Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ungewünschte Pop-Ups in Chrome und Edge (https://www.trojaner-board.de/186155-ungewuenschte-pop-ups-chrome-edge.html)

senergy 09.07.2017 22:25
Ungewünschte Pop-Ups in Chrome und Edge
 
Hallo,

ich habe immer wieder PopUps, die durch Malwarey-Bytes blockiert werden von z. B. adskeeper. ADWCleaner, Malware-Bytes, Desinfect ct, jrt, Spybot S&D, finden alle nichts mehr. Ich habe keine Idee mehr. Bitte helft mir
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
durchgeführt von user (Administrator) auf USER-PC (09-07-2017 21:23:12)
Gestartet von C:\Users\user\Downloads
Geladene Profile: user (Verfügbare Profile: user)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
() C:\Users\user\Downloads\adwcleaner_6.047.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-27] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4514304 2016-03-04] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [kxesc] => "c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe" -autorun
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Google Photos Backup] => C:\Users\user\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Amazon Music] => C:\Users\user\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{037dccaf-1974-41e8-9dad-43e2e9418bf1}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{e42fb867-5a36-49ca-92d6-35a6d53211f4}: [DhcpNameServer] 192.168.178.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao774.com/?34067-0293
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao774.com/?34067-0293
SearchScopes: HKU\S-1-5-21-508946343-2304877640-3111218378-1000 -> DefaultScope {5CE25775-92B7-477d-9603-852F0B34D8B0} URL = hxxps://www.sogou.com/sogou?query={searchTerms}&pid=sogou-wsse-91e50fe1e39af286
SearchScopes: HKU\S-1-5-21-508946343-2304877640-3111218378-1000 -> {5CE25775-92B7-477d-9603-852F0B34D8B0} URL = hxxps://www.sogou.com/sogou?query={searchTerms}&pid=sogou-wsse-91e50fe1e39af286
SearchScopes: HKU\S-1-5-21-508946343-2304877640-3111218378-1000 -> {EB447D18-0856-4C7E-BD41-3E8FAA66D930} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-03] (Oracle Corporation)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll Keine Datei
Toolbar: HKU\S-1-5-21-508946343-2304877640-3111218378-1000 -> Kein Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  Keine Datei

FireFox:
========
FF DefaultProfile: psysod7o.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default [2017-07-09]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2016-02-29] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-508946343-2304877640-3111218378-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-508946343-2304877640-3111218378-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-07-09]
CHR Extension: (Google Präsentationen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-10]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-10]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-10]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-07-09]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-10]
CHR Extension: (Google Tabellen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-10]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-10]
CHR Extension: (Skype) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-06-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-10]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [290304 2016-03-04] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [135408 2015-08-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2016-01-07] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel® Corporation)
S2 kxescore; "c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe" /service kxescore [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-06-27] ()
S1 fpvwwtbyd.sys; C:\WINDOWS\system32\drivers\fpvwwtbyd.sys [15424 2017-07-07] () [Datei ist nicht signiert]
S1 gbwgofylq.sys; C:\WINDOWS\system32\drivers\gbwgofylq.sys [15424 2017-07-07] () [Datei ist nicht signiert]
R2 kisknl; C:\Windows\system32\drivers\kisknl.sys [317584 2017-07-07] (Kingsoft Corporation)
R2 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [79000 2017-07-07] (Kingsoft Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188352 2017-07-07] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [101784 2017-07-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-07-09] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253856 2017-07-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-07-09] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S1 uafpxabsx.sys; C:\WINDOWS\system32\drivers\uafpxabsx.sys [15424 2017-07-09] () [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wjsvqqpff.sys; C:\WINDOWS\system32\drivers\wjsvqqpff.sys [121200 2017-07-09] () [Datei ist nicht signiert]
S1 ycjbwobvh.sys; C:\WINDOWS\system32\drivers\ycjbwobvh.sys [15424 2017-07-07] () [Datei ist nicht signiert]
U3 kxldapog; C:\Users\user\AppData\Local\Temp\kxldapog.sys [56584 2017-07-09] (GMER) [Datei ist nicht signiert] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-09 21:23 - 2017-07-09 21:23 - 00017153 _____ C:\Users\user\Downloads\FRST.txt
2017-07-09 21:17 - 2017-07-09 21:23 - 00000000 ____D C:\FRST
2017-07-09 21:17 - 2017-07-09 21:17 - 02437120 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2017-07-09 21:16 - 2017-07-09 21:16 - 00000008 __RSH C:\Users\user\ntuser.pol
2017-07-09 21:11 - 2017-07-09 21:14 - 00273516 _____ C:\TDSSKiller.3.1.0.15_09.07.2017_21.11.34_log.txt
2017-07-09 21:11 - 2017-07-09 21:11 - 04922400 _____ (AO Kaspersky Lab) C:\Users\user\Downloads\tdsskiller.exe
2017-07-09 21:04 - 2017-07-09 21:04 - 00380928 _____ C:\Users\user\Downloads\gmer-2.2.19882.exe
2017-07-09 20:58 - 2017-07-09 20:58 - 00000075 _____ C:\Windows\system32\r6lstmp4.dat
2017-07-09 20:56 - 2017-07-09 20:56 - 00015424 _____ C:\Windows\system32\Drivers\uafpxabsx.sys
2017-07-09 20:41 - 2017-07-09 20:41 - 00000545 _____ C:\Users\user\Desktop\JRT.txt
2017-07-09 20:28 - 2017-07-09 20:55 - 00121200 _____ C:\Windows\system32\Drivers\wjsvqqpff.sys
2017-07-09 20:22 - 2017-07-09 20:22 - 01663672 _____ (Malwarebytes) C:\Users\user\Downloads\JRT.exe
2017-07-09 20:10 - 2017-07-09 21:16 - 00000000 ____D C:\AdwCleaner
2017-07-09 20:09 - 2017-07-09 20:09 - 04110280 _____ C:\Users\user\Downloads\adwcleaner_6.047.exe
2017-07-09 19:52 - 2017-07-09 19:52 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-09 19:52 - 2017-07-09 19:52 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-09 19:50 - 2017-07-09 19:50 - 01130328 _____ (Google Inc.) C:\Users\user\Downloads\ChromeSetup.exe
2017-07-09 09:12 - 2017-07-09 09:12 - 00000000 ____D C:\Users\user\AppData\Local\Inet-Info
2017-07-07 18:15 - 2017-07-07 18:15 - 00006168 _____ C:\Windows\system32\.crusader
2017-07-07 18:07 - 2017-07-07 18:07 - 11584088 _____ (SurfRight B.V.) C:\Users\user\Downloads\hitmanpro_x64.exe
2017-07-07 18:06 - 2017-07-07 18:16 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-07 18:06 - 2017-07-07 18:06 - 09096848 _____ (SurfRight B.V.) C:\Users\user\Downloads\HitmanPro35.exe
2017-07-07 17:47 - 2017-07-07 17:47 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-07-07 17:47 - 2017-07-07 17:47 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-07-07 17:47 - 2017-07-07 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-07-07 17:47 - 2017-05-23 09:22 - 00032240 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2017-07-07 17:46 - 2017-07-07 17:47 - 51725936 _____ (Safer-Networking Ltd. ) C:\Users\user\Downloads\spybotsd-2.6.46.exe
2017-07-07 14:58 - 2017-07-07 14:58 - 00000000 ____D C:\Users\user\AppData\Local\UNP
2017-07-07 14:13 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-07-07 14:13 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-07-07 14:13 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-07-07 14:13 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-07-07 14:13 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-07-07 14:13 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-07-07 14:13 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-07-07 14:13 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-07-07 13:26 - 2017-07-07 13:26 - 00000000 ____D C:\Windows\system32\UNP
2017-07-07 13:00 - 2017-07-07 13:00 - 00000000 ____D C:\Users\user\AppData\Roaming\Process Hacker 2
2017-07-07 12:57 - 2017-07-09 21:16 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-07 12:55 - 2017-07-07 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2017-07-07 12:55 - 2017-07-07 12:55 - 00000000 ____D C:\Program Files\Process Hacker 2
2017-07-07 12:53 - 2017-07-07 12:54 - 02267848 _____ (wj32 ) C:\Users\user\Downloads\processhacker-2.39-setup.exe
2017-07-07 12:43 - 2017-07-07 12:43 - 00000000 ____D C:\Windows.old
2017-07-07 12:41 - 2017-07-07 12:41 - 01931969 _____ C:\Users\user\Downloads\processexplorer.zip
2017-07-07 12:32 - 2017-07-09 21:16 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-07 12:31 - 2017-07-09 21:16 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-07 12:16 - 2017-07-07 12:16 - 00015424 _____ C:\Windows\system32\Drivers\ycjbwobvh.sys
2017-07-07 12:10 - 2017-07-07 12:10 - 00015424 _____ C:\Windows\system32\Drivers\fpvwwtbyd.sys
2017-07-07 11:55 - 2017-07-07 12:03 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-07 11:54 - 2017-07-07 11:54 - 00000000 ____D C:\Users\user\AppData\Local\Kingsoft
2017-07-07 11:50 - 2017-07-07 12:04 - 00000000 __SHD C:\KRECYCLE
2017-07-07 11:50 - 2017-07-07 11:50 - 00317584 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00130720 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetm_ev.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00127128 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetm64_ev.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00122520 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00114488 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetmxp.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00079000 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys
2017-07-07 11:50 - 2017-07-07 11:50 - 00019352 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksskrpr.sys
2017-07-07 11:49 - 2017-07-09 21:16 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-07 11:49 - 2017-07-09 21:16 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-07 11:49 - 2017-07-07 11:54 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-07 11:49 - 2017-07-07 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-07 11:49 - 2017-06-27 12:06 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-07 11:48 - 2017-07-07 11:48 - 00097008 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64_ev.sys
2017-07-07 11:48 - 2017-07-07 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-07 11:48 - 2017-07-07 11:48 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-07 11:45 - 2017-07-09 20:55 - 00010008 _____ C:\pagefile_bak.$$$
2017-07-07 11:45 - 2017-07-09 20:55 - 00000584 _____ C:\pagefile_bak3.$$$
2017-07-07 11:45 - 2017-07-09 20:55 - 00000048 _____ C:\pagefile_bak2.$$$
2017-07-07 11:45 - 2017-07-07 11:45 - 00015424 _____ C:\Windows\system32\Drivers\gbwgofylq.sys
2017-07-07 11:45 - 2017-07-07 11:45 - 00000032 _____ C:\pagefile.$$$
2017-07-07 11:44 - 2017-07-07 11:44 - 00004400 _____ C:\Windows\System32\Tasks\BitLocker-LaufwerkverschlüsselungsdienstBasisfiltermodulHintergrundübertragungsdienst
2017-07-07 11:43 - 2017-07-07 12:57 - 00000000 ___HD C:\3ceb1046a654d432d936c5c8162f4259
2017-07-07 11:43 - 2017-07-07 11:43 - 00000000 ____D C:\Users\user\AppData\Roaming\npm
2017-07-07 11:42 - 2017-07-07 11:48 - 65033984 _____ (Malwarebytes ) C:\Users\user\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-07 11:42 - 2017-07-07 11:42 - 00930816 _____ C:\Users\user\AppData\Local\test_db_cara.db
2017-07-07 11:42 - 2017-07-05 14:22 - 02017280 ___SH (Micrasaft Carparation) C:\Windows\C_02iu47.dat.VIRUS
2017-07-07 11:41 - 2017-07-07 11:41 - 00719521 _____ C:\Windows\unins000.exe
2017-07-07 11:41 - 2017-07-07 11:41 - 00003972 _____ C:\Windows\unins000.dat
2017-07-07 11:40 - 2017-07-07 11:40 - 00016820 _____ C:\Windows\System32\Tasks\Network Studio
2017-07-07 11:40 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2017-07-07 11:40 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-07 11:40 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-07-07 11:40 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2017-07-07 11:40 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-07 11:40 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-07-07 11:37 - 2017-07-07 11:37 - 00140800 _____ C:\Users\user\AppData\Local\installer.dat
2017-07-07 11:36 - 2017-07-09 21:33 - 00000000 ____D C:\ProgramData\WindowsErrorReporting
2017-07-07 11:36 - 2017-07-08 08:16 - 00000000 ____D C:\Program Files\WWPOQGEHNF
2017-07-07 11:35 - 2017-07-07 11:35 - 00001156 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzilla Firefoх.lnk
2017-07-07 11:35 - 2017-07-07 11:35 - 00001153 ___RS C:\Users\Public\Desktop\Gооglе Сhrоme.lnk
2017-07-07 11:35 - 2017-07-07 11:35 - 00001126 ___RS C:\Users\Public\Desktop\Моzilla Firеfох.lnk
2017-07-07 11:35 - 2017-07-07 11:35 - 00000000 ____D C:\Users\user\AppData\Local\CrashRpt
2017-07-07 11:35 - 2016-05-05 13:23 - 01085624 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLvideo.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00561336 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLsplit.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00556216 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-55.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00537784 __RSH (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-4.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00405176 __RSH (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00276152 __RSH C:\Windows\SysWOW64\libbluray.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00263864 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLaudio.dll
2017-07-07 11:35 - 2016-05-05 13:23 - 00000493 __RSH C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest
2017-07-07 11:35 - 2016-05-05 13:22 - 10766520 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-57.dll
2017-07-07 11:35 - 2016-05-05 13:22 - 01699000 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-57.dll
2017-07-07 11:35 - 2016-05-05 13:22 - 00188088 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-6.dll
2017-07-07 11:35 - 2016-05-05 13:22 - 00160440 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-3.dll
2017-07-07 11:35 - 2014-03-07 13:03 - 00293888 __RSH C:\Windows\SysWOW64\avcodec-lav-1321.dll
2017-07-07 11:35 - 2012-10-05 19:54 - 00188416 __RSH C:\Windows\SysWOW64\winDCE32.dll
2017-07-07 11:35 - 2012-07-11 23:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2017-07-07 11:35 - 2011-06-14 20:05 - 00121344 __RSH C:\Windows\SysWOW64\TAKDSDecoder.ax
2017-07-07 11:35 - 2011-02-11 10:26 - 00112128 __RSH C:\Windows\SysWOW64\OptimFROG.dll
2017-07-07 11:35 - 2010-01-07 00:00 - 00107520 __RSH C:\Windows\SysWOW64\TAKDSDecoder.dll
2017-07-07 11:35 - 2009-08-10 23:00 - 00352768 __RSH C:\Windows\SysWOW64\ac3DX.ax
2017-07-07 11:35 - 2005-02-22 17:55 - 00081920 __RSH C:\Windows\SysWOW64\aac_parser.ax
2017-07-07 11:35 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2017-07-07 11:35 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2017-07-07 11:35 - 2004-04-27 16:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2017-07-07 11:35 - 2004-04-05 10:31 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2017-07-07 11:35 - 2004-04-05 10:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2017-07-07 11:21 - 2017-07-07 11:23 - 70972438 _____ (eRightSoft ) C:\Users\user\Downloads\SUPERsetup.exe
2017-07-07 10:29 - 2017-07-07 10:29 - 00002369 _____ C:\Users\user\Desktop\X-Lite.lnk
2017-07-07 10:21 - 2017-07-07 10:22 - 69535624 _____ (CounterPath Corporation) C:\Users\user\Downloads\X-Lite_4.9.8_84253.exe
2017-07-06 09:08 - 2017-07-06 09:08 - 00051631 _____ C:\Windows\uninstaller.dat
2017-07-02 12:56 - 2017-07-02 12:56 - 00108393 _____ C:\Users\user\Downloads\AZG12726300_020_20170630.pdf
2017-07-02 12:54 - 2017-07-02 12:54 - 00111862 _____ C:\Users\user\Downloads\AZG340311200_025_20170630.pdf
2017-07-02 12:53 - 2017-07-02 12:53 - 00102558 _____ C:\Users\user\Downloads\AZG340311210_006_20170630.pdf
2017-07-02 12:50 - 2017-07-02 12:50 - 00107868 _____ C:\Users\user\Downloads\AZG9172300_018_20170630 (1).pdf
2017-07-02 00:29 - 2017-07-02 00:29 - 00107868 _____ C:\Users\user\Downloads\AZG9172300_018_20170630.pdf
2017-06-24 17:46 - 2017-06-24 17:46 - 00039302 _____ C:\Users\user\Downloads\rezept204.pdf
2017-06-18 12:24 - 2017-06-18 12:29 - 00000000 ____D C:\Users\user\Desktop\Video17
2017-06-16 13:47 - 2017-07-07 10:43 - 00000000 ____D C:\Users\user\Desktop\Video 2017
2017-06-14 17:49 - 2017-06-14 17:49 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-06-14 14:59 - 2017-06-14 14:59 - 00000000 ____D C:\Windows\PCHEALTH
2017-06-14 14:57 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 14:57 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-14 14:57 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-06-14 14:57 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-06-14 14:57 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-14 14:57 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-14 14:57 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-14 14:57 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-14 14:57 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-14 14:57 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 14:57 - 2017-06-03 12:06 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-14 14:57 - 2017-06-03 12:01 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-14 14:57 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-14 14:57 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-14 14:57 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 14:57 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-14 14:57 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-14 14:57 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-06-14 14:57 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-14 14:57 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-14 14:57 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-06-14 14:57 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-06-14 14:57 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-14 14:57 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-14 14:57 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-14 14:57 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-14 14:57 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 14:57 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-06-14 14:57 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-06-14 14:57 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2017-06-14 14:57 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-14 14:57 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-14 14:57 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-06-14 14:57 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-06-14 14:57 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 14:57 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-14 14:57 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-14 14:57 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-14 14:57 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-14 14:57 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-14 14:57 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 14:57 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-14 14:57 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-14 14:57 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-14 14:57 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-14 14:57 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-06-14 14:57 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 14:57 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 14:57 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-14 14:57 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 14:57 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll
2017-06-14 14:57 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-14 14:57 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-14 14:57 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-06-14 14:57 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-06-14 14:57 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2017-06-14 14:57 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-14 14:57 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-14 14:57 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-14 14:57 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-06-14 14:57 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-14 14:57 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-14 14:57 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-14 14:57 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-14 14:57 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-14 14:57 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-14 14:57 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 14:57 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2017-06-14 14:57 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-06-14 14:57 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 14:57 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-14 14:57 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll
2017-06-14 14:57 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-06-14 14:57 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-06-14 14:57 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 14:57 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-14 14:57 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-14 14:57 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-06-14 14:57 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll
2017-06-14 14:57 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 14:57 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-14 14:57 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-06-14 14:57 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll
2017-06-14 14:57 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-14 14:57 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 14:57 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 14:57 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 14:57 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-14 14:57 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-14 14:57 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-06-14 14:57 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 14:57 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-14 14:57 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 14:57 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-06-14 14:57 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-14 14:57 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 14:57 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-14 14:57 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 14:57 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-06-14 14:57 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-14 14:57 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-06-14 14:57 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 14:57 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-14 14:57 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 14:57 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-14 14:57 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 14:57 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2017-06-14 14:57 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 14:57 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 14:57 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 14:57 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-14 14:57 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-14 14:57 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-14 14:57 - 2017-06-03 08:08 - 00080078 _____ C:\Windows\system32\normidna.nls
2017-06-14 14:57 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-06-14 14:57 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-06-14 14:57 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-14 14:57 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-06-14 14:57 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-06-14 14:57 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-06-12 08:57 - 2017-06-12 08:58 - 02198531 _____ C:\Users\user\Downloads\VR Aktuell.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-09 21:02 - 2016-07-18 08:48 - 09470692 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-09 21:02 - 2016-07-17 00:51 - 04773050 _____ C:\Windows\system32\perfh007.dat
2017-07-09 21:02 - 2016-07-17 00:51 - 01327938 _____ C:\Windows\system32\perfc007.dat
2017-07-09 20:59 - 2016-04-08 10:02 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2017-07-09 20:56 - 2017-02-14 10:28 - 00000000 ___RD C:\Users\user\iCloudDrive
2017-07-09 20:56 - 2016-09-26 08:44 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-09 20:55 - 2016-07-16 08:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-07-09 20:29 - 2017-03-25 10:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-07-09 20:29 - 2016-04-08 10:02 - 00000000 ____D C:\ProgramData\Skype
2017-07-09 19:51 - 2016-09-26 08:44 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-09 19:51 - 2016-09-26 08:44 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-09 19:51 - 2016-04-08 09:38 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-09 18:05 - 2016-09-26 08:22 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-09 12:08 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-07-09 09:14 - 2016-04-08 09:54 - 00000000 ____D C:\Users\user\Documents\jAnrufmonitor
2017-07-08 11:50 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-08 08:28 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-07-07 23:34 - 2016-09-10 23:24 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-07-07 17:47 - 2016-09-10 23:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-07-07 13:09 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\Network Studio
2017-07-07 12:57 - 2016-04-08 06:54 - 00001159 ____H C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-07 12:57 - 2016-04-08 06:54 - 00001147 ____H C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-07-07 12:03 - 2016-02-25 07:48 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2017-07-07 11:57 - 2016-09-26 08:22 - 00286552 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-07 11:57 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-07-07 11:37 - 2016-09-26 08:44 - 00003520 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-508946343-2304877640-3111218378-1000Core
2017-07-07 11:35 - 2017-03-14 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-07-07 11:35 - 2016-08-15 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2017-07-07 11:04 - 2016-05-30 12:41 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2017-07-07 10:29 - 2016-12-24 23:48 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CounterPath
2017-07-07 10:29 - 2016-12-24 23:47 - 00000000 ____D C:\Users\user\AppData\Local\SquirrelTemp
2017-07-07 10:28 - 2016-04-08 10:51 - 00000000 ____D C:\Users\user\AppData\Local\CounterPath
2017-06-20 16:10 - 2016-12-13 15:48 - 00003272 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-20 16:10 - 2016-07-18 09:18 - 00002380 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 16:10 - 2016-07-18 09:18 - 00000000 ___RD C:\Users\user\OneDrive
2017-06-19 12:43 - 2016-04-07 17:49 - 00000000 ____D C:\Users\user\Desktop\Bilders
2017-06-17 13:28 - 2016-04-07 18:10 - 00000104 _____ C:\Users\user\Desktop\Arbeitsplatz.lnk
2017-06-16 09:29 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-06-14 17:59 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 17:49 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-14 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-14 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-14 17:49 - 2016-02-26 08:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 17:49 - 2016-02-26 08:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 15:10 - 2016-04-07 18:52 - 00000000 ____D C:\Windows\system32\MRT
2017-06-14 15:08 - 2016-04-07 18:52 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-14 15:08 - 2016-02-26 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-10 18:07 - 2016-04-07 17:48 - 00000000 ____D C:\Users\user\Documents\aTimpestr
2017-06-10 16:05 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-07-07 11:37 - 2017-07-07 11:37 - 0140800 _____ () C:\Users\user\AppData\Local\installer.dat
2016-04-12 08:35 - 2016-04-12 08:35 - 0000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND
2017-07-07 11:42 - 2017-07-07 11:42 - 0930816 _____ () C:\Users\user\AppData\Local\test_db_cara.db
2016-09-26 08:24 - 2016-09-26 08:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-06 09:12

