 - 2016-06-03 17:05 - 00000000 ____D C:\Users\Vera\Documents\IBM
2016-06-03 17:00 - 2016-06-03 17:00 - 00000000 ____D C:\ProgramData\IBM
2016-06-03 16:53 - 2016-06-03 16:53 - 00000000 ____D C:\Program Files (x86)\IBM
2016-06-03 16:45 - 2016-03-03 09:59 - 856246096 _____ (IBM Corp) C:\Users\Vera\Desktop\SPSS_Statistics_24_win32.exe
2016-06-01 19:44 - 2016-06-01 19:45 - 00957112 _____ (Microsoft Corporation) C:\Users\Vera\Downloads\SaveAsPDFandXPS.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-23 14:06 - 2015-07-18 13:55 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core.job
2016-06-23 14:03 - 2012-11-17 15:16 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4105031019-3425876013-4116755172-1002
2016-06-23 14:00 - 2015-10-04 01:48 - 00000000 ____D C:\Users\Vera\AppData\Roaming\Skype
2016-06-23 13:59 - 2015-01-24 20:19 - 00000000 ____D C:\Users\Vera\AppData\Local\LogMeIn Hamachi
2016-06-23 13:59 - 2014-07-31 03:32 - 00000000 __RDO C:\Users\Vera\OneDrive
2016-06-23 13:58 - 2016-04-28 16:15 - 00001182 _____ C:\Users\Public\Desktop\Inquisit 5.lnk
2016-06-23 13:58 - 2016-04-26 18:53 - 00001325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-06-23 13:58 - 2016-04-26 18:52 - 00001478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-06-23 13:58 - 2016-04-26 18:51 - 00002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-06-23 13:58 - 2016-04-26 14:37 - 00000968 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64 bits.lnk
2016-06-23 13:58 - 2016-01-17 18:01 - 00001763 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-23 13:58 - 2015-12-11 18:30 - 00001338 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-06-23 13:58 - 2015-11-13 15:21 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-23 13:58 - 2015-11-13 15:21 - 00002193 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-23 13:58 - 2015-11-11 15:57 - 00001975 _____ C:\Users\Public\Desktop\Citavi 5.lnk
2016-06-23 13:58 - 2015-10-22 16:08 - 00001987 _____ C:\Users\Public\Desktop\1&1 Surf-Stick.lnk
2016-06-23 13:58 - 2015-07-29 15:06 - 00001232 _____ C:\Users\Public\Desktop\Icecream Media Converter.lnk
2016-06-23 13:58 - 2014-08-17 01:04 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-06-23 13:58 - 2014-07-31 03:01 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-23 13:58 - 2014-01-06 19:03 - 00001394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-06-23 13:58 - 2013-12-07 21:30 - 00000923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-06-23 13:58 - 2013-03-23 19:31 - 00000940 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-06-23 13:58 - 2012-12-28 14:54 - 00002003 _____ C:\Users\Public\Desktop\TotalMedia 3.5.lnk
2016-06-23 13:58 - 2012-11-21 20:11 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-06-23 13:58 - 2012-11-21 20:11 - 00002017 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-06-23 13:58 - 2012-08-15 21:25 - 00001685 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer User's Manual.lnk
2016-06-23 13:58 - 2012-08-15 21:25 - 00001667 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Quick Guide.lnk
2016-06-23 13:57 - 2016-05-19 09:42 - 00001690 _____ C:\Users\Vera\Desktop\Notizen.lnk
2016-06-23 13:57 - 2016-05-19 09:24 - 00001690 _____ C:\Users\Vera\Desktop\Word.lnk
2016-06-23 13:57 - 2016-04-28 10:49 - 00002323 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-23 13:57 - 2014-10-06 21:25 - 00001089 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2016-06-23 13:57 - 2014-07-31 03:26 - 00001458 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-23 13:57 - 2014-07-31 02:50 - 00000469 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-06-23 13:57 - 2014-07-31 02:50 - 00000467 _____ C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-06-23 13:57 - 2013-12-07 21:30 - 00000911 _____ C:\Users\Vera\Desktop\Audacity.lnk