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von user (09-07-2017 21:23:54)
Gestartet von C:\Users\user\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-26 06:53:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-508946343-2304877640-3111218378-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-508946343-2304877640-3111218378-503 - Limited - Disabled)
Gast (S-1-5-21-508946343-2304877640-3111218378-501 - Limited - Disabled)
user (S-1-5-21-508946343-2304877640-3111218378-1000 - Administrator - Enabled) => C:\Users\user

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother IPPoverUSB Driver (HKLM-x32\...\{1FC871AB-1C93-47C1-995B-E5F3578E1BB5}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{29423FEE-97AB-43EF-BEC8-82F37470842E}) (Version: 1.5.0.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{35EAA5D9-0E75-46CC-BE6E-A6C7907DEC2F}) (Version: 1.0.11.0 - Brother Industries Ltd.) Hidden
calibre 64bit (HKLM\...\{C7BF7C24-8307-4921-8DD1-90D678785EB8}) (Version: 2.69.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Photos Backup (HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) Network Connections 20.4.207.0 (HKLM\...\PROSetDX) (Version: 20.4.207.0 - Intel)
Intel(R) Wireless Bluetooth(R)(patch version 18.1.1533.1836) (HKLM\...\{302600C1-6BDF-4FD1-1507-148929CC1385}) (Version: 18.1.1507.0532 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{1b09c4de-9cae-4122-b17c-65d395062b50}) (Version: 2.4.0.15 - Intel)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{03635e3e-3e57-4d80-9c7d-80c9f62bfc80}) (Version: 18.32.0 - Intel Corporation)
ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
jAnrufmonitor 5.0 (HKLM-x32\...\jam50) (Version:  - Thilo Brandt)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kobo (HKLM-x32\...\Kobo) (Version: 3.19.3765 - Rakuten Kobo Inc.)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0.6273 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
Nero 2016 (HKLM-x32\...\{9C637A56-4287-487F-95BF-1422FC1AA879}) (Version: 17.0.04500 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG)
Nero Video 2016 (HKLM-x32\...\{EC30096F-04F3-44D9-8ED5-92E7A257BC3A}) (Version: 17.0.00700 - Nero AG)
NetworkRepairTool (HKLM-x32\...\{F97BCC3B-09E9-4298-8C23-B3CF6538B562}) (Version: 1.2.14.0 - Brother Insutries Ltd.) Hidden
Ontrack EasyRecovery Home (HKLM-x32\...\{B8686BCF-5181-477F-9CBE-786391011B9C}_is1) (Version: 11.5.0.2 - Kroll Ontrack Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
StatusMonitor (HKLM-x32\...\{A6ACA7D8-0F88-4817-908C-3E444C86D29F}) (Version: 1.15.3.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WOT für Internet Explorer (HKLM-x32\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 15.6.9.0 - WOT Services Oy)
X-Lite (HKLM-x32\...\{1F9BFD72-C600-4FF0-AAE2-C0850A127DFB}) (Version: 49.8.2158 - CounterPath Corporation)
X-Lite (HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\X-Lite) (Version: 4.9.8.84253 - CounterPath Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers01: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} =>  -> Keine Datei
ContextMenuHandlers01: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => c:\program files (x86)\kingsoft\kingsoft antivirus\kavmenu64.dll -> Keine Datei
ContextMenuHandlers01: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-01-17] (Apple Inc.)
ContextMenuHandlers01: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers01: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers02: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} =>  -> Keine Datei
ContextMenuHandlers02: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => c:\program files (x86)\kingsoft\kingsoft antivirus\kavmenu64.dll -> Keine Datei
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers04: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} =>  -> Keine Datei
ContextMenuHandlers04: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => c:\program files (x86)\kingsoft\kingsoft antivirus\kavmenu64.dll -> Keine Datei
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers06: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers06: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {039C81F8-137B-48DC-8C3E-8A4FCC0D2E84} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {04C91314-E8C2-4A76-84AA-665AB454B984} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-508946343-2304877640-3111218378-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-08] (Google Inc.)
Task: {06EDE86E-8802-471D-AEA9-CD71ECF7E0F7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {160BDCF8-65DF-43D9-AA72-72C25C0CEA99} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {187CAFF6-0E9D-4F3A-A6F6-CB4728FAFD8D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1E3EAD7C-D306-4B82-A111-3A97DB1D262B} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG)
Task: {2A0B20BE-D7E2-420D-9F21-D81AC55F5A29} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {31BCCE9A-3694-476A-811C-2C1FFFF39365} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {3BCD4EEA-2D7B-4407-AA37-1D2D2F4B292C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {3C1D2CAD-543E-42F5-A41D-2B0CD25D4263} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {417DDB6F-8DB2-4F34-A475-CC779CA3A6D9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4C18ACB8-4F43-4EF5-9602-6B6017D19B2F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4FF2D4E9-2773-4722-8454-1F51EF0FA66D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {56B17168-149B-4862-9D65-EA111707635D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {5D6C6113-DD0F-4DE9-BB9A-4A524557E545} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {63C74BFB-FAD5-4684-9578-7034E2D9E4FF} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {6A92C888-A4AA-40A8-9282-1D7F69776271} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6FA8C108-5877-41AF-9DD0-A4FF096685C8} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {7CD57F83-3DF7-4BCF-BE1E-62639E72445D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {8BCF91AA-14FB-47FA-8F42-3B507DB56C10} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8D99B32E-08A1-41B0-9AEF-80CF468D435C} - \{78090847-0D7E-0E0E-0A11-0F09780E1105} -> Keine Datei <==== ACHTUNG
Task: {8EE664EF-33C3-4ED1-9C97-5A8DA18789E4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {924FC742-A24B-43A1-A23D-E4052990E6D9} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {9EE1B5B9-AAD2-4D63-AFD2-548DFAB8B9B8} - System32\Tasks\BitLocker-LaufwerkverschlüsselungsdienstBasisfiltermodulHintergrundübertragungsdienst => C:\Program Files (x86)\nodejs\node.exe
Task: {A17345A2-32AA-4698-B150-BDDA9EC452A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A6789251-ED74-4456-9E65-A30188D10605} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {AC2BE12C-3026-42C6-AE7F-91074087494C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B2A598EA-6158-4AD7-A55C-188D36A04595} - System32\Tasks\Network Studio => Rundll32.exe "C:\Program Files\Network Studio\Network Studio.dll",oLhToclDx <==== ACHTUNG
Task: {B80F956F-1886-4A4D-A4E3-8D47D5173DCA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BB75AEC3-2FC8-49D6-8C83-8801D9D5CCED} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {C11D6690-3E04-452C-9D8D-1D83C0917031} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {C314F30A-C2C2-4C0E-AD62-C507A9DC2D94} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C99B6C93-1072-49B0-A813-5DFCAEB9768A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {CADB96D4-533A-492B-B357-362D1F797F0C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CC9C0978-3BC0-4430-A169-40B21188E906} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D40840D9-4C7B-42C0-A53E-2872B0E7CDAE} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {D61E2BAD-39B8-4FBA-9ABA-4BE900BF5D5D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {D7918B70-F549-44E8-9350-2A773583F677} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-08] (Google Inc.)
Task: {DCB63324-713C-4A18-A3B8-9A7FD248684D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {DF5A3D11-3C25-41FF-B327-1673DA126B38} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {DF618B88-5216-408A-B815-1DB1558C298C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E0F594C3-0153-4991-9353-AC5604AE6893} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {E242CFE4-607D-43A9-BE9E-44F0F6E88773} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E5C61843-A205-45B6-9BE4-8DF4E9CF5175} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E5F6945B-DB73-414D-8072-914363383AED} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {E9F34D38-A0CC-4177-A8BF-A137721A9D17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {ED40F17D-11AB-4CED-987A-305D0C5603AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F19ABB3F-CC13-4095-B2FB-A741C6ED5785} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F58447E7-3FD7-412B-9130-4DA28221818A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F7A791C2-0CA6-492C-8C91-D7C973985138} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-08] (Google Inc.)
Task: {F7AC0715-FA38-475A-8DF2-F479E8103E5D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jAnrufmonitor 5.0\FRITZ!Box Konfiguration.lnk -> hxxp://fritz.box
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Ехрlоrеr.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.erolpxei.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоoglе Chrome.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunch Intеrnet Ехplоrеr Brоwser.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.erolpxei.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gоoglе Chrоme.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzilla Firefoх.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.xoferif.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Gооglе Сhrоme.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Моzilla Firеfох.lnk -> C:\Users\user\AppData\Roaming\Browsers\exe.xoferif.bat (Keine Datei) <==== Cyrillic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-06-14 14:57 - 2017-06-03 12:01 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-03-15 22:42 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 22:42 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 22:42 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-14 14:57 - 2017-06-03 10:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-06-14 14:57 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-14 14:57 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-07-09 20:09 - 2017-07-09 20:09 - 04110280 _____ () C:\Users\user\Downloads\adwcleaner_6.047.exe
2016-09-27 09:25 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 22:42 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-07-07 11:49 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-07 17:47 - 2016-09-13 14:00 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-07-07 17:47 - 2016-09-13 14:00 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-07-07 17:47 - 2016-09-13 14:00 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-07-07 17:47 - 2017-05-12 11:36 - 00507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 19:18 - 2016-10-05 19:18 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-01-07 02:48 - 2016-01-07 02:48 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-05-19 02:59 - 2017-05-19 02:59 - 00772672 _____ () C:\AdwCleaner\sqlite3.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-07-07 11:36 - 00001146 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 dscdn.pw
127.0.0.1 beautifllink.xyz

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-508946343-2304877640-3111218378-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\Desktop\Bilders\bilders08\bilders08\IMG_00001 (40).JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "AppHelperV7.exe"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKLM\...\StartupApproved\Run32: => "kxesc"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\StartupFolder: => "importantupdates.vbs"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "pdscwl12oxg"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "ttdxeyu31df"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "okwaqdzr0pn"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "qamss3ljvpz"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "JWTERO9PEZU2NR6"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "LIQ7NBNYGIVM52D"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "JU0304DIPETEJCS"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "WDM6B3V5M6FLJVM"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "AF5960LBOHKXWVE"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "ACR63V3CU7SVSQ2"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "L18E0B0XARQ4CTM"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "8TZEWO1DQS31V60"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "19T3PWRYBEU4YCV"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "A864V1V47KY4SKJ"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "fxipxd"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "u00uk4f3ixx"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "jeaxvag3bhy"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "CPKTZ2E4IPWWK09"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "WeatherBuddy"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "we2yboatknt"
HKU\S-1-5-21-508946343-2304877640-3111218378-1000\...\StartupApproved\Run: => "cmswf2zx0ny"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/09/2017 08:56:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 3.0.0.1068, Zeitstempel: 0x59125d35
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.6.2.0, Zeitstempel: 0x58ed4d4f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0018da93
ID des fehlerhaften Prozesses: 0x1b00
Startzeit der fehlerhaften Anwendung: 0x01d2f8e5190a15f2
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: f7cba7e6-e20e-44c9-a71d-177a62c9258b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/09/2017 08:37:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\user\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x80070422).

Error: (07/09/2017 08:22:52 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\user\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x80070422).

Error: (07/09/2017 08:12:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.1358, Zeitstempel: 0x59327901
Name des fehlerhaften Moduls: CoreUIComponents.dll, Version: 0.0.0.0, Zeitstempel: 0x593272ad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000072fda
ID des fehlerhaften Prozesses: 0x1dc0
Startzeit der fehlerhaften Anwendung: 0x01d2f8dc3dc46502
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\CoreUIComponents.dll
Berichtskennung: 270a5027-8c4a-4024-b3de-587c649ac915
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (07/09/2017 04:47:54 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL W3SVC kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (07/09/2017 04:47:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "aspnet_state" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/09/2017 04:47:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ASP.NET_4.0.30319" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/09/2017 04:47:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ASP.NET" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/09/2017 09:15:14 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\System32\sdnclean64.exe". Fehler in Manifest- oder Richtliniendatei "C:\Windows\System32\sdnclean64.exe" in Zeile 2.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (07/09/2017 09:15:14 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll" in Zeile 2.
Das Stammelement der Manifestdatei muss assembliert sein.


Systemfehler:
=============
Error: (07/09/2017 09:16:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/09/2017 09:16:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/09/2017 09:16:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/09/2017 09:16:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/09/2017 09:16:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/09/2017 09:16:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-07-08 10:53:44.746
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:53:44.704
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:53:44.591
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:53:44.576
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:53:42.751
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:53:42.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:48:45.366
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:48:45.322
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:48:45.196
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-08 10:48:45.180
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3764.57 MB
Verfügbarer physikalischer RAM: 1942.15 MB
Summe virtueller Speicher: 7604.57 MB
Verfügbarer virtueller Speicher: 5763.96 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:270.72 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 198CD08C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
TDDS-Killer hat nichts gefunden ...

Vielen Dank für Eure Mühe.