2016-06-23 13:57 - 2012-11-21 13:29 - 00000355 _____ C:\Users\Vera\Desktop\Computer.lnk
2016-06-23 13:56 - 2015-11-13 15:20 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-23 13:56 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-23 13:55 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-06-23 13:55 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-23 13:49 - 2015-12-04 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2016-06-23 13:44 - 2015-11-13 15:20 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-23 12:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-23 12:28 - 2014-03-18 12:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-23 12:28 - 2014-03-18 11:25 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-23 12:28 - 2014-03-18 11:25 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-23 12:28 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-23 11:38 - 2015-07-25 12:28 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-23 11:38 - 2015-06-11 21:07 - 00000000 ____D C:\WINDOWS\system32\log
2016-06-23 11:38 - 2013-12-28 15:21 - 00000000 ____D C:\AdwCleaner
2016-06-21 21:12 - 2015-07-18 13:55 - 00000000 ____D C:\Users\Vera\AppData\Local\Deployment
2016-06-21 17:35 - 2015-07-31 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-21 17:28 - 2013-12-20 18:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 14:36 - 2016-03-14 12:31 - 00000000 ____D C:\Users\Vera\AppData\Local\Microsoft Help
2016-06-21 14:32 - 2016-04-26 14:37 - 00000000 ____D C:\Users\Vera\AppData\Roaming\avidemux
2016-06-21 13:56 - 2013-10-15 21:38 - 00000000 ____D C:\Users\Vera\Desktop\UNI Stuttgart
2016-06-21 12:34 - 2013-12-06 22:30 - 00000000 ____D C:\Users\Vera\AppData\Roaming\vlc
2016-06-21 11:46 - 2015-07-31 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-19 23:29 - 2012-11-21 14:22 - 00000000 ____D C:\Users\Vera\Documents\Story
2016-06-19 22:01 - 2015-12-18 23:16 - 00008628 _____ C:\Users\Vera\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2016-06-15 11:14 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-10 20:55 - 2015-10-04 01:47 - 00000000 ____D C:\ProgramData\Skype
2016-06-10 20:54 - 2016-01-15 16:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-10 19:22 - 2013-12-06 22:31 - 00000000 ____D C:\Users\Vera\AppData\Roaming\dvdcss
2016-06-06 12:13 - 2014-01-10 19:56 - 00006656 _____ C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-04 17:17 - 2015-07-31 17:27 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-04 17:17 - 2015-07-31 17:27 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-03 17:00 - 2014-07-31 02:50 - 00000000 ____D C:\Users\Vera
2016-06-03 16:59 - 2015-12-09 14:08 - 00000000 ____D C:\Users\Vera\AppData\Local\javasharedresources
2016-06-03 16:51 - 2015-12-04 20:50 - 00000219 _____ C:\WINDOWS\SysWOW64\lsprst7.tgz
2016-06-03 16:51 - 2015-12-04 20:50 - 00000205 _____ C:\WINDOWS\SysWOW64\lsprst7.dll
2016-06-03 16:51 - 2015-12-04 20:50 - 00000016 ____H C:\WINDOWS\SysWOW64\servdat.slm
2016-06-01 19:45 - 2015-01-19 16:18 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-06-01 16:58 - 2013-01-03 13:33 - 00000000 ____D C:\Users\Vera\Downloads\Bank
2016-05-29 10:58 - 2016-04-26 18:47 - 00003178 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4105031019-3425876013-4116755172-1002
2016-05-27 15:39 - 2013-07-16 22:33 - 00000000 ____D C:\Users\Vera\Desktop\Veras Zeug