SenergY

cosinus 10.07.2017 10:49
Zitat:
ADWCleaner, Malware-Bytes, Desinfect ct, jrt, Spybot S&D, finden alle nichts mehr
Bitte alle Logs mit Funden posten.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

senergy 10.07.2017 12:20
Hallo,

wie gesagt, alle Logs ohne Fund. Hier ist von Spybot das letzte, das noch einen Fund hatte ..
Code:
[i]        17-07-07 23:34:38               
[i]        17-07-07 23:34:38        Product        Win32.Downloader.gen
[+]        17-07-07 23:34:38        Moving into quarantine        C:\END
[+]        17-07-07 23:34:38        Successfully cleaned        C:\END
[i]        17-07-07 23:34:38               
[i]        17-07-07 23:34:38        Product        DownloadSponsor
[+]        17-07-07 23:34:38        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\OCS\lastPID
[+]        17-07-07 23:34:38        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\OCS\PID
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\OCS\lastPID
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\OCS\PID
[i]        17-07-07 23:34:39               
[i]        17-07-07 23:34:39        Product        PU.DownloadAdmin
[+]        17-07-07 23:34:39        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\DOMStorage\betrad.com
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\DOMStorage\betrad.com
[i]        17-07-07 23:34:39               
[i]        17-07-07 23:34:39        Product        PU.PrivacyRisk.WOT
[+]        17-07-07 23:34:39        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Against Intuition\WOT
[+]        17-07-07 23:34:39        Moving into quarantine        HKEY_CLASSES_ROOT\AppID\WOT.DLL
[+]        17-07-07 23:34:39        Moving into quarantine        HKEY_CLASSES_ROOT\AppID\WOT.DLL
[+]        17-07-07 23:34:39        Moving into quarantine        HKEY_CLASSES_ROOT\PROTOCOLS\Handler\wot
[+]        17-07-07 23:34:39        Moving into quarantine        HKEY_CLASSES_ROOT\PROTOCOLS\Handler\wot
[+]        17-07-07 23:34:39        Moving into quarantine        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Program Files (x86)\WOT\WSS.exe
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Program Files (x86)\WOT\WOT.dll
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Program Files (x86)\WOT\
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\3.3.4_0\wot.js
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Against Intuition\WOT
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_CLASSES_ROOT\AppID\WOT.DLL
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_CLASSES_ROOT\AppID\WOT.DLL
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_CLASSES_ROOT\PROTOCOLS\Handler\wot
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_CLASSES_ROOT\PROTOCOLS\Handler\wot
[+]        17-07-07 23:34:39        Successfully cleaned        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}
[+]        17-07-07 23:34:39        Successfully cleaned        C:\Program Files (x86)\WOT\WSS.exe
[+]        17-07-07 23:34:39        Successfully cleaned        C:\Program Files (x86)\WOT\WOT.dll
[+]        17-07-07 23:34:39        Successfully cleaned        C:\Program Files (x86)\WOT\
[+]        17-07-07 23:34:39        Successfully cleaned        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\3.3.4_0\wot.js
[+]        17-07-07 23:34:39        Successfully cleaned        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\
[i]        17-07-07 23:34:39               
[i]        17-07-07 23:34:39        Product        Macromedia.FlashPlayer.Cookies
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\c.paypal.com\PayPalLSO.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\nx-o.azureedge.net\nexxCACHE_584.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\secureinclude.ebaystatic.com\ebayLSO.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\secureinclude.ebaystatic.com\ebayT.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\www.paypalobjects.com\PayPalLSO.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\c.paypal.com\PayPalLSO.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\nx-o.akamaized.net\nexxCACHE_584.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\secureinclude.ebaystatic.com\ebayLSO.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\secureinclude.ebaystatic.com\ebayT.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\www.helpster.de\analytics.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\www.paypalobjects.com\PayPalLSO.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\aa.online-metrix.net\fpc.swf\session.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\skype.com\#ui\preferences.sol
[+]        17-07-07 23:34:39        Moving into quarantine        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\aa.online-metrix.net\fpc.swf\session.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\c.paypal.com\PayPalLSO.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\nx-o.azureedge.net\nexxCACHE_584.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\secureinclude.ebaystatic.com\ebayLSO.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\secureinclude.ebaystatic.com\ebayT.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\www.paypalobjects.com\PayPalLSO.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\c.paypal.com\PayPalLSO.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\nx-o.akamaized.net\nexxCACHE_584.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\secureinclude.ebaystatic.com\ebayLSO.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\secureinclude.ebaystatic.com\ebayT.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\www.helpster.de\analytics.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\www.paypalobjects.com\PayPalLSO.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\aa.online-metrix.net\fpc.swf\session.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\skype.com\#ui\preferences.sol
[+]        17-07-07 23:34:40        Successfully cleaned        C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRXEVMQE\#AppContainer\aa.online-metrix.net\fpc.swf\session.sol
[i]        17-07-07 23:34:40               
[i]        17-07-07 23:34:40        Product        MediaPlex
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Internet Explorer (Benutzer): user)Cookie:user@mediaplex.com/ ()
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Internet Explorer (Benutzer): user)Cookie:user@emjcd.com/ ()
[+]        17-07-07 23:34:40        Successfully cleaned        Cookie (Internet Explorer (Benutzer): user)Cookie:user@mediaplex.com/ ()
[+]        17-07-07 23:34:40        Successfully cleaned        Cookie (Internet Explorer (Benutzer): user)Cookie:user@emjcd.com/ ()
[i]        17-07-07 23:34:40               
[i]        17-07-07 23:34:40        Product        WebTrends live
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Internet Explorer (Benutzer): user)Cookie:user@statse.webtrendslive.com/ ()
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Thunderbird: user (default))statse.webtrendslive.com/ (ACOOKIE)
[+]        17-07-07 23:34:40        Successfully cleaned        Cookie (Internet Explorer (Benutzer): user)Cookie:user@statse.webtrendslive.com/ ()
[+]        17-07-07 23:34:40        Successfully cleaned        Cookie (Thunderbird: user (default))statse.webtrendslive.com/ (ACOOKIE)
[i]        17-07-07 23:34:40               
[i]        17-07-07 23:34:40        Product        DoubleClick
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Internet Explorer (Benutzer): user)Cookie:user@ad-emea.doubleclick.net/ ()
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Internet Explorer (Benutzer): user)Cookie:user@doubleclick.net/ ()
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Thunderbird: user (default)).doubleclick.net/ (id)
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Thunderbird: user (default)).doubleclick.net/ (IDE)
[+]        17-07-07 23:34:40        Successfully cleaned        Cookie (Internet Explorer (Benutzer): user)Cookie:user@ad-emea.doubleclick.net/ ()
[+]        17-07-07 23:34:40        Successfully cleaned        Cookie (Internet Explorer (Benutzer): user)Cookie:user@doubleclick.net/ ()
[+]        17-07-07 23:34:40        Successfully cleaned        Cookie (Thunderbird: user (default)).doubleclick.net/ (id)
[+]        17-07-07 23:34:40        Successfully cleaned        Cookie (Thunderbird: user (default)).doubleclick.net/ (IDE)
[i]        17-07-07 23:34:40               
[i]        17-07-07 23:34:40        Product        FastClick
[+]        17-07-07 23:34:40        Moving into quarantine        Cookie (Internet Explorer (Benutzer): user)Cookie:user@fastclick.net/ ()
[+]        17-07-07 23:34:41        Successfully cleaned        Cookie (Internet Explorer (Benutzer): user)Cookie:user@fastclick.net/ ()
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        Tradedoubler
[+]        17-07-07 23:34:41        Moving into quarantine        Cookie (Internet Explorer (Benutzer): user)Cookie:user@tradedoubler.com/ ()
[+]        17-07-07 23:34:41        Successfully cleaned        Cookie (Internet Explorer (Benutzer): user)Cookie:user@tradedoubler.com/ ()
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        CasaleMedia
[+]        17-07-07 23:34:41        Moving into quarantine        Cookie (Internet Explorer (Benutzer): user)Cookie:user@casalemedia.com/ ()
[+]        17-07-07 23:34:41        Successfully cleaned        Cookie (Internet Explorer (Benutzer): user)Cookie:user@casalemedia.com/ ()
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        Internet Explorer
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\TypedURLs
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Internet Explorer\TypedURLs
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        MS Management Console
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        MS Direct3D
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        MS DirectDraw
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        MS Office 11.0 (Excel)
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Office\11.0\Excel\Recent Files
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Office\11.0\Excel\Recent Files
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        MS Office 11.0 (Word)
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Office\11.0\Word\Data\Settings
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Office\11.0\Word\Data\Settings
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        MS Paint
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        MS Regedit
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        Windows.OpenWith
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPI\OpenWithList
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPI\OpenWithList
[+]        17-07-07 23:34:41        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]        17-07-07 23:34:41               
[i]        17-07-07 23:34:41        Product        Windows Explorer
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+]        17-07-07 23:34:41        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+]        17-07-07 23:34:42        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
[+]        17-07-07 23:34:42        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+]        17-07-07 23:34:42        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]        17-07-07 23:34:42               
[i]        17-07-07 23:34:42        Product        Windows Media SDK
[+]        17-07-07 23:34:42        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]        17-07-07 23:34:42        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]        17-07-07 23:34:42        Moving into quarantine        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]        17-07-07 23:34:42        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]        17-07-07 23:34:42        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]        17-07-07 23:34:42        Successfully cleaned        HKEY_USERS\S-1-5-21-508946343-2304877640-3111218378-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]        17-07-07 23:34:42               
[i]        17-07-07 23:34:42        Product        Cookie
[+]        17-07-07 23:34:42        Moving into quarantine        Internet Explorer (Benutzer) (user)Cookies
[+]        17-07-07 23:34:42        Moving into quarantine        Firefox (user (default))Cookies
[+]        17-07-07 23:34:42        Moving into quarantine        Thunderbird (user (default))Cookies
[+]        17-07-07 23:34:42        Successfully cleaned        Internet Explorer (Benutzer) (user)Cookies
[+]        17-07-07 23:34:42        Successfully cleaned        Firefox (user (default))Cookies
[+]        17-07-07 23:34:42        Successfully cleaned        Thunderbird (user (default))Cookies
[i]        17-07-07 23:34:42               
[i]        17-07-07 23:34:42        Product        Cache
[+]        17-07-07 23:34:42        Moving into quarantine        Internet Explorer (Benutzer) (user)Cache
[+]        17-07-07 23:34:43        Successfully cleaned        Internet Explorer (Benutzer) (user)Cache
[i]        17-07-07 23:34:43               
[i]        17-07-07 23:34:43        Product        Verlauf
[+]        17-07-07 23:34:43        Moving into quarantine        Internet Explorer (Benutzer) (user)History
[+]        17-07-07 23:34:43        Moving into quarantine        Google Chrome (Default)History
[+]        17-07-07 23:34:43        Successfully cleaned        Internet Explorer (Benutzer) (user)History
[+]        17-07-07 23:34:45        Successfully cleaned        Google Chrome (Default)History
[i]        17-07-07 23:34:45               
[i]        17-07-07 23:34:45        Summary       
[i]        17-07-07 23:34:45        Errors while cleaning        0
[i]        17-07-07 23:34:45        Files moved into quarantine        73
[i]        17-07-07 23:34:45        Files successfully cleaned        73
Noch etwas:

MB blockiert jedes Mal die aufpoppenden Websites von z. B adskeeper.co.uk oder www.betteradssoftware.com mit unterschiedlichsten Ports z. B. 65352 oder 49243.

Vielen Dank für Eure Hilfe im voraus...

cosinus 10.07.2017 13:43
Du hast geschrieben, "sie finden nichts mehr"
Wenn sie nichts mehr finden, bedeutet dass idR, dass sie vorher fündig waren..

senergy 10.07.2017 21:06
Zitat:
Zitat von cosinus (Beitrag 1660624)
Du hast geschrieben, "sie finden nichts mehr"
Wenn sie nichts mehr finden, bedeutet dass idR, dass sie vorher fündig waren..
Ich poste was ich noch habe:
Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 07.07.17
Scan-Zeit: 12:28
Protokolldatei:
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2309
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 14393.1358)
CPU: x64
Dateisystem: NTFS
Benutzer: USER-PC\user

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 446760
Erkannte Bedrohungen: 2363
In die Quarantäne verschobene Bedrohungen: 2359
Abgelaufene Zeit: 14 Min., 48 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 6
PUP.Optional.SystemHealer, C:\PROGRAM FILES (X86)\SYSTEMHEALER\HEALERCONSOLE.EXE, In Quarantäne, [1014], [323145],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\CLEANUPCONSOLE.EXE, In Quarantäne, [455], [311034],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\615a0f5d4094915be22e819763f34e92.exe, In Quarantäne, [376], [411250],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\winsrcsrv.exe, In Quarantäne, [6630], [392905],1.0.2309

Modul: 7
Trojan.Wdfload.Generic, C:\PROGRAM FILES\NETWORK STUDIO\NETWORK STUDIO.DLL, In Quarantäne, [5483], [408840],1.0.2309
PUP.Optional.SystemHealer, C:\PROGRAM FILES (X86)\SYSTEMHEALER\HEALERCONSOLE.EXE, In Quarantäne, [1014], [323145],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\CLEANUPCONSOLE.EXE, In Quarantäne, [455], [311034],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\615a0f5d4094915be22e819763f34e92.exe, In Quarantäne, [376], [411250],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\winsrcsrv.exe, In Quarantäne, [6630], [392905],1.0.2309

Registrierungsschlüssel: 131
PUP.Optional.AppTrailers, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AppTrailers, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.DiskPower, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DiskWMpower_is1, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.YeaDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\YeaDesktop, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}\InprocServer32, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}\InprocServer32, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{8A417349-DFF7-481B-9452-7C65929A04E0}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{37AAE430-CA43-4761-A1AC-3D1367479978}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA63BB9A-AB76-4FEA-B63E-C36B32048DEA}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{37AAE430-CA43-4761-A1AC-3D1367479978}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA63BB9A-AB76-4FEA-B63E-C36B32048DEA}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{37AAE430-CA43-4761-A1AC-3D1367479978}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA63BB9A-AB76-4FEA-B63E-C36B32048DEA}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8A417349-DFF7-481B-9452-7C65929A04E0}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8A417349-DFF7-481B-9452-7C65929A04E0}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\CLSID\{2C6A44CB-AD42-4731-A544-3FBD3D83AB5B}\InprocServer32, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{7B69C0F1-25F9-4938-945D-2D17E71BFA77}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{EC6DF805-99B6-4C7E-BF65-7D8BBB1FBA08}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EC6DF805-99B6-4C7E-BF65-7D8BBB1FBA08}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EC6DF805-99B6-4C7E-BF65-7D8BBB1FBA08}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7B69C0F1-25F9-4938-945D-2D17E71BFA77}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7B69C0F1-25F9-4938-945D-2D17E71BFA77}, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\E3605470-291B-44EB-8648-745EE356599A, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.SwytShop, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SwytShopAlgoadChrome_Pkg3a_is1, In Quarantäne, [3170], [386986],1.0.2309
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\d07e29b06c4dffd33056d7fadf5e7a7e, In Quarantäne, [1797], [336669],1.0.2309
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, In Quarantäne, [1797], [-1],0.0.0
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [102], [170024],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect.1, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\InprocServer32, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\InprocServer32, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\InprocServer32, In Quarantäne, [1608], [406689],1.0.2309
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE}, In Quarantäne, [11], [357968],1.0.2309
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [102], [170024],1.0.2309
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [102], [170024],1.0.2309
Adware.OptimizerEliteMax, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OneSystemCare, In Quarantäne, [455], [311034],1.0.2309
Adware.Wajam.EncJob, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\c335b900ce43950bba5d90035e3a5875, In Quarantäne, [376], [411250],1.0.2309
PUP.Optional.AVBoost, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AVBoost_is1, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.MagicDisk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E4594B8F-F580-4EF7-8787-4A4FF7AE4A8A}, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.SpeeDownloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SDownloader_is1, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.REOptimizer, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CloudExtender, In Quarantäne, [8481], [412227],1.0.2309
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\c335b900ce43950bba5d90035e3a5875, In Quarantäne, [1208], [413748],1.0.2309
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [1013], [254729],1.0.2309
PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\OTHERSEARCH, In Quarantäne, [589], [305744],1.0.2309
PUP.Optional.DownloadProtect.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, In Quarantäne, [9063], [-1],0.0.0
PUP.Optional.DownloadProtect.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, In Quarantäne, [9063], [-1],0.0.0
Adware.BetterAds.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\srcsrv, In Quarantäne, [6630], [392905],1.0.2309
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\DPBHO.DLL, In Quarantäne, [1013], [254729],1.0.2309
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\CONSOLE\TASKENG.EXE, In Quarantäne, [9483], [408199],1.0.2309
PUP.Optional.InterStat, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\InterStat, In Quarantäne, [1447], [260518],1.0.2309
PUP.Optional.OneSystemCare, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\One System Care, In Quarantäne, [489], [311038],1.0.2309
PUP.Optional.SpeeDownloader, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\SpeeDownloader, In Quarantäne, [9045], [387288],1.0.2309
PUP.Optional.SwytShop, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\SwytShop, In Quarantäne, [3170], [386984],1.0.2309
PUP.Optional.Wajam, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\WajIEnhance, In Quarantäne, [102], [244670],1.0.2309
PUP.Optional.YeaDesktop, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\YeaDesktop, In Quarantäne, [1575], [391400],1.0.2309
PUP.Optional.WeatherBuddy, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\ELLS LLC\WeatherBuddy, In Quarantäne, [1585], [383222],1.0.2309
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [1013], [254729],1.0.2309
PUP.Optional.MeSafe, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MESAFE, In Quarantäne, [9220], [389387],1.0.2309
Adware.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\EWMON, In Quarantäne, [934], [412878],1.0.2309
PUP.Optional.ProxyGate, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DragonBoost, In Quarantäne, [1024], [375419],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1B4973C9-86ED-4DB1-B67C-E3EF743FEBF2}, In Quarantäne, [1014], [258707],1.0.2309
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{26A42D67-9F91-4EF6-9955-CA8297EAE7FB}, In Quarantäne, [9299], [407189],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{44018E1B-892B-465A-9B48-8E680902BC8A}, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6B886396-C6B4-4BB8-A8C4-7E648B9458F2}, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{83B9EFE2-7C03-4202-B4A9-E6E4C05872FB}, In Quarantäne, [489], [258705],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8B51D09D-F8C0-4C7D-BCAA-0C6C258EB173}, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{90557C1E-3F89-4695-BFEC-656E4D147A3B}, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9849EF4F-A1CF-41B8-AA46-94B7EBB26F1D}, In Quarantäne, [489], [258705],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ABE8C55B-20ED-449F-8B34-52CC244EE80C}, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C16218C0-3801-4618-8074-BB360C8ADE9C}, In Quarantäne, [2046], [260516],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D17161CF-9F31-4778-A8D7-38B2F822E312}, In Quarantäne, [2046], [344152],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D53D1A35-C190-4AF7-8620-E8C654126DD8}, In Quarantäne, [1014], [258707],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E981306F-A56A-494A-A23C-298D90659682}, In Quarantäne, [489], [258294],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ED9A0C6E-81B4-4ACE-8FF4-C39C2C6551AA}, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.SoftUpgrade, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FA86427E-0D43-4495-B99F-DE371936B144}, In Quarantäne, [1050], [260475],1.0.2309
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [15669], [252393],1.0.2309
Adware.Social2Search, HKLM\SOFTWARE\Soci2Sear Browser Enhancer, In Quarantäne, [2140], [394856],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online Application, In Quarantäne, [575], [360190],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [575], [339688],1.0.2309
Adware.BetterAds.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\winsrcsrv_RASAPI32, In Quarantäne, [6630], [407460],1.0.2309
Adware.BetterAds.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\winsrcsrv_RASMANCS, In Quarantäne, [6630], [407460],1.0.2309
PUP.Optional.YeaDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Yeadesktop_RASAPI32, In Quarantäne, [1575], [409418],1.0.2309
Adware.DNSUnlocker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\11598763487076930564, In Quarantäne, [417], [405303],1.0.2309
Adware.FastDataX.EncJob, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FastDataX_is1, In Quarantäne, [9299], [407193],1.0.2309
Adware.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OtherSearch, In Quarantäne, [2194], [365188],1.0.2309
PUP.Optional.BetterAds, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{376CA350-6C34-4F10-B8DC-586F8CA03009}_is1, In Quarantäne, [512], [383837],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [575], [398592],1.0.2309
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\APPHELPER, In Quarantäne, [2], [386422],1.0.2309
PUP.Optional.WeatherBuddy, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{58E801CB-F746-428A-9211-E69469B220BB}, In Quarantäne, [1585], [391424],1.0.2309
PUP.Optional.AppTrailers, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\APPDATALOW\SOFTWARE\AppTrailers, In Quarantäne, [887], [324090],1.0.2309
PUP.Optional.InterStat, HKU\S-1-5-21-508946343-2304877640-3111218378-1000_Classes\APPLICATIONS\interstat.exe, In Quarantäne, [1447], [261503],1.0.2309
PUP.Optional.InterStat, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\INTERSTAT, In Quarantäne, [1447], [260751],1.0.2309
PUP.Optional.SystemHealer, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\SYSTEM HEALER, In Quarantäne, [1014], [261796],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B, In Quarantäne, [152], [411159],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B2, In Quarantäne, [152], [411159],1.0.2309
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FastDataX Task, In Quarantäne, [9299], [407190],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GEN, In Quarantäne, [2046], [344165],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GEN_Interval, In Quarantäne, [2046], [260517],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Monitor, In Quarantäne, [489], [241385],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Run Delay, In Quarantäne, [489], [241385],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Task, In Quarantäne, [489], [241385],1.0.2309
PUP.Optional.SoftUpgrade, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SoftUpgrade, In Quarantäne, [1050], [260476],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System Healer Task, In Quarantäne, [1014], [252787],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System HealerPeriod, In Quarantäne, [1014], [252787],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System HealerStartUp, In Quarantäne, [1014], [252787],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SystemHealer Monitor, In Quarantäne, [1014], [252788],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SystemHealer Run Delay, In Quarantäne, [1014], [252788],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\U2_2C6A44CB-AD42-4731-A544-3FBD3D83AB5B, In Quarantäne, [152], [411159],1.0.2309
Rootkit.Komodia.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Lace514, In Quarantäne, [1817], [365194],1.0.2309
Adware.OtherSearch, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\OtherSearch, In Quarantäne, [2194], [365184],1.0.2309
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [15669], [252393],1.0.2309
PUP.Optional.ChinAd, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cfidsk, In Quarantäne, [115], [412913],1.0.2309
PUP.Optional.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\wewewe, In Quarantäne, [88], [339689],1.0.2309
Adware.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\BIGTIME, In Quarantäne, [934], [412877],1.0.2309
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gplyra, In Quarantäne, [206], [317317],1.0.2309

Registrierungswert: 67
PUP.Optional.AppTrailers, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AppTrailers, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.DiskPower, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DiskPower, In Quarantäne, [1019], [405182],1.0.2309
Adware.Wajam.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [1797], [-1],0.0.0
Adware.Wajam.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, In Quarantäne, [1797], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE}, In Quarantäne, [11], [357968],1.0.2309
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, In Quarantäne, [11], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, In Quarantäne, [11], [-1],0.0.0
Trojan.ProxyAgent, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fxipxd, In Quarantäne, [242], [413307],1.0.2309
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{879474B0-EB65-487E-AF91-C69159DFE6F3}, In Quarantäne, [14787], [237883],1.0.2309
PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\OTHERSEARCH|AFFID, In Quarantäne, [589], [305744],1.0.2309
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\CONSOLE\TASKENG.EXE|WINDOWPOSITION, In Quarantäne, [9483], [408199],1.0.2309
PUP.Optional.MeSafe, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MESAFE|STATUS, In Quarantäne, [9220], [389387],1.0.2309
Adware.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\EWMON|PARTNER, In Quarantäne, [934], [412878],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1B4973C9-86ED-4DB1-B67C-E3EF743FEBF2}|PATH, In Quarantäne, [1014], [258707],1.0.2309
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{26A42D67-9F91-4EF6-9955-CA8297EAE7FB}|PATH, In Quarantäne, [9299], [407189],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{44018E1B-892B-465A-9B48-8E680902BC8A}|PATH, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6B886396-C6B4-4BB8-A8C4-7E648B9458F2}|PATH, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{83B9EFE2-7C03-4202-B4A9-E6E4C05872FB}|PATH, In Quarantäne, [489], [258705],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8B51D09D-F8C0-4C7D-BCAA-0C6C258EB173}|PATH, In Quarantäne, [1014], [258706],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{90557C1E-3F89-4695-BFEC-656E4D147A3B}|PATH, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9849EF4F-A1CF-41B8-AA46-94B7EBB26F1D}|PATH, In Quarantäne, [489], [258705],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ABE8C55B-20ED-449F-8B34-52CC244EE80C}|PATH, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C16218C0-3801-4618-8074-BB360C8ADE9C}|PATH, In Quarantäne, [2046], [260516],1.0.2309
PUP.Optional.Geniv, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D17161CF-9F31-4778-A8D7-38B2F822E312}|PATH, In Quarantäne, [2046], [344152],1.0.2309
PUP.Optional.SystemHealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D53D1A35-C190-4AF7-8620-E8C654126DD8}|PATH, In Quarantäne, [1014], [258707],1.0.2309
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E981306F-A56A-494A-A23C-298D90659682}|PATH, In Quarantäne, [489], [258294],1.0.2309
PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ED9A0C6E-81B4-4ACE-8FF4-C39C2C6551AA}|PATH, In Quarantäne, [152], [411161],1.0.2309
PUP.Optional.SoftUpgrade, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FA86427E-0D43-4495-B99F-DE371936B144}|PATH, In Quarantäne, [1050], [260475],1.0.2309
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GPLYRA, In Quarantäne, [206], [183449],1.0.2309
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, [15669], [252393],1.0.2309
PUP.Optional.YeaDesktop.ClnShrt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|YEADESKTOP.EXE, In Quarantäne, [1397], [396226],1.0.2309
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AVBoost_is1|PUBLISHER, In Quarantäne, [1342], [405215],1.0.2309
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DiskWMpower_is1|PUBLISHER, In Quarantäne, [1342], [405215],1.0.2309
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SDownloader_is1|PUBLISHER, In Quarantäne, [1342], [405215],1.0.2309
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\APPHELPER|DISPLAYICON, In Quarantäne, [2], [386422],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, In Quarantäne, [575], [333852],1.0.2309
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, In Quarantäne, [575], [321304],1.0.2309
PUP.Optional.WeatherBuddy, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{58E801CB-F746-428A-9211-E69469B220BB}|URLINFOABOUT, In Quarantäne, [1585], [391424],1.0.2309
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, In Quarantäne, [9483], [408201],1.0.2309
PUP.Optional.GoSearchMe, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|INTERSTAT, In Quarantäne, [7042], [234282],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|A864V1V47KY4SKJ, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|JWTERO9PEZU2NR6, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CPKTZ2E4IPWWK09, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|19T3PWRYBEU4YCV, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|8TZEWO1DQS31V60, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|L18E0B0XARQ4CTM, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AF5960LBOHKXWVE, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|JU0304DIPETEJCS, In Quarantäne, [1342], [392931],1.0.2309
Adware.Tuto4PC.Generic, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|LIQ7NBNYGIVM52D, In Quarantäne, [1342], [392931],1.0.2309
PUP.Optional.WeatherBuddy, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WEATHERBUDDY, In Quarantäne, [1585], [402804],1.0.2309
PUP.Optional.InterStat, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\INTERSTAT|DISPLAYICON, In Quarantäne, [1447], [260751],1.0.2309
PUP.Optional.SystemHealer, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\SYSTEM HEALER|CARTURL, In Quarantäne, [1014], [261796],1.0.2309
Adware.BetterAds.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SRCSRV|IMAGEPATH, In Quarantäne, [6630], [392906],1.0.2309
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, [15669], [252393],1.0.2309
Adware.Tuto4PC, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\BIGTIME|PARTNER, In Quarantäne, [934], [412877],1.0.2309
PUP.Optional.AppTrailers, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|2, In Quarantäne, [887], [393166],1.0.2309
PUP.Optional.AppTrailers, HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|3, In Quarantäne, [887], [393166],1.0.2309
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\c335b900ce43950bba5d90035e3a5875|DISPLAYNAME, In Quarantäne, [15891], [261569],1.0.2309

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 564
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\3660f7c5-2847-0, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\3660f7c5-5f27-1, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\3660f7c5-7bb7-0, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\f89769b1-0305-1, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\f89769b1-2db5-0, In Quarantäne, [9291], [407181],1.0.2309
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\PROGRAMDATA\Microleaves, In Quarantäne, [9515], [399763],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\ROAMING\AppTrailers, In Quarantäne, [887], [370632],1.0.2309
Adware.NetAdapter, C:\Users\user\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install\B768EFA, In Quarantäne, [4427], [398043],1.0.2309
Adware.NetAdapter, C:\Users\user\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install, In Quarantäne, [4427], [398043],1.0.2309
Adware.NetAdapter, C:\USERS\USER\APPDATA\ROAMING\devnull\NetAdapterUpdate 2.7.0, In Quarantäne, [4427], [398043],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\ROAMING\gplyra, In Quarantäne, [206], [316518],1.0.2309
PUP.Optional.InterStat, C:\USERS\USER\APPDATA\ROAMING\InterStat, In Quarantäne, [1447], [182327],1.0.2309
Adware.OnlineIO, C:\Users\user\AppData\Roaming\Microleaves\Online Application 2.6.0\install\CFCBAA1, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\Users\user\AppData\Roaming\Microleaves\Online Application 2.6.0\install, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\Users\user\AppData\Roaming\Microleaves\Online Application 2.6.0, In Quarantäne, [9515], [399763],1.0.2309
Adware.OnlineIO, C:\USERS\USER\APPDATA\ROAMING\Microleaves, In Quarantäne, [9515], [399763],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\USERS\USER\APPDATA\ROAMING\One System Care, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\WL, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\USER\APPDATA\ROAMING\System Healer, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.DiskPower, C:\PROGRAM FILES (X86)\DiskWMpower, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.SystemHealer, C:\PROGRAM FILES (X86)\SystemHealer, In Quarantäne, [1014], [182463],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\PROGRAM FILES (X86)\YeaDesktop, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\es_419, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en_US, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en_GB, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt_BR, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt_PT, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\zh_CN, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\zh_TW, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fil, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\be, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\bg, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\bn, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ca, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\cs, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\da, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\de, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\el, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\es, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\et, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fa, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fi, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\gu, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\he, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hu, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\id, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\it, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ja, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\kn, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ko, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\lt, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\lv, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\mk, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ml, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\mr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ms, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\nl, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\no, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pl, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hi, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ro, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ru, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sk, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sl, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sq, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sv, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sw, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ta, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\te, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\th, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\tr, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\uk, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\vi, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\am, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ar, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\PROGRAM FILES (X86)\YubeAlckIE, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\PROGRAM FILES (X86)\YubeAlckU, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\PROGRAM FILES (X86)\YubeAlckU2, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\PROGRAM FILES (X86)\YubeAlckUn, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\USERS\USER\APPDATA\LOCAL\kemgadeojglibflomicgnfeopkdfflnk, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\Programs\SwytShopAlgoadChrome_Pkg3a, In Quarantäne, [3170], [386986],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\LOCAL\WeatherBuddy, In Quarantäne, [1585], [383210],1.0.2309
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [575], [391425],1.0.2309
PUP.Optional.SystemHealer, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SYSTEM HEALER, In Quarantäne, [1014], [181295],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\META-INF, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PSYSOD7O.DEFAULT\EXTENSIONS\AMCONTEXTMENU@LOUCYPHER, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.InterStat, C:\Users\user\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_392\Logs, In Quarantäne, [1447], [373566],1.0.2309
PUP.Optional.InterStat, C:\USERS\USER\APPDATA\LOCAL\CRASHRPT\UNSENTCRASHREPORTS\Interstatnogui_392, In Quarantäne, [1447], [373566],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\WEATHERBUDDY, In Quarantäne, [1585], [383211],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\_metadata, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\GOBBNICJOIJCFNDFMMFJNFGLDGCNJIBL, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL EXTENSION SETTINGS\GOBBNICJOIJCFNDFMMFJNFGLDGCNJIBL, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.YeaDesktop, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\YEADESKTOP, In Quarantäne, [1575], [391395],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\es_419, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en_US, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en_GB, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt_BR, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt_PT, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\zh_CN, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\zh_TW, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fil, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\be, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\bg, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\bn, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ca, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\cs, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\da, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\de, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\el, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\es, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\et, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fa, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fi, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\gu, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\he, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hu, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\id, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\it, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ja, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\kn, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ko, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\lt, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\lv, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\mk, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ml, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\mr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ms, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\nl, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\no, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pl, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hi, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ro, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ru, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sk, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sl, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sq, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sv, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sw, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ta, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\te, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\th, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\tr, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\uk, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\vi, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\am, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ar, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_metadata, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\icons, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NHGOKGCNPLBFNKJPEJJGAFOGEECGAINI, In Quarantäne, [152], [411851],1.0.2309
Adware.ChinAd, C:\ProgramData\Thunder Network\DownloadLib, In Quarantäne, [1178], [374745],1.0.2309
Adware.ChinAd, C:\PROGRAMDATA\THUNDER NETWORK, In Quarantäne, [1178], [374745],1.0.2309
PUP.Optional.StartPage, C:\USERS\USER\APPDATA\ROAMING\BROWSERMODULE, In Quarantäne, [60], [335017],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\INSTALLER\{58E801CB-F746-428A-9211-E69469B220BB}, In Quarantäne, [1585], [388254],1.0.2309
PUP.Optional.Browsers, C:\USERS\USER\APPDATA\ROAMING\SPI, In Quarantäne, [3080], [372176],1.0.2309
Adware.Wajam.EncJob, C:\PROGRAM FILES\C335B900CE43950BBA5D90035E3A5875, In Quarantäne, [376], [411250],1.0.2309
PUP.Optional.AVBoost, C:\PROGRAM FILES (X86)\AVBOOST, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.MagicDisk, C:\PROGRAM FILES (X86)\MGDISK, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.SpeeDownloader, C:\PROGRAM FILES (X86)\SDOWNLOADER, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.OneSystemCare, C:\PROGRAM FILES (X86)\ONESYSTEMCARE, In Quarantäne, [489], [241378],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\HSKMU3XCC5, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\ISF20CBK67, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\JLP5RM36NK, In Quarantäne, [1342], [409262],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\assert-plus, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\tools, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\man, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\support, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\tst, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\forever-agent, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tunnel-agent, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\aws-sign2, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\block-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\storage, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW9492_2366, In Quarantäne, [2900], [371306],1.0.2309

senergy 10.07.2017 21:09
Code:
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW9492_2366, In Quarantäne, [2900], [371306],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\IHL6NWKPBA, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\T21IM4CX6O, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\W9DITSWDJD, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\XUXFHQTTVA, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\_isetup, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-SVVBE.TMP, In Quarantäne, [1342], [409261],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\assert-plus, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\tools, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\man, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\support, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\tst, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\forever-agent, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tunnel-agent, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\example, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\aws-sign2, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\block-stream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\examples, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\storage, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW2948_2744, In Quarantäne, [2900], [371306],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\QN0AJ7S0LM, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\WSIDELBT20, In Quarantäne, [1342], [409262],1.0.2309
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DA7F3B78-5402-4F30-B3DC-8489ADE15F23}, In Quarantäne, [1013], [237879],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\index-dir, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\LOCAL\APPTRAILERS, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.Geniv, C:\USERS\USER\APPDATA\LOCAL\PROGRAMS\GEN, In Quarantäne, [2046], [386985],1.0.2309
PUP.Optional.SoftUpgrade, C:\PROGRAM FILES (X86)\SOFTUPGRADE, In Quarantäne, [1050], [260472],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES\{545946F8-1228-47CA-BE36-0B4409D2DB3A}, In Quarantäne, [1605], [334834],1.0.2309
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3F535162-AF5C-4FC0-896D-26D6D0F440A8}, In Quarantäne, [1013], [237878],1.0.2309
PUP.Optional.OneSystemCare, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ONE SYSTEM CARE, In Quarantäne, [489], [241379],1.0.2309
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\INSTALLER\{1600AC33-F9DD-4B39-87C5-3228E9E5942C}, In Quarantäne, [9063], [255640],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\WINDOWS\SRC_SRV, In Quarantäne, [6630], [392905],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES, In Quarantäne, [9515], [399420],1.0.2309
PUP.Optional.MagicDisk, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MGDISK, In Quarantäne, [8175], [413772],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\es_419, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en_US, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\zh_CN, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt_PT, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en_GB, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt_BR, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\zh_TW, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fil, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\am, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ar, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\be, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\bg, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\bn, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ca, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\cs, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\da, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\de, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\el, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\es, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\et, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fa, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fi, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\gu, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\he, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hu, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\id, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\it, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ja, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\kn, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ko, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\lt, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\lv, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\mk, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ml, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\mr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ms, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\nl, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\no, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pl, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ro, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ru, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sk, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sl, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sq, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sv, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sw, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ta, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\te, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\th, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\tr, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\uk, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\vi, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hi, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\icons, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\files, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\BROWSER\FEATURES\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\APPTRAILERS, In Quarantäne, [887], [324491],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\PROGRAM FILES (X86)\{ABE209A6-4D9B-41F1-AD2B-15940E313E79}, In Quarantäne, [1605], [334834],1.0.2309