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-26 15:18 - 2015-07-29 15:44 - 0000024 _____ () C:\Users\Vera\AppData\Roaming\appdataFr25.bin
2015-12-18 23:16 - 2016-06-19 22:01 - 0008628 _____ () C:\Users\Vera\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-01-10 19:56 - 2016-06-06 12:13 - 0006656 _____ () C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-05 19:55 - 2016-04-05 19:55 - 0001477 _____ () C:\Users\Vera\AppData\Local\recently-used.xbel
2015-07-16 18:36 - 2015-07-16 18:36 - 0000000 _____ () C:\Users\Vera\AppData\Local\Temp.dat

Einige Dateien in TEMP:
====================
C:\Users\Vera\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-21 22:59

==================== Ende von FRST.txt ============================
         
Addition-Log:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Vera (2016-06-23 14:14:29)
Gestartet von C:\Users\Vera\Desktop
Windows 8.1 (Update) (X64) (2014-07-31 01:26:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4105031019-3425876013-4116755172-500 - Administrator - Disabled)
Gast (S-1-5-21-4105031019-3425876013-4116755172-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-4105031019-3425876013-4116755172-1001 - Limited - Enabled) => C:\Users\UpdatusUser
Vera (S-1-5-21-4105031019-3425876013-4116755172-1002 - Administrator - Enabled) => C:\Users\Vera