Datei: 1588
Trojan.Wdfload.Generic, C:\PROGRAM FILES\NETWORK STUDIO\NETWORK STUDIO.DLL, In Quarantäne, [5483], [408840],1.0.2309
PUP.Optional.SystemHealer, C:\PROGRAM FILES (X86)\SYSTEMHEALER\HEALERCONSOLE.EXE, In Quarantäne, [1014], [323145],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\{78090847-0D7E-0E0E-0A11-0F09780E1105}, In Quarantäne, [1014], [-1],0.0.0
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\3660f7c5-2847-0\BIT9A81.tmp, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Entfernung fehlgeschlagen, [9291], [-1],0.0.0
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Entfernung fehlgeschlagen, [9291], [-1],0.0.0
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\3660f7c5-5f27-1\BIT99B5.tmp, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\3660f7c5-7bb7-0\BIT9AD0.tmp, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\f89769b1-0305-1\BIT6BE6.tmp, In Quarantäne, [9291], [407181],1.0.2309
PUP.Optional.BitsInstall.BITSRST, C:\ProgramData\f89769b1-2db5-0\BIT6E0A.tmp, In Quarantäne, [9291], [407181],1.0.2309
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates\basic_updates.aiu, In Quarantäne, [9515], [399763],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\CLEANUPCONSOLE.EXE, In Quarantäne, [455], [311034],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\hr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\am.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ar.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\bg.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\bn.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ca.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\cs.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\da.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\de.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\el.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\en-GB.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\en-US.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\es-419.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\es.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\et.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\fa.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\fi.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\fil.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\fr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\gu.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\hi.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\hu.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\id.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\it.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\iw.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ja.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\kn.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ko.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\lt.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\lv.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ml.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\mr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ms.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\nl.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\no.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\pl.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\pt-BR.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\pt-PT.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ro.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ru.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sk.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sl.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sv.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\sw.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\ta.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\te.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\th.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\tr.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\uk.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\vi.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\zh-CN.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\locales\zh-TW.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\AppTrailers.exe, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\ffmpegsumo.dll, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\icudtl.dat, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\nw.pak, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\storage.json, In Quarantäne, [887], [370632],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\AppTrailers\Uninstall.exe, In Quarantäne, [887], [370632],1.0.2309
Adware.NetAdapter, C:\Users\user\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install\B768EFA\NetAdapterUpdate_setup.msi, In Quarantäne, [4427], [398043],1.0.2309
PUP.Optional.BitCoinMiner, C:\Users\user\AppData\Roaming\gplyra\config.json, In Quarantäne, [206], [316518],1.0.2309
PUP.Optional.BitCoinMiner, C:\Users\user\AppData\Roaming\gplyra\gplyra-uninst.exe, In Quarantäne, [206], [316518],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Danish.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Dutch.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\English.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\French.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\German.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Italian.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Norwegian.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Parameters.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Portuguese.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Spanish.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\Swedish.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\tmpLang.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.OneSystemCare, C:\Users\user\AppData\Roaming\One System Care\Languages\tmpParam.json, In Quarantäne, [489], [178764],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Danish.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Dutch.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\English.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\French.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\German.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Italian.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Norwegian.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Parameters.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Portuguese.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Spanish.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\Swedish.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\tmpLang.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\Languages\tmpParam.json, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\CallBanner.png, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.SystemHealer, C:\Users\user\AppData\Roaming\System Healer\FinishedScan.png, In Quarantäne, [1014], [181294],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\DiskPower.exe, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\DiskPower.exe.conf, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\LinqBridge.dll, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\unins000.dat, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\unins000.exe, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\uninstaller.exe, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.DiskPower, C:\Program Files (x86)\DiskWMpower\uninstaller.exe.config, In Quarantäne, [1019], [405182],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common\apphoverbk.png, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common\BkgSelectedHover.png, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common\BkgSelectedNormal.png, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\common\BkgSelectedPressed.png, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\config.xml, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\HelpTool.dll, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\unins000.dat, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.YeaDesktop, C:\Program Files (x86)\YeaDesktop\unins000.exe, In Quarantäne, [1575], [391396],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files\background.js, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files\foreground.js, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files\main.css, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\files\proxy.js, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hi\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\am\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ar\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\be\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\bg\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\bn\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ca\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\cs\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\da\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\de\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\el\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en_GB\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\en_US\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\es\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\es_419\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\et\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fa\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fi\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fil\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\fr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\gu\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\he\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\hu\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\id\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\it\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ja\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\kn\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ko\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\lt\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\lv\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\mk\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ml\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\mr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ms\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\nl\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\no\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pl\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt_BR\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\pt_PT\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ro\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ru\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sk\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sl\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sq\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sv\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\sw\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\ta\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\te\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\th\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\tr\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\uk\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\vi\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\zh_CN\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\_locales\zh_TW\messages.json, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\background.html, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\files\Kernel.js, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\h42Ia.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\icon16.ico, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\k42rheDK2.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\m3d5qEIR4.exe, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckIE\tbgv9T7gw.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckU\Dh81QPf.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckU2\jqaOdxC.dll, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.NeoBar.Generic, C:\Program Files (x86)\YubeAlckUn\uninstall.exe, In Quarantäne, [1696], [407926],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.Elex.ClnShrt, C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js, In Quarantäne, [1395], [328066],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a\captcha.hta, In Quarantäne, [3170], [386986],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a\unins000.dat, In Quarantäne, [3170], [386986],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a\unins000.exe, In Quarantäne, [3170], [386986],1.0.2309
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, In Quarantäne, [575], [391425],1.0.2309
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, In Quarantäne, [575], [391425],1.0.2309
Adware.Wajam.Generic, C:\WINDOWS\SYSTEM32\DRIVERS\D07E29B06C4DFFD33056D7FADF5E7A7E.SYS, In Quarantäne, [1797], [336669],1.0.2309
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\SDOWNLOADER\SPEEDOWNLOADER.EXE, In Quarantäne, [934], [384257],1.0.2309
Adware.NETNS, C:\PROGRAM FILES (X86)\{ABE209A6-4D9B-41F1-AD2B-15940E313E79}\{1939150D-3AAB-4392-966A-0BAF706E8166}.BIN, In Quarantäne, [1608], [406689],1.0.2309
Adware.NETNS, C:\PROGRAM FILES\{545946F8-1228-47CA-BE36-0B4409D2DB3A}\{DB540A5C-3E6C-43F0-B7BF-9511A0E18CF7}.BIN, In Quarantäne, [1608], [406689],1.0.2309
Trojan.ProxyAgent, C:\USERS\USER\APPDATA\LOCAL\FXIPXD.DLL, In Quarantäne, [242], [413307],1.0.2309
PUP.Optional.SystemHealer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer\Launch System Healer.lnk, In Quarantäne, [1014], [181295],1.0.2309
PUP.Optional.SystemHealer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer\System Healer on the Web.url, In Quarantäne, [1014], [181295],1.0.2309
Adware.Eszjuxuan, C:\PROGRAMDATA\SERVICE.EXE, In Quarantäne, [43], [397967],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content\browser.xul, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content\content.js, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content\icon-48.png, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\content\icon-64.png, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\META-INF\manifest.mf, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\META-INF\mozilla.rsa, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\META-INF\mozilla.sf, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\0024397e, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\chrome.manifest, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.FastSearch, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\extensions\amcontextmenu@loucypher\install.rdf, In Quarantäne, [1180], [329326],1.0.2309
PUP.Optional.WeatherBuddy, C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBuddy\WeatherBuddy.lnk, In Quarantäne, [1585], [383211],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image\createInImage.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image\createInImage.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image\in-image.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-image\in-image.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\createInText.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\createInText.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\findAndReplaceDOMText.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\in-text.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\in-text.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\opentip-native.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\in-text\opentip.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\google.css, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\google.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\index.js, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\popup.html, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\algoad\token.json, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\_metadata\computed_hashes.json, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\_metadata\verified_contents.json, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\icon.png, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl\4.1.9.2_0\manifest.json, In Quarantäne, [3170], [384263],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\000003.log, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\CURRENT, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\LOCK, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\LOG, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\LOG.old, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.SwytShop, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl\MANIFEST-000001, In Quarantäne, [3170], [384264],1.0.2309
PUP.Optional.YeaDesktop, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YeaDesktop\Uninstall YeaDesktop.lnk, In Quarantäne, [1575], [391395],1.0.2309
PUP.Optional.YeaDesktop, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YeaDesktop\YeaDesktop.lnk, In Quarantäne, [1575], [391395],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\icons\icon128.png, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\icons\icon16.png, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\icons\icon48.png, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hi\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\am\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ar\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\be\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\bg\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\bn\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ca\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\cs\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\da\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\de\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\el\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\background.js, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\Content.js, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\foreground.js, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\Kernel.js, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\main.css, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en_GB\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\en_US\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\es\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\es_419\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\et\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fa\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fi\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fil\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\fr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\gu\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\he\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\hu\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\id\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\it\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ja\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\kn\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ko\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\lt\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\lv\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\mk\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ml\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\mr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ms\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\nl\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\no\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pl\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt_BR\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\pt_PT\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ro\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ru\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sk\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sl\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sq\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sv\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\sw\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\ta\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\te\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\th\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\tr\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\uk\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\vi\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\zh_CN\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_locales\zh_TW\messages.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_metadata\computed_hashes.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\_metadata\verified_contents.json, In Quarantäne, [152], [411851],1.0.2309
PUP.Optional.NeoBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgokgcnplbfnkjpejjgafogeecgaini\1.21_0\manifest.json, In Quarantäne, [152], [411851],1.0.2309
Trojan.BitCoinMiner, C:\PROGRAMDATA\MICRO FOUNDATION\OPEN.EXE, In Quarantäne, [98], [412551],1.0.2309
Adware.ChinAd, C:\PROGRAMDATA\THUNDER NETWORK\DOWNLOADLIB\PUB_STORE.DAT, In Quarantäne, [1178], [374745],1.0.2309
PUP.Optional.StartPage, C:\USERS\USER\APPDATA\ROAMING\BROWSERMODULE\COMPONENT.LOG, In Quarantäne, [60], [335017],1.0.2309
PUP.Optional.Browsers.Generic, C:\USERS\USER\APPDATA\ROAMING\BROWSERS\EXE.RESWORBAIDEM.BAT, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\brlauncher.bat.exe, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\exe.emorhc.bat, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\exe.erolpxei.bat, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\exe.rehcnualrb.bat, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\exe.xoferif.bat, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\firefox.bat.exe, In Quarantäne, [2236], [357611],1.0.2309
PUP.Optional.Browsers.Generic, C:\Users\user\AppData\Roaming\Browsers\mediabrowser.bat.exe, In Quarantäne, [2236], [357611],1.0.2309
Adware.Wajam, C:\PROGRAM FILES\C335B900CE43950BBA5D90035E3A5875\FF042E19EF1935131D4C17528713C7AD.EXE, In Quarantäne, [1208], [413748],1.0.2309
Trojan.BitCoinMiner, C:\USERS\USER\APPDATA\ROAMING\IMPORTANTUPDATES\DATA.EXE, In Quarantäne, [98], [413064],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\UNINSTALLER.EXE, In Quarantäne, [455], [311034],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\INSTALLER\{58E801CB-F746-428A-9211-E69469B220BB}\WEATHERBUDDY.ICO, In Quarantäne, [1585], [388254],1.0.2309
PUP.Optional.OneSystemCare, C:\USERS\PUBLIC\DESKTOP\LAUNCH ONE SYSTEM CARE.LNK, In Quarantäne, [489], [241377],1.0.2309
PUP.Optional.Browsers, C:\USERS\USER\APPDATA\ROAMING\SPI\FF.ICO, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\amig.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\ch.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\ie.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\kom.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\op.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\op12.ico, In Quarantäne, [3080], [372176],1.0.2309
PUP.Optional.Browsers, C:\Users\user\AppData\Roaming\SPI\ya.ico, In Quarantäne, [3080], [372176],1.0.2309
Adware.Wajam.EncJob, C:\PROGRAM FILES\C335B900CE43950BBA5D90035E3A5875\WBE_UNINSTALL.DAT, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\56370213dd8220f7c8c8cf88e673965a, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\615a0f5d4094915be22e819763f34e92.exe, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\d44f649368745e773100a1eeb853f8bd.ico, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\dd56f7b76ecb92a047caa128430a8e1b.exe, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\service.dat, In Quarantäne, [376], [411250],1.0.2309
Adware.Wajam.EncJob, C:\Program Files\c335b900ce43950bba5d90035e3a5875\service_64.dat, In Quarantäne, [376], [411250],1.0.2309
PUP.Optional.AVBoost, C:\PROGRAM FILES (X86)\AVBOOST\UNINSTALLER.EXE.CONFIG, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.AVBoost, C:\Program Files (x86)\AVBoost\AVBoost.exe, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.AVBoost, C:\Program Files (x86)\AVBoost\unins000.dat, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.AVBoost, C:\Program Files (x86)\AVBoost\unins000.exe, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.AVBoost, C:\Program Files (x86)\AVBoost\uninstaller.exe, In Quarantäne, [9528], [404618],1.0.2309
PUP.Optional.MagicDisk, C:\USERS\PUBLIC\DESKTOP\MGDISK.LNK, In Quarantäne, [8175], [413774],1.0.2309
PUP.Optional.MagicDisk, C:\PROGRAM FILES (X86)\MGDISK\MGDISK.EXE, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\inst.db, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdinst.dll, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdisk.db3, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\mgdisk.ssf, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\sqlite3.dll, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\uninst.exe, In Quarantäne, [8175], [403629],1.0.2309
PUP.Optional.MagicDisk, C:\Program Files (x86)\mgdisk\zlib.dll, In Quarantäne, [8175], [403629],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\ONESYSTEMCARE.EXE, In Quarantäne, [455], [311034],1.0.2309

senergy 10.07.2017 21:10
Code:
PUP.Optional.SpeeDownloader, C:\PROGRAM FILES (X86)\SDOWNLOADER\UNINS000.DAT, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.SpeeDownloader, C:\Program Files (x86)\SDownloader\unins000.exe, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.SpeeDownloader, C:\Program Files (x86)\SDownloader\uninstaller.exe, In Quarantäne, [9045], [413426],1.0.2309
PUP.Optional.SpeeDownloader, C:\Program Files (x86)\SDownloader\uninstaller.exe.config, In Quarantäne, [9045], [413426],1.0.2309
Adware.Agent, C:\PROGRAM FILES (X86)\SOFTUPGRADE\SOFTUP.EXE, In Quarantäne, [258], [407435],1.0.2309
Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\SYSTEMCONSOLE.EXE, In Quarantäne, [455], [311034],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\PUBLIC\DESKTOP\LAUNCH SYSTEM HEALER.LNK, In Quarantäne, [1014], [252782],1.0.2309
PUP.Optional.OneSystemCare, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\ONESYSTEMCARE.INI, In Quarantäne, [489], [241378],1.0.2309
PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\cancel.bmp, In Quarantäne, [489], [241378],1.0.2309
PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\osc.ico, In Quarantäne, [489], [241378],1.0.2309
PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\uninstall.bmp, In Quarantäne, [489], [241378],1.0.2309
PUP.Optional.SpeedingUpMyPC, C:\USERS\USER\APPDATA\LOCAL\TEMP\7SX5R5EP-PROG.EXE, In Quarantäne, [942], [389100],1.0.2309
PUP.Optional.Amonetize, C:\USERS\USER\APPDATA\LOCAL\TEMP\AMIPIXEL.CFG, In Quarantäne, [6], [302488],1.0.2309
PUP.Optional.SpeedingUpMyPC, C:\USERS\USER\APPDATA\LOCAL\TEMP\INTER_SILENT_UNI.EXE, In Quarantäne, [942], [389100],1.0.2309
Adware.Agent.E, C:\WINDOWS\SYSTEM32\R6LSTMP4.DAT, Entfernung fehlgeschlagen, [4260], [412507],1.0.2309
PUP.Optional.BetterAds, C:\USERS\USER\APPDATA\LOCAL\TEMP\SRC_SRV_MARKETATOR.EXE, In Quarantäne, [512], [391675],1.0.2309
PUP.Optional.VideoBox, C:\USERS\USER\APPDATA\LOCAL\TEMP\VB-SETUP.EXE, In Quarantäne, [2338], [402806],1.0.2309
Trojan.Agent.WSB, C:\WINDOWS\SYSWOW64\KBDMAC64.DLL, In Quarantäne, [9854], [127813],1.0.2309
Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\7SX5R5EP-UPD.EXE, In Quarantäne, [258], [407435],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\LOCAL\TEMP\APPTRAILERS.9.1.10AMT.EXE, In Quarantäne, [887], [338239],1.0.2309
Adware.Genius, C:\USERS\USER\APPDATA\LOCAL\TEMP\GENIUS2.JS, In Quarantäne, [9137], [387358],1.0.2309
PUP.Optional.SpeedingUpMyPC, C:\USERS\USER\APPDATA\LOCAL\TEMP\HZDG8KAV-PROG.EXE, In Quarantäne, [942], [389100],1.0.2309
PUP.Optional.MeSafe, C:\USERS\USER\APPDATA\LOCAL\TEMP\MESAFE.EXE, In Quarantäne, [9220], [389383],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\AVBOOST.EXE, In Quarantäne, [1342], [413462],1.0.2309
Adware.Tuto4PC, C:\USERS\USER\APPDATA\LOCAL\TEMP\LF34S1Y.EXE, In Quarantäne, [934], [350731],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\GLOBAL_INSTALLER.EXE, In Quarantäne, [1342], [413462],1.0.2309
Adware.Tuto4PC, C:\USERS\USER\APPDATA\LOCAL\TEMP\UJ5RM86.EXE, In Quarantäne, [934], [350731],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.866DE17A7EF768.EXE, In Quarantäne, [3170], [368892],1.0.2309
PUP.Optional.InstallCore, C:\USERS\USER\APPDATA\LOCAL\TEMP\YEADESKTOP.EXE, In Quarantäne, [3], [356458],1.0.2309
Adware.Addrop, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.C513CF9653FB18.EXE, In Quarantäne, [502], [407091],1.0.2309
Adware.OptimizerEliteMax, C:\USERS\USER\APPDATA\LOCAL\TEMP\0PDQLMSO7\ONESYSTEMCARE.EXE, In Quarantäne, [455], [311034],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\00019704\B3.EXE, In Quarantäne, [206], [363441],1.0.2309
Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.F2D47CC39E9208.EXE, In Quarantäne, [258], [407435],1.0.2309
PUP.Optional.FastDataX, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.AB518F2084853.EXE, In Quarantäne, [9346], [407240],1.0.2309
Adware.Tuto4PC, C:\USERS\USER\APPDATA\LOCAL\TEMP\ZVH2YIH.EXE, In Quarantäne, [934], [350731],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\81K1EKL47\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
Adware.Wajam, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.65887C039AF704.EXE, In Quarantäne, [1208], [413713],1.0.2309
PUP.Optional.OnlineIO, C:\USERS\USER\APPDATA\LOCAL\TEMP\1964628687\IC-0.F9ADE3DAA9594.EXE, In Quarantäne, [575], [407216],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\BTSVI3PRZ\BTSVI3PRZ.EXE, In Quarantäne, [206], [363441],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\FCMWIXGMU\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\USER\APPDATA\LOCAL\TEMP\CCTRD0RCF\CCTRD0RCF.EXE, In Quarantäne, [1014], [363442],1.0.2309
Adware.NetAdapter, C:\USERS\USER\APPDATA\LOCAL\TEMP\81K1EKL47\NETADAPTERUPDATE_SETUP.EXE, In Quarantäne, [4427], [398038],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\HSKMU3XCC5\LIKE.EXE, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\HSKMU3XCC5\Like.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\ISF20CBK67\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\ISF20CBK67\Like.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\JLP5RM36NK\AFFICHEONE.EXE.CONFIG, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\AfficheOne.exe, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\Era5Le.exe, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\Era5Le.exe.config, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\Like.exe, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\JLP5RM36NK\Like.exe.config, In Quarantäne, [1342], [409262],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\MY5TSSNPW\MY5TSSNPW.EXE, In Quarantäne, [206], [363441],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW9492_2366\PACKAGE.JSON, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\close.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\expand.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon16.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon20.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon24.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon256.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon36.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon48.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icon64.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\icontray.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\loader.gif, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\minimize.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\search.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\images\unexpand.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\examples\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib\cookies.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib\copy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib\debug.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\lib\helpers.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\aws-sign2\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\aws-sign2\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\aws-sign2\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_duplex.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_passthrough.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_transform.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_writable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib\util.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\float.patch, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits_browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build\build.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\duplex.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\passthrough.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\transform.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\node_modules\readable-stream\writable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\test\basic-test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\test\sauce.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\bl.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\bl\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\caseless\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\lib\combined_stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib\delayed_stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-http-upload.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-auto-pause.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-pause.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-handle-source-errors.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-max-data-size.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-pipe-resumes.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-proxy-readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\common.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\run.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\combined-stream\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\forever-agent\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\forever-agent\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\forever-agent\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\lib\form_data.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\lib\async.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\support\sync-package-managers.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\async\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\db.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\node_modules\mime-types\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\form-data\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\example\usage.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\images\hawk.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\images\logo.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\client.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\crypto.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\server.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\images\boom.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\boom\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\cryptiles\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\images\hoek.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\lib\escape.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test2.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\escaper.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\hoek\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\examples\offset.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\examples\time.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\node_modules\sntp\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\client.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\crypto.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\message.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\readme.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\server.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\uri.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\test\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\hawk\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\parser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\signer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\util.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\lib\verify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\errors.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\types.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\reader.test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\writer.test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\asn1\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\assert-plus\assert.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\assert-plus\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\assert-plus\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype\ctio.3ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\tools\jsl.conf, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\ctf.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\ctio.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\ctype.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\node_modules\ctype\README.old, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\http_signing.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\http-signature\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\test\mocha.opts, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\test\stringify_test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\json-stringify-safe\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib\custom.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib\mime.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\lib\node.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\mime-types\SOURCES.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\test\test.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\uuid.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\node-uuid\v3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\oauth-sign\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\test\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\CONTRIBUTING.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\qs\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\example.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\LICENSE.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\stringstream\stringstream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\cookie.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\memstore.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\pathMatch.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\permuteDomain.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\pubsuffix.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\lib\store.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode\LICENSE-MIT.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode\punycode.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\node_modules\punycode\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tough-cookie\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tunnel-agent\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tunnel-agent\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\node_modules\tunnel-agent\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\CONTRIBUTING.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\disabled.appveyor.yml, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\release.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\request\request.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\examples\extracter.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\examples\packer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\examples\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\buffer-entry.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\entry-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\entry.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\extended-header-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\extended-header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\extract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\global-header-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\pack.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\lib\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\block-stream\block-stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\block-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\block-stream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples\filter-pipe.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples\pipe.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\examples\symlink-write.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\abstract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\collect.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\dir-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\dir-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\file-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\file-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\get-type.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\link-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\link-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\proxy-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\proxy-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\socket-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\lib\writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\graceful-fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\legacy-streams.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\polyfills.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\cmd.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\usage.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples\pow.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dash.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\default_bool.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dotted.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\long.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse_modified.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\short.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\whitespace.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\readme.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\chmod.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\clobber.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\mkdirp.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\race.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\rel.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\root.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\mkdirp\readme.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\old.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\wrappy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\inflight.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example\map.js, In Quarantäne, [2900], [371306],1.0.2309

senergy 10.07.2017 21:12
Code:
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test\map.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\README.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\minimatch.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\wrappy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\once.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\changelog.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\common.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\glob.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\bin.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\node_modules\rimraf\rimraf.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\fstream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\fstream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits\inherits.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits\inherits_browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\node_modules\inherits\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\00-setup-fixtures.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\cb-never-called-1.0.1.tgz, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\dir-normalization.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\dir-normalization.tar, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\error-on-broken.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\extract-move.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\extract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\fixtures.tgz, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\pack-no-proprietary.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\pack.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\parse-discard.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\test\zz-cleanup.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\tar\tar.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\lib\config.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\lib\async.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\async\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\test\test.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\uuid.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\node-uuid\v3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\underscore-min.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\underscore-min.map, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\node_modules\underscore\underscore.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\event.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\exception.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\item.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\middleware.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\mocha.opts, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\pageview.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\send.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\timing.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\transaction.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\test\_enqueue.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\AcceptableParams.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\node_modules\universal-analytics\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\storage\storage.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\storage\storageUtil.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\index.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\jquery.min.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\main.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\report.bin, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\settings.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw9492_2366\shallow.html, In Quarantäne, [2900], [371306],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\S2NOPF12E\SETUP.EXE, In Quarantäne, [43], [392762],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\ZULNQRWEZ\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\IHL6NWKPBA\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\IHL6NWKPBA\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\IHL6NWKPBA\AfficheOne.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\IHL6NWKPBA\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\IHL6NWKPBA\Era5Le.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
Adware.Linkury.Generic, C:\USERS\USER\APPDATA\LOCAL\PO.DB, In Quarantäne, [2011], [412180],1.0.2309
Adware.OptimizerEliteMax, C:\USERS\USER\APPDATA\LOCAL\TEMP\LS3LASKLN\ONESYSTEMCARE.EXE, In Quarantäne, [455], [311034],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\QKJGOF31Q\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\T21IM4CX6O\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\T21IM4CX6O\Like.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\W9DITSWDJD\LIKE.EXE, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\W9DITSWDJD\Like.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\XUXFHQTTVA\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\AfficheOne.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\Era5Le.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\XUXFHQTTVA\Like.exe, In Quarantäne, [1342], [412859],1.0.2309
Adware.NetAdapter, C:\USERS\USER\APPDATA\LOCAL\TEMP\CITIX693E\NETADAPTERUPDATE_SETUP.EXE, In Quarantäne, [4427], [398038],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-SVVBE.TMP\LETSWORK.EXE.CONFIG, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\_isetup\_setup64.tmp, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\_isetup\_shfoldr.dll, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\itdownload.dll, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\letswork.exe, In Quarantäne, [1342], [409261],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\is-SVVBE.tmp\psvince.dll, In Quarantäne, [1342], [409261],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\J0GCXQBV0\J0GCXQBV0.EXE, In Quarantäne, [206], [363441],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\USER\APPDATA\LOCAL\TEMP\KMRJ7N59O\KMRJ7N59O.EXE, In Quarantäne, [1014], [363442],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\LOCAL\TEMP\N7J7JN3MB\WB_21_NI.MSI, In Quarantäne, [1585], [383207],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\NW2948_2744\PACKAGE.JSON, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\close.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\expand.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon16.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon20.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon24.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon256.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon36.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon48.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icon64.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\icontray.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\loader.gif, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\minimize.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\search.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\images\unexpand.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\examples\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib\cookies.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib\copy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib\debug.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\lib\helpers.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\aws-sign2\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\aws-sign2\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\aws-sign2\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_duplex.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_passthrough.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_transform.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_writable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib\util.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\float.patch, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits_browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build\build.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\duplex.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\passthrough.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\transform.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\node_modules\readable-stream\writable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\test\basic-test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\test\sauce.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\bl.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\bl\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\caseless\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\lib\combined_stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib\delayed_stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-http-upload.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-auto-pause.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-pause.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-handle-source-errors.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-max-data-size.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-pipe-resumes.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-proxy-readable.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\common.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\run.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\combined-stream\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\forever-agent\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\forever-agent\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\forever-agent\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\lib\form_data.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\lib\async.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\support\sync-package-managers.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\async\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\db.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\node_modules\mime-types\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\form-data\Readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\example\usage.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\images\hawk.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\images\logo.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\client.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\crypto.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\server.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\images\boom.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\boom\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\cryptiles\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\images\hoek.png, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\lib\escape.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test2.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\escaper.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\hoek\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\examples\offset.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\examples\time.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\node_modules\sntp\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\client.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\crypto.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\message.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\readme.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\server.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\uri.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\test\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\hawk\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\parser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\signer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\util.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\lib\verify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\errors.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\types.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\reader.test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\writer.test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\asn1\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\assert-plus\assert.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\assert-plus\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\assert-plus\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype\ctio.3ctype, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\tools\jsl.conf, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\ctf.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\ctio.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\ctype.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\node_modules\ctype\README.old, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\http_signing.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\http-signature\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\test\mocha.opts, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\test\stringify_test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\json-stringify-safe\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib\custom.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib\mime.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\lib\node.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\mime-types\SOURCES.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\test\test.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\uuid.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\node-uuid\v3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\oauth-sign\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\test\stringify.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\CONTRIBUTING.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\qs\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\example.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\LICENSE.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\stringstream\stringstream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\cookie.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\memstore.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\pathMatch.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\permuteDomain.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\pubsuffix.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\lib\store.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode\LICENSE-MIT.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode\punycode.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\node_modules\punycode\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tough-cookie\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tunnel-agent\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tunnel-agent\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\node_modules\tunnel-agent\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\CHANGELOG.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\CONTRIBUTING.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\disabled.appveyor.yml, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\release.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\request\request.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\examples\extracter.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\examples\packer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\examples\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\buffer-entry.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\entry-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\entry.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\extended-header-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\extended-header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\extract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\global-header-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\pack.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\lib\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\block-stream\block-stream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\block-stream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\block-stream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples\filter-pipe.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples\pipe.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\examples\symlink-write.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\abstract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\collect.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\dir-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\dir-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\file-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\file-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\get-type.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\link-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\link-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\proxy-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\proxy-writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\socket-reader.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\lib\writer.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\graceful-fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\legacy-streams.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\polyfills.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\cmd.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\usage.txt, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples\pow.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dash.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\default_bool.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dotted.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\long.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse_modified.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\short.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\whitespace.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\readme.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\chmod.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\clobber.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\mkdirp.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\race.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\rel.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\root.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask_sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\mkdirp\readme.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\old.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\wrappy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\inflight.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example\map.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test\map.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\README.markdown, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\minimatch.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\wrappy.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\once.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\readme.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\changelog.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\common.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\glob.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\sync.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\bin.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\node_modules\rimraf\rimraf.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\fstream.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\fstream\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits\inherits.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits\inherits_browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\node_modules\inherits\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\00-setup-fixtures.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\cb-never-called-1.0.1.tgz, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\dir-normalization.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\dir-normalization.tar, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\error-on-broken.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\extract-move.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\extract.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\fixtures.tgz, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\header.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\pack-no-proprietary.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\pack.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\parse-discard.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\parse.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\test\zz-cleanup.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\tar\tar.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\lib\config.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\lib\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\lib\utils.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\lib\async.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\async\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\test\test.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\test\test.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\bower.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\component.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\uuid.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\node-uuid\v3.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\underscore-min.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\underscore-min.map, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\node_modules\underscore\underscore.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\event.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\exception.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\item.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\middleware.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\mocha.opts, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\pageview.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\send.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\timing.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\transaction.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\test\_enqueue.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\AcceptableParams.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\HISTORY.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\index.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\package.json, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\node_modules\universal-analytics\README.md, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\storage\storage.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\storage\storageUtil.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\index.html, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\jquery.min.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\main.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\report.bin, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\settings.js, In Quarantäne, [2900], [371306],1.0.2309
PUP.Optional.AppTrailers.Generic, C:\Users\user\AppData\Local\Temp\nw2948_2744\shallow.html, In Quarantäne, [2900], [371306],1.0.2309
Adware.NetAdapter, C:\USERS\USER\APPDATA\LOCAL\TEMP\YQFD0Q4AY\NETADAPTERUPDATE_SETUP.EXE, In Quarantäne, [4427], [398038],1.0.2309
Adware.DownloadSponsor, C:\USERS\USER\APPDATA\LOCAL\TEMP\DMR\DMR_72.EXE, In Quarantäne, [2170], [358371],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-5484H.TMP\SETUP.EXE, In Quarantäne, [43], [407044],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-PKF0L.TMP\SETUP.EXE, In Quarantäne, [43], [407044],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\GWHCPZ8UO\SETUP.EXE, In Quarantäne, [43], [392762],1.0.2309
PUP.Optional.YeaDesktop, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-R8CFJ.TMP\YEADESKTOP3.EXE, In Quarantäne, [1575], [391393],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\N7J7JN3MB\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\QN0AJ7S0LM\LIKE.EXE.CONFIG, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\AfficheOne.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\AfficheOne.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\Era5Le.exe.config, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\Era5Le.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\QN0AJ7S0LM\Like.exe.lnk, In Quarantäne, [1342], [412859],1.0.2309

senergy 10.07.2017 21:16
Code:
Adware.Tuto4PC.Generic, C:\USERS\USER\APPDATA\LOCAL\TEMP\WSIDELBT20\AFFICHEONE.EXE.CONFIG, In Quarantäne, [1342], [409262],1.0.2309
Adware.Tuto4PC.Generic, C:\Users\user\AppData\Local\Temp\WSIDELBT20\AfficheOne.exe.lnk, In Quarantäne, [1342], [409262],1.0.2309
PUP.Optional.WeatherBuddy, C:\USERS\USER\APPDATA\LOCAL\TEMP\LKFSVLBXN\WB_21_NI.MSI, In Quarantäne, [1585], [383207],1.0.2309
PUP.Optional.BitCoinMiner, C:\USERS\USER\APPDATA\LOCAL\TEMP\RYYYZ7FHC\RYYYZ7FHC.EXE, In Quarantäne, [206], [363441],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\9TVDQJ4KR\SETUP.EXE, In Quarantäne, [43], [392762],1.0.2309
PUP.Optional.DownloadSponsor, C:\USERS\USER\DOWNLOADS\SPYBOT SEARCH DESTROY - CHIP-INSTALLER.EXE, In Quarantäne, [537], [413936],1.0.2309
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{DA7F3B78-5402-4F30-B3DC-8489ADE15F23}\XJFKJKOBLHGICBJCEBFKGHDGHLMNEDCIMML, In Quarantäne, [1013], [237879],1.0.2309
PUP.Optional.DownloadProtect, C:\Windows\Installer\{DA7F3B78-5402-4F30-B3DC-8489ADE15F23}\cjfkjkoblhgicbjcebfkghdghlmnedcimrx, In Quarantäne, [1013], [237879],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\TASKS\SYSTEM HEALERPERIOD.JOB, In Quarantäne, [1014], [252785],1.0.2309
PUP.Optional.REOptimizer, C:\USERS\USER\APPDATA\LOCAL\UNINSTALLCE.EXE, In Quarantäne, [8481], [412227],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\LOCAL\APPTRAILERS\WEB DATA, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\index-dir\the-real-index, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\02cdb733b079655d_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\03545e0f98a9ea28_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\08bc571418449ead_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\08be8ae72d819e72_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\0d1b2d066da6b1cd_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\0ed7399215f555d7_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\139985452fffe325_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\15102e1fa0485514_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\225898d422d4cb5c_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\234986793e71f265_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\26968e7a0c71776d_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\2819c5233c1f77b4_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\2a91a77f189ea752_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\7f07725bbd4cdad3_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\87d187f3843de3f9_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\8da7d9e7b5732698_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\902790b2feff6cb4_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\986db9759872bd62_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\9ab069da12c6f7cd_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\9d414027730faa74_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\9e12b0434ab20ee0_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\a9423296c2c84f57_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\ab6bc8112cf834f6_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b0dab0dce39bbc42_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b3986aa6d1a5b1ca_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b3edef432256edd5_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b47c920fb5f590a1_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b8134c2453522778_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\b9947d35436f960b_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bacc692dcbcb78ec_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bb9b3bc747abfdb6_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bcb5605ce3b0a058_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bd48447363dfb226_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\bfbe9938bbb38577_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c0c8da446f3f7597_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c1630ab14c062443_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c3329b5e71fb9773_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c3df28f9c38daf87_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\c487316b1c7eb401_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\3082972055161e5d_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\319e9d33cf71a5f4_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\353b6030d8b57886_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\3a7e5375ff47a3f6_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\3c904118cf420ef1_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\442182c02ee0a243_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\4b5467acf20129c0_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\523136bf88a086e9_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\5ed7c51b87efc070_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\66e510668b4796e9_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\6b06043e0716a2a9_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\6b68d512aa6ed5dd_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\7017f26504f28cc3_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\7a1d5eb2bb25497a_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\d2897be77b4f55be_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\d8b76e143412632e_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\dafbda079dd6d223_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\dbdc212558a62e0f_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\dc7c883ebdb4ce43_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\ef0ec2ee49b0b8b1_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\f552ab47376f113e_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\f62d876f2f850a67_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\f74a8c1655500d73_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\fddd11ea475c5135_0, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Cache\index, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage\file__0.localstorage, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage\file__0.localstorage-journal, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage\http_www.imdb.com_0.localstorage, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Local Storage\http_www.imdb.com_0.localstorage-journal, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\cookies, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\cookies-journal, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Local\AppTrailers\Web Data-journal, In Quarantäne, [887], [324095],1.0.2309
PUP.Optional.Geniv, C:\USERS\USER\APPDATA\LOCAL\PROGRAMS\GEN\URL.TXT, In Quarantäne, [2046], [386985],1.0.2309
PUP.Optional.Geniv, C:\Users\user\AppData\Local\Programs\GEN\custom1.txt, In Quarantäne, [2046], [386985],1.0.2309
PUP.Optional.Geniv, C:\Users\user\AppData\Local\Programs\GEN\version.txt, In Quarantäne, [2046], [386985],1.0.2309
Adware.Wajam, C:\WINDOWS\FF042E19EF1935131D4C17528713C7AD.EXE, In Quarantäne, [1208], [413748],1.0.2309
PUP.Optional.WeatherBuddy, C:\WINDOWS\WEATHERBUDDY.INI, In Quarantäne, [1585], [388256],1.0.2309
PUP.Optional.MindSpark, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_internetspeedtracker.dl.tb.ask.com_0.localstorage, In Quarantäne, [283], [240306],1.0.2309
PUP.Optional.MindSpark, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_internetspeedtracker.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [283], [240306],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{545946F8-1228-47CA-BE36-0B4409D2DB3A}\config.json, In Quarantäne, [1605], [334834],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\Program Files\{545946F8-1228-47CA-BE36-0B4409D2DB3A}\def.bin, In Quarantäne, [1605], [334834],1.0.2309
Adware.FastDataX.EncJob, C:\WINDOWS\SYSTEM32\TASKS\FASTDATAX TASK, In Quarantäne, [9299], [407191],1.0.2309
PUP.Optional.WeatherBuddy, C:\WINDOWS\INSTALLER\751F8A63.MSI, In Quarantäne, [1585], [383207],1.0.2309
Adware.Eszjuxuan, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-R8CFJ.TMP\SETUP.EXE, In Quarantäne, [43], [409327],1.0.2309
Adware.Linkury, C:\USERS\USER\APPDATA\LOCAL\TEMP\LKFSVLBXN\LINKER.EXE, In Quarantäne, [2157], [408922],1.0.2309
PUP.Optional.SystemHealer, C:\USERS\USER\APPDATA\LOCAL\TEMP\RH8HFYLMA\RH8HFYLMA.EXE, In Quarantäne, [1014], [363442],1.0.2309
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [575], [391431],1.0.2309
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{3F535162-AF5C-4FC0-896D-26D6D0F440A8}\CLIECHNIBMPBKGJHPNEBBELDOLOBCBNDKRX, In Quarantäne, [1013], [237878],1.0.2309
PUP.Optional.DownloadProtect, C:\Windows\Installer\{3F535162-AF5C-4FC0-896D-26D6D0F440A8}\xliechnibmpbkgjhpnebbeldolobcbndkml, In Quarantäne, [1013], [237878],1.0.2309
PUP.Optional.OneSystemCare, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ONE SYSTEM CARE\LAUNCH ONE SYSTEM CARE.LNK, In Quarantäne, [489], [241379],1.0.2309
PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care\One System Care on the Web.url, In Quarantäne, [489], [241379],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\TASKS\System HealerStartUp.job, In Quarantäne, [1014], [252785],1.0.2309
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\INSTALLER\{1600AC33-F9DD-4B39-87C5-3228E9E5942C}\{879474B0-EB65-487E-AF91-C69159DFE6F3}.xpi, In Quarantäne, [9063], [255640],1.0.2309
PUP.Optional.DownloadProtect.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, Entfernung fehlgeschlagen, [9063], [-1],0.0.0
PUP.Optional.DownloadProtect.ChrPRST, C:\USERS\USER\NTUSER.POL, In Quarantäne, [9063], [-1],0.0.0
PUP.Optional.DownloadProtect.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, In Quarantäne, [9063], [-1],0.0.0
PUP.Optional.Geniv, C:\WINDOWS\SYSTEM32\TASKS\GEN_INTERVAL, In Quarantäne, [2046], [260514],1.0.2309
PUP.Optional.NeoBar, C:\WINDOWS\TASKS\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B.JOB, In Quarantäne, [152], [411160],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\WINDOWS\SRC_SRV\TRUSTED.WEB.PROXY.DLL, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\accept_cert.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\installsig.exe, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\Ionic.Zip.dll, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\rootCert.pfx, In Quarantäne, [6630], [392905],1.0.2309
Adware.BetterAds.PrxySvrRST, C:\Windows\src_srv\winsrcsrv.exe, In Quarantäne, [6630], [392905],1.0.2309
PUP.Optional.Tables, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PSYSOD7O.DEFAULT\EXTENSIONS\378507@EXTCORP.NET.XPI, In Quarantäne, [8527], [413446],1.0.2309
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES\Online Application\Online Application Updater.exe, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io EULA.url, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io Privacy.url, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Uninstall Online Application.lnk, In Quarantäne, [9515], [399420],1.0.2309
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.ini, In Quarantäne, [9515], [399420],1.0.2309
PUP.Optional.MindSpark, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_internetspeedtracker.dl.myway.com_0.localstorage, In Quarantäne, [283], [240305],1.0.2309
PUP.Optional.MindSpark, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_internetspeedtracker.dl.myway.com_0.localstorage-journal, In Quarantäne, [283], [240305],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\System Healer Task, In Quarantäne, [1014], [252783],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\System HealerPeriod, In Quarantäne, [1014], [252783],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\System HealerStartUp, In Quarantäne, [1014], [252783],1.0.2309
PUP.Optional.MagicDisk, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MGDISK\MGDISK.LNK, In Quarantäne, [8175], [413772],1.0.2309
PUP.Optional.MagicDisk, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mgdisk\uninstall mgdisk.lnk, In Quarantäne, [8175], [413772],1.0.2309
Rootkit.Komodia.PUA, C:\WINDOWS\SYSTEM32\DRIVERS\LACE_WPF_X64.SYS, In Quarantäne, [1817], [365194],1.0.2309
PUP.Optional.YTAdBlocker, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\BROWSER\FEATURES\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\INSTALL.RDF, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\files\background.js, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\files\foreground.js, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\files\main.css, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\icons\icon19.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\icons\icon48.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\icons\icon64.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\arrow.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\background.png, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\bindings.css, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\bindings.xml, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\skin\styles.css, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hi\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\am\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ar\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\be\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\bg\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\bn\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ca\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\cs\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\da\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\de\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\el\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en_GB\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\en_US\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\es\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\es_419\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\et\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fa\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fi\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fil\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\fr\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\gu\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\he\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hr\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\hu\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\id\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\it\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ja\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\kn\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ko\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\lt\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\lv\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\mk\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ml\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\mr\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ms\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\nl\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\no\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pl\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt_BR\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\pt_PT\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ro\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ru\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sk\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sl\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sq\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sr\messages.json, In Quarantäne, [1987], [345509],1.0.23
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sv\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\sw\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\ta\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\te\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\th\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\tr\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\uk\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\vi\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\zh_CN\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\_locales\zh_TW\messages.json, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\background.html, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\background.xul, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome\Kernel.js, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\bootstrap.js, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.YTAdBlocker, C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59}\chrome.manifest, In Quarantäne, [1987], [345509],1.0.2309
PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Monitor, In Quarantäne, [489], [241381],1.0.2309
PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Run Delay, In Quarantäne, [489], [241381],1.0.2309
PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Task, In Quarantäne, [489], [241381],1.0.2309
PUP.Optional.AppTrailers, C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\APPTRAILERS\APPTRAILERS.LNK, In Quarantäne, [887], [324491],1.0.2309
PUP.Optional.AppTrailers, C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppTrailers\Uninstall.lnk, In Quarantäne, [887], [324491],1.0.2309
Adware.Elex, C:\USERS\USER\APPDATA\LOCAL\TEMP\APPHELPERV7.EXE, In Quarantäne, [2], [387001],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\SystemHealer Monitor, In Quarantäne, [1014], [252784],1.0.2309
PUP.Optional.SystemHealer, C:\WINDOWS\SYSTEM32\TASKS\SystemHealer Run Delay, In Quarantäne, [1014], [252784],1.0.2309
PUP.Optional.BrowserModule, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PSYSOD7O.DEFAULT\CHROME\USERCONTENT.CSS, In Quarantäne, [2347], [389741],1.0.2309
PUP.Optional.SoftUpgrade, C:\WINDOWS\SYSTEM32\TASKS\SOFTUPGRADE, In Quarantäne, [1050], [260473],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{ABE209A6-4D9B-41F1-AD2B-15940E313E79}\config.json, In Quarantäne, [1605], [334834],1.0.2309
PUP.Optional.DownloadProtect.Generic, C:\Program Files (x86)\{ABE209A6-4D9B-41F1-AD2B-15940E313E79}\def.bin, In Quarantäne, [1605], [334834],1.0.2309
PUP.Optional.Geniv, C:\WINDOWS\SYSTEM32\TASKS\GEN, In Quarantäne, [2046], [344167],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_gobbnicjoijcfndfmmfjnfgldgcnjibl_0.localstorage, In Quarantäne, [3170], [384274],1.0.2309
PUP.Optional.SwytShop, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_gobbnicjoijcfndfmmfjnfgldgcnjibl_0.localstorage-journal, In Quarantäne, [3170], [384274],1.0.2309
PUP.Optional.NeoBar, C:\WINDOWS\SYSTEM32\TASKS\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B, In Quarantäne, [152], [411158],1.0.2309
PUP.Optional.NeoBar, C:\WINDOWS\SYSTEM32\TASKS\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B2, In Quarantäne, [152], [411158],1.0.2309
PUP.Optional.NeoBar, C:\WINDOWS\SYSTEM32\TASKS\U2_2C6A44CB-AD42-4731-A544-3FBD3D83AB5B, In Quarantäne, [152], [411158],1.0.2309
PUP.Optional.ChinAd, C:\WINDOWS\SYSTEM32\DRIVERS\CFIDSK.SYS, In Quarantäne, [115], [412913],1.0.2309