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Abe's Oddysee (HKLM-x32\...\Abe's Oddysee) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Reader XI (11.0.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.307 - ArcSoft)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{761cd2c4-5249-4346-8318-a499d06d2681}) (Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version:  - )
Canon iP2600 series Benutzerregistrierung (HKLM-x32\...\Canon iP2600 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.14018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.14018 - Cisco Systems, Inc.) Hidden
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D.Radio (HKLM-x32\...\{213E2CCF-8265-444F-A6CA-40BD946A8D4A}) (Version: 1.1.5 - Geniatech)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Die Sims™ 2: Glamour-Accessoires (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version:  - )
EA SPORTS online 2004 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version:  - )
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden
E-Prime 2.0 (2.0.8.90) (HKLM-x32\...\{77C74D8A-2014-4107-BE3F-DF879A443E0B}) (Version: 2.0.08090 - Psychology Software Tools, Inc.)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
FIFA 2004 (HKLM-x32\...\{782DDB70-3DF4-4366-00BF-E3767BCD173B}) (Version:  - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeMat (HKLM-x32\...\FreeMat) (Version: 4.2 - Humanity)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Genius Biologie Demoversion (remove only) (HKLM-x32\...\Genius Biologie Demoversion) (Version:  - )
Genius Physik (remove only) (HKLM-x32\...\Genius Physik) (Version:  - )
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.8.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Harry Potter und der Gefangene von Askaban(TM) (HKLM-x32\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version:  - )
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
IBM SPSS Statistics 24 (HKLM-x32\...\{4762AE15-E5A3-43BF-8822-1CFC70FB147A}) (Version: 24.0.0.0 - IBM Corp)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Inkscape 0.48.5 (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\Inkscape) (Version: 0.48.5 - )
Inquisit 5 (HKLM-x32\...\Inquisit 5 5.0.1) (Version: 5.0.1 - Millisecond Software)
Inquisit 5 (Version: 5.0.1 - Millisecond Software) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kinovea (HKLM-x32\...\Kinovea) (Version: 0.8.15 - Kinovea)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.3 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyoResearch XP Master 1.08.27 (HKLM-x32\...\MyoResearch XP Master 1.08.27) (Version: Master 1.08 - Noraxon U.S.A. Inc.)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3102 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version:  - )
ScenalyzerLive (entfernen) (HKLM-x32\...\ScenalyzerLive) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
TotalMedia Setup (HKLM-x32\...\{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}) (Version: 1.00.0000 - Conexant)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warcraft II BNE (HKLM-x32\...\Warcraft II BNE) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4105031019-3425876013-4116755172-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Vera\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {17E4CA9F-25FD-494E-BB74-B84A209FCA12} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {37660E5E-8A00-4829-B992-ECD0A5F396C9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002UA => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {5031E43D-8433-478B-ADEF-ED7A3609D51E} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {5A090A2A-1532-41D9-B014-D1DAA9FE16FE} - System32\Tasks\{7B191E72-26D1-4676-A94A-49D7D0D747F6} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {6CB76679-0DA2-425F-9125-9EEB99CF1CDF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {7879C2EC-5773-4BAC-AE6A-A70CB56758E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.)
Task: {98CEFDC9-4187-453C-A3B4-C49FB9152592} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {A8701A53-BDEB-4875-AD33-424591258A36} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4105031019-3425876013-4116755172-1002 => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-29] (Microsoft Corporation)
Task: {A8943ACC-07D9-4B3F-B0C4-92CB380090D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {A915BF41-31C2-42E4-BD22-01E939E09DE2} - System32\Tasks\{3EFEC5D9-1D52-48FB-B382-C489FF10193D} => pcalua.exe -a C:\Users\Vera\Downloads\sclive20060412g\sclive.exe -d C:\Users\Vera\Downloads\sclive20060412g
Task: {B95DD6AF-F8F9-4F0B-9AE1-10717A9AFD37} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4105031019-3425876013-4116755172-1002
Task: {C724FC1B-D5B1-4755-9754-A03B17BA053A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {DB52C38A-7BED-4C11-8C09-4DA13108FB1A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {E7F15A4F-84A8-4C14-B142-9F5F2BF683E7} - System32\Tasks\{EFF710BD-CF61-4810-8F4E-857944983CEF} => pcalua.exe -a D:\autostart.exe -d D:\
Task: {EF7B119D-D1F7-4F8A-B349-98D194BC932B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.)
Task: {F2C4B45D-8EAE-4FFD-8F99-54C2E2754DF6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {F83191E3-E913-4DC2-BE22-C614E7BF5FB0} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002Core.job => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4105031019-3425876013-4116755172-1002UA.job => C:\Users\Vera\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-22 16:08 - 2012-05-04 17:19 - 00274208 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2013-01-28 17:21 - 2013-01-28 17:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-22 16:08 - 2012-05-04 17:19 - 00156448 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2015-12-11 18:30 - 2015-11-23 17:05 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2014-03-18 11:44 - 2014-03-18 11:44 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\ErrorReporting.dll