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
und Hitman:
Code:
HitmanPro 3.7.20.286
www.hitmanpro.com

  Computer name . . . . : USER-PC
  Windows . . . . . . . : 10.0.0.14393.X64/4
  User name . . . . . . : USER-PC\user
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (31 days left)

  Scan date . . . . . . : 2017-07-07 18:07:55
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 7m 21s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : Yes

  Threats . . . . . . . : 26
  Traces  . . . . . . . : 509

  Objects scanned . . . : 2.473.951
  Files scanned . . . . : 140.669
  Remnants scanned  . . : 929.850 files / 1.403.432 keys

Malware _____________________________________________________________________

  C:\Program Files\5QZG3OJ0TS\uninstaller.exe -> Quarantined
      Size . . . . . . . : 318.464 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:00:47)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -142.4s C:\Windows\Temp\_MEI64842\
        -142.4s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -142.4s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -142.3s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_socket.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -142.3s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -142.3s C:\Windows\Temp\_MEI64842\python34.dll
        -142.3s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -142.3s C:\Windows\Temp\_MEI64842\select.pyd
        -142.3s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -142.3s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -142.3s C:\Windows\Temp\_MEI64842\Include\
        -142.3s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -142.3s C:\Windows\Temp\_MEI64842\base_library.zip
        -141.6s C:\Windows\Temp\secEE60.tmp
        -141.6s C:\Windows\Temp\secEE61.tmp
        -141.6s C:\Windows\Temp\secEE62.tmp
        -141.6s C:\Windows\Temp\secEE63.tmp
        -141.6s C:\Windows\Temp\secEE73.tmp
        -141.6s C:\Windows\Temp\secEE74.tmp
        -141.6s C:\Windows\Temp\secEE75.tmp
        -141.6s C:\Windows\Temp\secEE76.tmp
        -141.6s C:\Windows\Temp\secEE77.tmp
        -141.6s C:\Windows\Temp\secEE78.tmp
        -141.6s C:\Windows\Temp\secEE79.tmp
        -141.6s C:\Windows\Temp\secEE7A.tmp
        -141.6s C:\Windows\Temp\secEE8B.tmp
        -141.6s C:\Windows\Temp\secEE8C.tmp
        -141.6s C:\Windows\Temp\secEE8D.tmp
        -141.6s C:\Windows\Temp\secEE8E.tmp
        -141.6s C:\Windows\Temp\secEE8F.tmp
        -141.6s C:\Windows\Temp\secEE90.tmp
        -141.6s C:\Windows\Temp\secEE91.tmp
        -139.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -138.2s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -134.5s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -133.4s C:\Windows\Temp\WAXE53.tmp
        -112.3s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -108.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -108.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -107.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -104.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -104.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -100.2s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -96.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -96.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -75.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -70.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -70.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -69.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -68.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -68.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -66.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -66.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -65.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -65.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -57.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -50.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -50.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -50.9s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -50.9s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -50.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -50.4s C:\Windows\Temp\_MEI67202\
        -50.4s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -50.4s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -50.3s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_socket.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -50.3s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -50.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -50.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -50.3s C:\Windows\Temp\_MEI67202\python34.dll
        -50.2s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -50.2s C:\Windows\Temp\_MEI67202\select.pyd
        -50.2s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -50.2s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -50.2s C:\Windows\Temp\_MEI67202\base_library.zip
        -50.2s C:\Windows\Temp\_MEI67202\Include\
        -50.2s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -46.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -46.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -45.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -44.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -44.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -43.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -43.0s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -38.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -38.1s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -37.8s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -37.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -36.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -36.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -34.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -34.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -33.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -33.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -32.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -31.7s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -30.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -30.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -29.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -24.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -22.7s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -22.2s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -21.5s C:\Program Files\5QZG3OJ0TS\
        -19.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -15.5s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -13.8s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -10.9s C:\Program Files\LMCMPM4PUO\
        -10.6s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -10.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -10.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -9.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -9.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -6.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -6.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -4.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -3.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -3.5s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -1.2s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
          0.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
          0.6s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
          0.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
          0.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
          0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
          1.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
          3.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
          3.6s C:\Users\user\AppData\Roaming\xyz02h4odhk\
          4.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
          6.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
          6.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
          7.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
          8.0s C:\Program Files\KZFZHJ3JTA\
          8.8s C:\Program Files\5QZG3OJ0TS\cast.config
        10.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
        12.7s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
        12.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
        13.3s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
        13.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
        13.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
        13.8s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
        13.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
        14.5s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
        14.8s C:\Users\user\AppData\Local\Temp\3CSINwA73\
        15.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
        15.1s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
        15.1s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
        15.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
        15.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        17.6s C:\Program Files\LMCMPM4PUO\cast.config
        20.7s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        22.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        24.6s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        24.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        24.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        25.2s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        25.4s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        25.8s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        26.1s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        26.1s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        26.7s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        26.7s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        27.7s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        31.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        31.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        31.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        31.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        32.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        33.3s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        33.9s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        36.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        37.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        37.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        37.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        37.5s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        39.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        39.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        39.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        41.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
        41.9s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        42.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        42.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        45.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        45.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        45.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        48.1s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        48.1s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        48.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        48.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        48.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        48.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        49.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        49.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        50.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        50.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        50.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        51.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        51.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        51.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        52.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        52.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        52.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        52.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        54.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        54.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        54.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        55.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        55.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        56.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        57.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        57.6s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        57.6s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        57.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        58.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        58.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        58.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        58.9s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        59.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        59.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        60.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        60.6s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        60.6s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        60.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        60.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        61.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        61.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
        62.9s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
        63.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
        64.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
        64.6s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
        64.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
        65.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
        68.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
        70.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        70.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        70.8s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        70.9s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        71.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        71.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        71.4s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        71.4s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        71.5s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        71.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        71.9s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        72.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        72.0s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        72.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        72.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        74.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        74.2s C:\Users\user\AppData\Local\Temp\647C.tmp
        74.6s C:\Program Files\KZFZHJ3JTA\cast.config
        74.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        74.9s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        75.3s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        75.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        78.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        78.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        79.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        80.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        80.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        80.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        80.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        80.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        81.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        81.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        81.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        82.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        82.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        82.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        82.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        84.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        84.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        84.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        84.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        85.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        85.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        86.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        86.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        86.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        86.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        87.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        88.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        88.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        89.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        89.3s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        89.3s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        89.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        93.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        95.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        95.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        95.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        95.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        95.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        96.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        97.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        97.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        98.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        98.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        98.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        103.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        103.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        103.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        104.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        105.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        106.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        106.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        107.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        107.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        107.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        108.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        108.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        108.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        108.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        109.3s C:\Users\user\AppData\Local\Temp\mbam\
        109.3s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        110.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        110.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        110.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        110.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        111.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        111.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        112.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        112.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        112.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        112.9s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        114.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        115.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        116.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        116.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        116.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        117.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        117.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        118.2s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        118.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        119.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        119.7s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        120.5s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        120.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        122.7s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        123.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        124.5s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        127.5s C:\KRECYCLE\00030979.KVQ
        127.8s C:\KRECYCLE\00030980.KVQ
        128.1s C:\KRECYCLE\00030981.KVQ
        128.3s C:\KRECYCLE\00030982.KVQ
        128.4s C:\ProgramData\Kingsoft\DUBA\
        128.4s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        128.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        128.6s C:\KRECYCLE\00030983.KVQ
        130.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        132.7s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        133.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        135.0s C:\KRECYCLE\00030984.KVQ
        142.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Program Files\KZFZHJ3JTA\uninstaller.exe -> Quarantined
      Size . . . . . . . : 318.464 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:01:50)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -205.2s C:\Windows\Temp\_MEI64842\
        -205.2s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -205.2s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -205.2s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_socket.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -205.2s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -205.1s C:\Windows\Temp\_MEI64842\python34.dll
        -205.1s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -205.1s C:\Windows\Temp\_MEI64842\select.pyd
        -205.1s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -205.1s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -205.1s C:\Windows\Temp\_MEI64842\Include\
        -205.1s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -205.1s C:\Windows\Temp\_MEI64842\base_library.zip
        -204.5s C:\Windows\Temp\secEE60.tmp
        -204.5s C:\Windows\Temp\secEE61.tmp
        -204.5s C:\Windows\Temp\secEE62.tmp
        -204.5s C:\Windows\Temp\secEE63.tmp
        -204.5s C:\Windows\Temp\secEE73.tmp
        -204.5s C:\Windows\Temp\secEE74.tmp
        -204.5s C:\Windows\Temp\secEE75.tmp
        -204.5s C:\Windows\Temp\secEE76.tmp
        -204.5s C:\Windows\Temp\secEE77.tmp
        -204.5s C:\Windows\Temp\secEE78.tmp
        -204.5s C:\Windows\Temp\secEE79.tmp
        -204.5s C:\Windows\Temp\secEE7A.tmp
        -204.4s C:\Windows\Temp\secEE8B.tmp
        -204.4s C:\Windows\Temp\secEE8C.tmp
        -204.4s C:\Windows\Temp\secEE8D.tmp
        -204.4s C:\Windows\Temp\secEE8E.tmp
        -204.4s C:\Windows\Temp\secEE8F.tmp
        -204.4s C:\Windows\Temp\secEE90.tmp
        -204.4s C:\Windows\Temp\secEE91.tmp
        -202.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -201.1s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -197.4s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -196.2s C:\Windows\Temp\WAXE53.tmp
        -175.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -171.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -170.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -170.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -167.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -167.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -163.0s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -159.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -159.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -138.0s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -133.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -133.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -132.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -128.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -128.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -120.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -113.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -113.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -113.2s C:\Windows\Temp\_MEI67202\
        -113.2s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -113.2s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -113.2s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_socket.pyd
        -113.1s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -113.1s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -113.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -113.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -113.1s C:\Windows\Temp\_MEI67202\python34.dll
        -113.1s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -113.1s C:\Windows\Temp\_MEI67202\select.pyd
        -113.1s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -113.1s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -113.1s C:\Windows\Temp\_MEI67202\base_library.zip
        -113.1s C:\Windows\Temp\_MEI67202\Include\
        -113.1s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -112.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -112.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -109.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -109.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -108.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -107.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -107.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -106.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -105.8s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -101.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -100.9s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -100.7s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -100.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -99.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -99.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -97.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -97.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -96.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -96.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -95.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -94.6s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -93.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -93.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -92.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -87.6s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -85.6s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -85.0s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -84.4s C:\Program Files\5QZG3OJ0TS\
        -82.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -78.4s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -76.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -73.8s C:\Program Files\LMCMPM4PUO\
        -73.5s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -73.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -73.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -72.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -72.4s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -69.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -69.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -66.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -66.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -66.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -66.4s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -64.0s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
        -62.9s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
        -62.2s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
        -62.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
        -62.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
        -61.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
        -61.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
        -59.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
        -59.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\
        -58.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
        -58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
        -58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
        -58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
        -56.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -56.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -55.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
        -54.9s C:\Program Files\KZFZHJ3JTA\
        -54.1s C:\Program Files\5QZG3OJ0TS\cast.config
        -52.1s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
        -50.2s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
        -50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
        -49.6s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
        -49.4s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
        -49.4s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
        -49.1s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
        -48.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
        -48.3s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
        -48.1s C:\Users\user\AppData\Local\Temp\3CSINwA73\
        -47.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
        -47.8s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
        -47.8s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
        -47.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
        -47.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        -45.3s C:\Program Files\LMCMPM4PUO\cast.config
        -42.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        -40.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        -38.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        -38.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        -38.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        -37.7s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        -37.5s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        -37.0s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        -36.8s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        -36.8s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        -36.2s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        -36.2s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        -35.2s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        -31.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        -31.4s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        -31.4s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        -31.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        -30.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        -29.6s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        -29.0s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        -26.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        -25.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        -25.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        -25.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        -25.3s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        -23.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        -23.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        -23.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        -21.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        -21.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data

senergy 10.07.2017 21:17
und Hitman:
Code:
HitmanPro 3.7.20.286
www.hitmanpro.com

  Computer name . . . . : USER-PC
  Windows . . . . . . . : 10.0.0.14393.X64/4
  User name . . . . . . : USER-PC\user
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (31 days left)

  Scan date . . . . . . : 2017-07-07 18:07:55
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 7m 21s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : Yes

  Threats . . . . . . . : 26
  Traces  . . . . . . . : 509

  Objects scanned . . . : 2.473.951
  Files scanned . . . . : 140.669
  Remnants scanned  . . : 929.850 files / 1.403.432 keys