2016-02-29 12:16 - 2016-02-29 12:16 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-07-31 01:04 - 2012-07-31 01:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2016-06-20 11:48 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-20 11:48 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2012-08-15 21:02 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2006-10-26 13:56 - 2006-10-26 13:56 - 00757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-05-15 01:16 - 2016-05-15 01:16 - 00034960 _____ () C:\Users\Vera\AppData\Local\assembly\dl3\M5V9E7XH.CDC\1KAY41AZ.8L9\d05ee253\00bd4c69_b247cd01\WordAddIn.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4105031019-3425876013-4116755172-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4105031019-3425876013-4116755172-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Vera\Pictures\Make History.jpg
DNS Servers: 129.206.100.126 - 129.206.210.127
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "TMMonitor.lnk"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{562AD6BE-EF65-4195-AAA5-F374590DD5E3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{67FEACB2-2401-4122-8D3D-66FAE5F98D53}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{7D0B75D0-989B-4913-BC73-E6996719AC85}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{16658953-BD08-4DE2-B7DA-F2D1B24B8872}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{484F0461-88EE-48FA-9FD8-BBCBF3E6E495}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F979EA54-0E59-49F8-B3A9-6A785542724F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{DFB3C773-7010-42DD-A159-29ED99BBAF03}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BD89FC6D-7633-42E8-A848-B61956B3B4AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB1D5594-C388-47E8-906D-80FE30EAC961}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D0E5BD68-B928-4989-B5F5-4C16AEC18868}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9661D67B-EAE3-4D42-AF33-E1D499220CD2}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{7704B728-7C00-442C-9AC8-2FE6B8A7F972}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{ACAD114C-735F-49BC-AB98-39CFB4FF1DDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{644A48DF-D8D1-42A0-BB7B-E4AA842EFC6E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{BB1A121B-2AC5-40E4-8B11-51910ED459C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{7EA55DA8-A5C0-4A69-BC29-2F28BE9EBA2E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{46C920C4-2E27-4A82-92E1-634F16ED18D2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{32B571B2-721F-4ACF-A816-F9B89001BF01}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{C4FB7AFE-D859-430E-BBF0-D49809786B14}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{B7D0094A-6789-49D2-AA2A-2E30A40D1397}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{6CD5F020-CB4D-41CB-B44B-B947BDD8B91E}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{3298A79E-04A7-4179-AC81-49ED4EABC1E5}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{4EA3AAB1-1CA0-4243-9A03-6A911B74DA56}] => (Allow) D:\AliceSetup.exe
FirewallRules: [{B0A151C9-F47C-4313-A4DD-FE26082A72CF}] => (Allow) D:\AliceSetup.exe
FirewallRules: [{9A009534-4288-44B3-8FA6-1B0B017660EC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{6D86272D-1F6E-43CE-89D7-0FFB40901B4E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{996E0AB8-043B-450A-A7FD-1825D9F9D03B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{EFFE22F3-ED01-4532-8488-1C1E4728F1C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{A87A6C22-D2DD-4F74-8706-23414A196020}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{10B14768-23FB-461A-888B-927744D74680}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{D511C497-9324-4CAD-9DF4-B0A66D476F5E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{3C8D17B8-783D-4B7B-8FAB-D91CCD9EE9A7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{92047C36-3FCF-4D60-8ABD-8E24D42294FB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{B72996AF-9E68-485C-B0AA-56521F1F0447}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{9101CCED-69A9-4B46-BBAB-7D39AA1FA45B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{6EE1F738-5154-4C11-B395-44D4963E581D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{3CCB51CF-1423-46ED-935E-E8BB081B5CD2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{32087D8E-507C-4CA1-89F4-15E56D11E319}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{C203FD96-1A43-4529-A0AB-08D0577083CF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{440E6ED9-62D2-4DB8-A42D-386381109FBF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E04C7F9F-DD2C-44F1-92B7-4F912A562F86}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{81562EA2-47D6-4F07-8FE6-4A0B0A20C097}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{6E911494-19DD-4B8E-A761-F30BB5871777}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E82CAC18-872F-42EB-8783-E55F1BB9DB71}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{4D211644-52DE-4B61-99A1-6263E6D00570}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{686F6810-3EE6-4DE8-A966-3824652A6A7D}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{D51C58D9-3849-4C5A-9795-B768CC4945D6}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{923BE562-A799-42B5-B859-1024B80F9757}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{DCAFFC6C-52FC-44DB-A66A-E4EE531C54E3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7FCACBBA-EA9E-47CB-B482-ADB67EB134FD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{3819FFFA-43A3-439F-B66F-AB80BC4D2349}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{0A9C6167-2BE5-4A96-BBD4-BF86CADDF56F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{3FD434BD-90E7-4BA3-9A32-7077F9B7998A}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B2D1AE20-8130-4070-8F07-B8E8E8730099}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{8F1D89C3-6D2F-44DF-B791-C0E75D71E3ED}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{19F500C0-F9C9-47DF-A48A-D4DA51833C9D}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{52E05373-D082-4DB4-BFDD-0355CF15E95E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{8497445D-8DFE-4732-8EF6-37CE0A7E0BF8}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{619D59EA-6C80-4BD6-A3FE-53F8E6403314}C:\users\vera\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E6809B4C-FEDE-4376-96FE-702471B7EB86}C:\users\vera\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4CA4F3FF-9067-403F-9FEE-E26381E28312}] => (Block) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BA7D56D1-3498-486B-9BDC-C0F5001F9367}] => (Block) C:\users\vera\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8E85D61B-BB0C-4E82-99D6-A48EBAA6C8CE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A38B098D-A33F-4BAF-ACEF-8925AB5D5200}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{055B3FEA-BCEA-4955-9844-53BA93A95A2D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{CC21E86E-C529-4CB6-A783-87F73ECA058F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{BBA1B2B2-21ED-49CF-92FF-D2DC20359C66}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{3D210D07-9D27-40EE-87CF-9594869764E9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{98B7060E-8C5B-4082-94B7-2D45335D9F48}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B58A47C5-B9EC-4D04-9F3C-00F5F4041113}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{F0226214-72F3-4793-ABE0-C1B9A1A22CB5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{1BC83989-0069-45D9-84E0-90D91721646F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [TCP Query User{79AEF083-0C85-484F-B074-056CF8EC7A19}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [UDP Query User{72C0C118-6D78-4742-A974-60AA12810129}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{57302029-5538-4FEF-839D-F80C8F5C1862}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{D0377A42-2018-425E-ACAE-7A0C038BF4F2}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{87589F37-408D-495A-8089-1D8C094026E5}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{6C78C0A7-1F14-4797-88FA-B72C1EADCCCD}] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe
FirewallRules: [{C48D38E2-2A41-44BA-BCA0-42946E775322}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{38635752-3029-44E9-AE0C-D3D55F32B7DC}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [TCP Query User{B602313F-5169-4A26-9BBD-561393F6689D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{96AF43C9-96C5-4B32-BA5C-FAA8B068688F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7A0847FC-FEA1-432B-8BFC-AB20ECFA7576}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E0DBB789-3A15-492D-8B85-625F50575877}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B44E32F2-9A7D-4DFD-877C-8698EA6D0E73}C:\users\vera\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\vera\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3CBBCD8E-1B68-4D78-AE4A-4AE88E72D45A}C:\users\vera\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\vera\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{56B9702D-145B-41E4-BF03-456E9FAD4C54}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{23E563C7-A7F1-4675-92CE-FB66EA5DF961}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{60F9E8D2-4D59-43C8-A01F-B7D637B7ECD5}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{DFF96C53-0C9E-4646-A57D-6D5875B826C4}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{AC297AC9-5F33-4519-B52B-C3A0617CFD8D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{9A51A890-1A62-4786-845D-A83FFE873F1F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [TCP Query User{274B6FDC-0868-49C4-819E-20BE2B0708EF}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8038CF78-DD98-4889-9861-B9D4CE174D05}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{0A2277FB-2C4F-4A94-A5C4-F2B69D9BCFFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04B24D0B-EDFA-4A01-B92F-D305A37FA9A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E3DDE46-5A35-4B99-9A5F-CD345E305107}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5C1221A3-1EA7-4ACE-A6E6-97E0DC251EF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C429BF7-C815-449D-9EB1-DA395C172958}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F0432ACB-D720-4AC6-8F92-A4D0FC9532FD}C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe] => (Allow) C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [UDP Query User{DC956E12-076B-4F89-BFD0-751BEB95625C}C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe] => (Allow) C:\program files (x86)\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [{14703AC8-061F-40D1-8730-EBC5A3D2EB89}] => (Allow) C:\Users\Vera\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{ABECCAC8-12FA-4E97-903B-EC2368B534E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2477C121-1E85-4DED-8F8E-A593CAA5FF08}] => (Allow) LPort=2869
FirewallRules: [{324CB72E-D18D-4F12-8EB2-ECAC2413CDA0}] => (Allow) LPort=1900
FirewallRules: [{726E4AFF-EB8E-4CCB-9279-C3F070A1DBAC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{58141989-8739-4F57-AD9D-448C3086F8C1}C:\program files (x86)\ibm\spss\statistics\24\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [UDP Query User{AE00DB7C-F24A-42AE-9C42-3A66C3E8D1C7}C:\program files (x86)\ibm\spss\statistics\24\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{2BB771B0-48DA-4041-8A11-34FB0A6E8836}] => (Block) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{31BFAC32-D47D-49F9-BA77-1A5546C18EC2}] => (Block) C:\program files (x86)\ibm\spss\statistics\24\stats.exe
FirewallRules: [{04CF2B76-CB79-47FE-8185-C9711F8CD11F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{70B4498B-A1D6-4D41-8E5D-AB16AA0C2372}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{45578DE2-FF52-42CA-93F9-0144005B6088}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe

==================== Wiederherstellungspunkte =========================

03-06-2016 16:49:35 Installed IBM SPSS Statistics 24.
12-06-2016 12:33:05 Geplanter Prüfpunkt
20-06-2016 18:58:44 Geplanter Prüfpunkt
23-06-2016 11:49:07 Restore Point Created by FRST

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/23/2016 01:59:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Name des fehlerhaften Moduls: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001af76
ID des fehlerhaften Prozesses: 0xdf4
Startzeit der fehlerhaften Anwendung: 0xACDaemon.exe0
Pfad der fehlerhaften Anwendung: ACDaemon.exe1
Pfad des fehlerhaften Moduls: ACDaemon.exe2
Berichtskennung: ACDaemon.exe3
Vollständiger Name des fehlerhaften Pakets: ACDaemon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ACDaemon.exe5

Error: (06/23/2016 12:57:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4718

Error: (06/23/2016 12:57:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4718

Error: (06/23/2016 12:57:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/23/2016 12:57:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3359

Error: (06/23/2016 12:57:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3359

Error: (06/23/2016 12:57:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/23/2016 12:57:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1328

Error: (06/23/2016 12:57:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1328

Error: (06/23/2016 12:57:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (06/23/2016 11:49:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.


Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "UI Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/23/2016 11:48:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dritek RF Button Command Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-06-18 22:12:10.901
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 21:59:20.509
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 21:59:20.426
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 21:59:20.416
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 12:24:13.835
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 09:35:03.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:52:48.344
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:35:19.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:27:42.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:11:18.359
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3909.28 MB
Verfügbarer physikalischer RAM: 2009.9 MB
Summe virtueller Speicher: 6213.28 MB
Verfügbarer virtueller Speicher: 3870.76 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:445.41 GB) (Free:70.69 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4FB6F86F)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Fragen zu meinem Handy kannst du mir vermutlich nicht beantworten, oder? Die zip-Datei hat nämlich auch dort versucht sich zu entpacken, erfolgreich geöffnet hat sie sich aber nicht.
Und überträgt sich der Mist auch auf Wechselmedien, sprich USB-Sticks, SD-Karten, externe Festplatten, etc.?

Alt 23.06.2016, 14:24   #11
Erthos
 
Phishing-Zip-Anhang auf PC und Handy geöffnet - Standard

Phishing-Zip-Anhang auf PC und Handy geöffnet



---

Antwort

Themen zu Phishing-Zip-Anhang auf PC und Handy geöffnet
anhang, anhang ausgeführt, anhänge, brauche, daten, direkt, e-mail, eingestellt, frage, fragen, geändert, hallo zusammen, handy, handy und pc, krieg, kumpel, leer, nichts, papierkorb, phishing, potentielle, schei, schnelle, verloren, verschoben, windows, windows 8, überprüfen, zusammen, öffnet



Ähnliche Themen: Phishing-Zip-Anhang auf PC und Handy geöffnet


  1. Österreichische Handy-Signatur anfällig für Phishing
    Nachrichten - 31.05.2016 (0)
  2. Inkasso DirectPay AG auf Android Handy geöffnet Zip&Datei
    Smartphone, Tablet & Handy Security - 10.04.2016 (2)
  3. Phishing-Mail-Anhang geöffnet: checken ob ich etwas habe
    Log-Analyse und Auswertung - 26.08.2015 (3)
  4. DHL Mail mit Android Handy geöffnet - Mal-Ware?
    Smartphone, Tablet & Handy Security - 09.06.2015 (5)
  5. DHL Phishing Mail Anhang (PDF) geöffnet
    Plagegeister aller Art und deren Bekämpfung - 08.06.2015 (11)
  6. Anhang Phishing Mail auf iPhone geöffnet
    Smartphone, Tablet & Handy Security - 12.05.2015 (1)
  7. DHL Phishing mail - auf link geklickt (auch mit handy)
    Plagegeister aller Art und deren Bekämpfung - 06.03.2015 (11)
  8. Amazon-Phishing Mail-Anhang .rtf geöffnet
    Log-Analyse und Auswertung - 18.11.2014 (15)
  9. Anhang von Phishing-Mail geöffnet - jetzt unauthorisierter Zugriff auf Email-Konto
    Log-Analyse und Auswertung - 17.08.2014 (8)
  10. zip-Datei Virus-Anhang in vermeintlicher PayPal-Mail via Handy geöffnet
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (3)
  11. Phishing email und Anhang geoeffnet
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (1)
  12. Handy-Trojaner im E-mail Anhang?
    Mülltonne - 03.04.2014 (1)
  13. Phishing-Mail (Paypal) - Anhang geöffnet !
    Plagegeister aller Art und deren Bekämpfung - 18.03.2014 (5)
  14. PDF Anhang aus Phishing mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.11.2013 (11)
  15. Email zip file geöffnet im HANDY .. ich glaube ich hab einen Trojaner erwischt..
    Plagegeister aller Art und deren Bekämpfung - 27.08.2013 (1)
  16. Anhang einer Phishing Mail geöffnet
    Mülltonne - 14.06.2013 (2)
  17. Groupon E-mail Anhang mit dem Handy geöffnet
    Plagegeister aller Art und deren Bekämpfung - 09.03.2013 (3)

Zum Thema Phishing-Zip-Anhang auf PC und Handy geöffnet - Hallo Zusammen, ich könnte gerade explodieren vor Wut, aber das bringt ja nichts - was ich brauche, ist schnelle Hilfe... Ein Kumpel fand' es scheinbar witzig mir eine an ihn - Phishing-Zip-Anhang auf PC und Handy geöffnet...
Archiv
Du betrachtest: Phishing-Zip-Anhang auf PC und Handy geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.