Malware _____________________________________________________________________

  C:\Program Files\5QZG3OJ0TS\uninstaller.exe -> Quarantined
      Size . . . . . . . : 318.464 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:00:47)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -142.4s C:\Windows\Temp\_MEI64842\
        -142.4s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -142.4s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -142.3s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_socket.pyd
        -142.3s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -142.3s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -142.3s C:\Windows\Temp\_MEI64842\python34.dll
        -142.3s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -142.3s C:\Windows\Temp\_MEI64842\select.pyd
        -142.3s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -142.3s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -142.3s C:\Windows\Temp\_MEI64842\Include\
        -142.3s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -142.3s C:\Windows\Temp\_MEI64842\base_library.zip
        -141.6s C:\Windows\Temp\secEE60.tmp
        -141.6s C:\Windows\Temp\secEE61.tmp
        -141.6s C:\Windows\Temp\secEE62.tmp
        -141.6s C:\Windows\Temp\secEE63.tmp
        -141.6s C:\Windows\Temp\secEE73.tmp
        -141.6s C:\Windows\Temp\secEE74.tmp
        -141.6s C:\Windows\Temp\secEE75.tmp
        -141.6s C:\Windows\Temp\secEE76.tmp
        -141.6s C:\Windows\Temp\secEE77.tmp
        -141.6s C:\Windows\Temp\secEE78.tmp
        -141.6s C:\Windows\Temp\secEE79.tmp
        -141.6s C:\Windows\Temp\secEE7A.tmp
        -141.6s C:\Windows\Temp\secEE8B.tmp
        -141.6s C:\Windows\Temp\secEE8C.tmp
        -141.6s C:\Windows\Temp\secEE8D.tmp
        -141.6s C:\Windows\Temp\secEE8E.tmp
        -141.6s C:\Windows\Temp\secEE8F.tmp
        -141.6s C:\Windows\Temp\secEE90.tmp
        -141.6s C:\Windows\Temp\secEE91.tmp
        -139.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -138.2s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -134.5s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -133.4s C:\Windows\Temp\WAXE53.tmp
        -112.3s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -108.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -108.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -107.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -104.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -104.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -104.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -100.2s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -96.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -96.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -75.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -70.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -70.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -69.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -68.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -68.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -66.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -66.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -65.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -65.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -57.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -50.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -50.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -50.9s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -50.9s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -50.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -50.4s C:\Windows\Temp\_MEI67202\
        -50.4s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -50.4s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -50.3s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_socket.pyd
        -50.3s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -50.3s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -50.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -50.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -50.3s C:\Windows\Temp\_MEI67202\python34.dll
        -50.2s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -50.2s C:\Windows\Temp\_MEI67202\select.pyd
        -50.2s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -50.2s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -50.2s C:\Windows\Temp\_MEI67202\base_library.zip
        -50.2s C:\Windows\Temp\_MEI67202\Include\
        -50.2s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -46.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -46.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -45.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -44.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -44.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -43.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -43.0s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -41.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -38.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -38.1s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -37.8s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -37.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -36.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -36.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -34.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -34.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -33.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -33.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -32.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -31.7s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -30.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -30.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -29.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -24.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -22.7s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -22.2s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -21.5s C:\Program Files\5QZG3OJ0TS\
        -19.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -15.5s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -13.8s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -10.9s C:\Program Files\LMCMPM4PUO\
        -10.6s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -10.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -10.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -9.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -9.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -6.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -6.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -4.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -3.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -3.5s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -1.2s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
          0.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
          0.6s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
          0.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
          0.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
          0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
          1.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
          3.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
          3.6s C:\Users\user\AppData\Roaming\xyz02h4odhk\
          4.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
          4.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
          4.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
          4.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
          6.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
          6.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
          7.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
          8.0s C:\Program Files\KZFZHJ3JTA\
          8.8s C:\Program Files\5QZG3OJ0TS\cast.config
        10.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
        12.7s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
        12.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
        13.3s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
        13.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
        13.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
        13.8s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
        13.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
        14.5s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
        14.8s C:\Users\user\AppData\Local\Temp\3CSINwA73\
        15.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
        15.1s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
        15.1s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
        15.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
        15.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        17.6s C:\Program Files\LMCMPM4PUO\cast.config
        20.7s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        22.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        24.6s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        24.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        24.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        25.2s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        25.4s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        25.8s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        26.1s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        26.1s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        26.7s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        26.7s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        27.7s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        31.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        31.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        31.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        31.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        32.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        33.3s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        33.9s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        36.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        37.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        37.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        37.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        37.5s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        39.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        39.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        39.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        41.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
        41.9s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        42.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        42.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        45.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        45.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        45.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        48.1s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        48.1s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        48.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        48.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        48.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        48.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        49.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        49.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        50.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        50.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        50.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        51.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        51.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        51.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        52.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        52.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        52.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        52.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        54.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        54.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        54.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        55.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        55.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        56.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        57.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        57.6s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        57.6s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        57.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        58.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        58.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        58.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        58.9s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        59.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        59.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        60.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        60.6s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        60.6s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        60.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        60.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        61.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        61.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
        62.9s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
        63.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
        64.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
        64.6s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
        64.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
        65.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
        68.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
        70.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        70.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        70.8s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        70.9s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        71.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        71.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        71.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        71.4s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        71.4s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        71.5s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        71.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        71.9s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        72.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        72.0s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        72.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        72.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        74.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        74.2s C:\Users\user\AppData\Local\Temp\647C.tmp
        74.6s C:\Program Files\KZFZHJ3JTA\cast.config
        74.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        74.9s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        75.3s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        75.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        78.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        78.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        79.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        80.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        80.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        80.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        80.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        80.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        81.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        81.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        81.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        82.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        82.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        82.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        82.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        84.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        84.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        84.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        84.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        85.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        85.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        86.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        86.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        86.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        86.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        87.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        88.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        88.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        89.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        89.3s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        89.3s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        89.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        93.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        95.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        95.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        95.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        95.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        95.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        96.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        97.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        97.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        98.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        98.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        98.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        103.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        103.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        103.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        104.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        105.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        106.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        106.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        107.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        107.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        107.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        108.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        108.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        108.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        108.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        109.3s C:\Users\user\AppData\Local\Temp\mbam\
        109.3s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        110.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        110.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        110.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        110.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        111.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        111.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        112.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        112.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        112.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        112.9s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        114.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        115.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        116.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        116.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        116.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        117.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        117.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        118.2s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        118.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        119.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        119.7s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        120.5s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        120.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        122.7s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        123.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        124.5s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        127.5s C:\KRECYCLE\00030979.KVQ
        127.8s C:\KRECYCLE\00030980.KVQ
        128.1s C:\KRECYCLE\00030981.KVQ
        128.3s C:\KRECYCLE\00030982.KVQ
        128.4s C:\ProgramData\Kingsoft\DUBA\
        128.4s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        128.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        128.6s C:\KRECYCLE\00030983.KVQ
        130.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        132.7s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        133.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        135.0s C:\KRECYCLE\00030984.KVQ
        142.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Program Files\KZFZHJ3JTA\uninstaller.exe -> Quarantined
      Size . . . . . . . : 318.464 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:01:50)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -205.2s C:\Windows\Temp\_MEI64842\
        -205.2s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -205.2s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -205.2s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_socket.pyd
        -205.2s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -205.2s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -205.1s C:\Windows\Temp\_MEI64842\python34.dll
        -205.1s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -205.1s C:\Windows\Temp\_MEI64842\select.pyd
        -205.1s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -205.1s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -205.1s C:\Windows\Temp\_MEI64842\Include\
        -205.1s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -205.1s C:\Windows\Temp\_MEI64842\base_library.zip
        -204.5s C:\Windows\Temp\secEE60.tmp
        -204.5s C:\Windows\Temp\secEE61.tmp
        -204.5s C:\Windows\Temp\secEE62.tmp
        -204.5s C:\Windows\Temp\secEE63.tmp
        -204.5s C:\Windows\Temp\secEE73.tmp
        -204.5s C:\Windows\Temp\secEE74.tmp
        -204.5s C:\Windows\Temp\secEE75.tmp
        -204.5s C:\Windows\Temp\secEE76.tmp
        -204.5s C:\Windows\Temp\secEE77.tmp
        -204.5s C:\Windows\Temp\secEE78.tmp
        -204.5s C:\Windows\Temp\secEE79.tmp
        -204.5s C:\Windows\Temp\secEE7A.tmp
        -204.4s C:\Windows\Temp\secEE8B.tmp
        -204.4s C:\Windows\Temp\secEE8C.tmp
        -204.4s C:\Windows\Temp\secEE8D.tmp
        -204.4s C:\Windows\Temp\secEE8E.tmp
        -204.4s C:\Windows\Temp\secEE8F.tmp
        -204.4s C:\Windows\Temp\secEE90.tmp
        -204.4s C:\Windows\Temp\secEE91.tmp
        -202.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -201.1s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -197.4s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -196.2s C:\Windows\Temp\WAXE53.tmp
        -175.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -171.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -170.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -170.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -167.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -167.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -167.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -163.0s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -159.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -159.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -138.0s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -133.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -133.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -132.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -131.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -128.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -128.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -120.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -113.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -113.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -113.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -113.2s C:\Windows\Temp\_MEI67202\
        -113.2s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -113.2s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -113.2s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -113.2s C:\Windows\Temp\_MEI67202\_socket.pyd
        -113.1s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -113.1s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -113.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -113.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -113.1s C:\Windows\Temp\_MEI67202\python34.dll
        -113.1s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -113.1s C:\Windows\Temp\_MEI67202\select.pyd
        -113.1s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -113.1s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -113.1s C:\Windows\Temp\_MEI67202\base_library.zip
        -113.1s C:\Windows\Temp\_MEI67202\Include\
        -113.1s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -112.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -112.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -109.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -109.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -108.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -107.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -107.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -106.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -105.8s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -103.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -101.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -100.9s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -100.7s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -100.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -99.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -99.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -97.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -97.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -96.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -96.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -95.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -94.6s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -93.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -93.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -92.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -87.6s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -85.6s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -85.0s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -84.4s C:\Program Files\5QZG3OJ0TS\
        -82.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -78.4s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -76.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -73.8s C:\Program Files\LMCMPM4PUO\
        -73.5s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -73.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -73.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -72.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -72.4s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -69.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -69.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -66.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -66.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -66.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -66.4s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -64.0s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
        -62.9s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
        -62.2s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
        -62.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
        -62.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
        -61.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
        -61.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
        -59.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
        -59.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\
        -58.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
        -58.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
        -58.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
        -58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
        -58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
        -58.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
        -56.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -56.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -55.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
        -54.9s C:\Program Files\KZFZHJ3JTA\
        -54.1s C:\Program Files\5QZG3OJ0TS\cast.config
        -52.1s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
        -50.2s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
        -50.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
        -49.6s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
        -49.4s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
        -49.4s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
        -49.1s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
        -48.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
        -48.3s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
        -48.1s C:\Users\user\AppData\Local\Temp\3CSINwA73\
        -47.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
        -47.8s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
        -47.8s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
        -47.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
        -47.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        -45.3s C:\Program Files\LMCMPM4PUO\cast.config
        -42.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        -40.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        -38.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        -38.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        -38.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        -37.7s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        -37.5s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        -37.0s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        -36.8s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        -36.8s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        -36.2s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        -36.2s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        -35.2s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        -31.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        -31.4s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        -31.4s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        -31.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        -30.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        -29.6s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        -29.0s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        -26.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        -25.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        -25.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        -25.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        -25.3s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        -23.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        -23.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        -23.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        -21.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        -21.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data

senergy 10.07.2017 21:18
Code:
        -21.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        -20.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -20.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -17.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        -17.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        -17.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        -14.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        -14.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        -14.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        -14.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        -14.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        -14.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        -13.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        -13.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        -12.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        -12.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        -12.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        -11.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -11.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -11.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        -10.4s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        -10.4s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        -10.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -10.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -8.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        -8.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        -8.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        -7.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        -6.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        -6.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        -5.8s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        -5.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        -5.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        -4.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        -4.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        -4.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        -4.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        -4.0s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        -3.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        -3.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        -2.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        -2.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        -2.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        -2.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        -2.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        -1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        -0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
          0.0s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
          0.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
          1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
          1.7s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
          1.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
          2.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
          5.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
          7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
          7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
          8.0s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
          8.1s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
          8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
          8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
          8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
          8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
          8.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
          8.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
          8.5s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
          8.5s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
          8.6s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
          8.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
          9.0s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
          9.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
          9.2s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
          9.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
          9.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        11.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        11.3s C:\Users\user\AppData\Local\Temp\647C.tmp
        11.8s C:\Program Files\KZFZHJ3JTA\cast.config
        11.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        12.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        12.5s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        13.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        15.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        15.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        16.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        17.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        17.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        17.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        17.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        17.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        18.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        18.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        18.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        19.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        19.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        19.4s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        19.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        21.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        21.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        21.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        21.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        22.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        22.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        23.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        23.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        23.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        24.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        25.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        25.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        25.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        26.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        26.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        26.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        26.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        30.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        32.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        32.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        32.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        32.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        33.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        33.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        34.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        35.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        35.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        35.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        35.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        40.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        40.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        41.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        41.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        42.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        42.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        42.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        43.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        43.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        44.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        44.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        44.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        45.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        45.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        45.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        46.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        46.5s C:\Users\user\AppData\Local\Temp\mbam\
        46.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        47.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        47.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        47.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        47.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        48.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        48.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        49.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        49.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        50.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        50.0s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        51.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        53.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        53.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        53.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        53.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        54.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        54.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        55.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        55.6s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        56.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        56.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        57.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        57.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        59.8s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        60.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        61.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        64.6s C:\KRECYCLE\00030979.KVQ
        65.0s C:\KRECYCLE\00030980.KVQ
        65.2s C:\KRECYCLE\00030981.KVQ
        65.5s C:\KRECYCLE\00030982.KVQ
        65.5s C:\ProgramData\Kingsoft\DUBA\
        65.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        65.7s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        65.7s C:\KRECYCLE\00030983.KVQ
        67.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        68.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        69.9s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        70.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        72.2s C:\KRECYCLE\00030984.KVQ
        79.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Program Files\LMCMPM4PUO\uninstaller.exe -> Quarantined
      Size . . . . . . . : 318.464 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:00:55)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -149.8s C:\Windows\Temp\_MEI64842\
        -149.8s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -149.8s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -149.8s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -149.8s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_socket.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -149.7s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -149.7s C:\Windows\Temp\_MEI64842\python34.dll
        -149.7s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -149.7s C:\Windows\Temp\_MEI64842\select.pyd
        -149.7s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -149.7s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -149.7s C:\Windows\Temp\_MEI64842\Include\
        -149.7s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -149.7s C:\Windows\Temp\_MEI64842\base_library.zip
        -149.0s C:\Windows\Temp\secEE60.tmp
        -149.0s C:\Windows\Temp\secEE61.tmp
        -149.0s C:\Windows\Temp\secEE62.tmp
        -149.0s C:\Windows\Temp\secEE63.tmp
        -149.0s C:\Windows\Temp\secEE73.tmp
        -149.0s C:\Windows\Temp\secEE74.tmp
        -149.0s C:\Windows\Temp\secEE75.tmp
        -149.0s C:\Windows\Temp\secEE76.tmp
        -149.0s C:\Windows\Temp\secEE77.tmp
        -149.0s C:\Windows\Temp\secEE78.tmp
        -149.0s C:\Windows\Temp\secEE79.tmp
        -149.0s C:\Windows\Temp\secEE7A.tmp
        -149.0s C:\Windows\Temp\secEE8B.tmp
        -149.0s C:\Windows\Temp\secEE8C.tmp
        -149.0s C:\Windows\Temp\secEE8D.tmp
        -149.0s C:\Windows\Temp\secEE8E.tmp
        -149.0s C:\Windows\Temp\secEE8F.tmp
        -149.0s C:\Windows\Temp\secEE90.tmp
        -149.0s C:\Windows\Temp\secEE91.tmp
        -147.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -145.6s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -141.9s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -140.8s C:\Windows\Temp\WAXE53.tmp
        -119.7s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -116.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -115.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -114.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -111.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -111.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -107.6s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -103.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -103.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -82.5s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -78.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -78.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -76.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -75.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -75.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -73.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -73.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -73.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -73.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -65.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -58.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -58.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -58.3s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -58.3s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -58.2s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -57.8s C:\Windows\Temp\_MEI67202\
        -57.8s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -57.8s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -57.7s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_socket.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -57.7s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -57.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -57.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -57.7s C:\Windows\Temp\_MEI67202\python34.dll
        -57.7s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -57.7s C:\Windows\Temp\_MEI67202\select.pyd
        -57.6s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -57.6s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -57.6s C:\Windows\Temp\_MEI67202\base_library.zip
        -57.6s C:\Windows\Temp\_MEI67202\Include\
        -57.6s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -57.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -57.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -54.0s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -54.0s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -52.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -51.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -51.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -51.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -50.4s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -48.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -48.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -48.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -48.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -46.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -45.5s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -45.2s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -44.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -43.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -43.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -42.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -42.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -41.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -41.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -39.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -39.1s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -38.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -38.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -36.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -32.1s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -30.2s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -29.6s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -28.9s C:\Program Files\5QZG3OJ0TS\
        -26.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -23.0s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -21.2s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -18.3s C:\Program Files\LMCMPM4PUO\
        -18.0s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -17.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -17.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -17.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -16.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -13.6s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -13.6s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -11.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -10.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -10.9s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -8.6s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
        -7.4s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
        -6.8s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
        -6.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
        -6.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
        -6.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
        -6.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
        -4.0s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
        -3.8s C:\Users\user\AppData\Roaming\xyz02h4odhk\
        -2.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
        -1.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -1.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
          0.0s C:\Program Files\LMCMPM4PUO\uninstaller.exe
          0.6s C:\Program Files\KZFZHJ3JTA\
          1.4s C:\Program Files\5QZG3OJ0TS\cast.config
          3.4s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
          5.3s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
          5.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
          5.9s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
          6.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
          6.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
          6.4s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
          6.5s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
          7.1s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
          7.4s C:\Users\user\AppData\Local\Temp\3CSINwA73\
          7.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
          7.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
          7.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
          8.0s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
          8.0s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        10.2s C:\Program Files\LMCMPM4PUO\cast.config
        13.3s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        15.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        17.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        17.4s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        17.4s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        17.8s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        18.0s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        18.4s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        18.7s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        18.7s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        19.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        19.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        20.3s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        24.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        24.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        24.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        24.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        24.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        25.9s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        26.5s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        28.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        29.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        29.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        30.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        30.1s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        31.5s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        32.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        32.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        33.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        34.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
        34.5s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        34.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        34.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        37.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        37.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        38.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        40.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        40.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        41.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        41.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        41.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        41.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        42.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        42.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        43.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        43.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        43.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        43.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        44.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        45.1s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        45.1s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        45.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        45.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        46.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        47.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        47.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        48.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        48.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        48.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        49.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        50.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        50.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        50.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        50.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        51.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        51.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        51.5s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        52.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        52.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        53.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        53.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        53.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        53.4s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        53.4s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        54.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        54.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
        55.4s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
        56.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
        56.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
        57.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
        57.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
        58.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
        61.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
        62.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        62.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        63.4s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        63.5s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        63.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        63.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        64.0s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        64.0s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        64.1s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        64.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        64.5s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        64.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        64.6s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        64.9s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        64.9s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        66.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        66.8s C:\Users\user\AppData\Local\Temp\647C.tmp
        67.2s C:\Program Files\KZFZHJ3JTA\cast.config
        67.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        67.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        67.9s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        68.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        71.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        71.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        71.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        72.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        72.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        73.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        73.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        73.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        73.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        73.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        73.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        74.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        74.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        74.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        75.4s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        76.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        76.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        77.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        77.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        78.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        78.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        78.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        78.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        79.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        79.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        80.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        80.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        81.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        81.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        81.9s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        81.9s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        82.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        85.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        87.6s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        87.6s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        87.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        88.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        88.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        89.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        90.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        90.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        90.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        90.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        90.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        95.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        96.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        96.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        97.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        99.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        99.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        100.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        100.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        100.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        100.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        101.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        101.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        101.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        101.9s C:\Users\user\AppData\Local\Temp\mbam\
        101.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        102.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        102.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        103.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        103.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        104.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        104.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        104.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        105.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        105.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        105.5s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        107.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        108.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        109.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        109.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        109.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        109.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        110.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        110.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        111.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        112.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        112.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        113.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        113.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        115.3s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        115.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        117.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        120.1s C:\KRECYCLE\00030979.KVQ
        120.4s C:\KRECYCLE\00030980.KVQ
        120.7s C:\KRECYCLE\00030981.KVQ
        120.9s C:\KRECYCLE\00030982.KVQ
        121.0s C:\ProgramData\Kingsoft\DUBA\
        121.0s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        121.1s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        121.2s C:\KRECYCLE\00030983.KVQ
        122.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        123.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        125.3s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        126.3s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        127.6s C:\KRECYCLE\00030984.KVQ
        135.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Users\user\AppData\Local\Temp\15XveUazm\15XveUazm.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:53)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\1964628687\ic-0.7de565e114466c.exe -> Quarantined
      Size . . . . . . . : 7.756.235 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:35:57)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 0140BE3788782BEA973D20DFCBD0114305690406740DF9CAF95A4857569230D2
      Product  . . . . . : Micro Foundation
      Publisher  . . . . : Micro Foundation, Inc.
      Description  . . . : Micro Foundation Setup
      Version
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 108.0

  C:\Users\user\AppData\Local\Temp\3EACP5BCx\3EACP5BCx.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:05)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\6N6OK14u4\ytab_m_1_big.exe -> Quarantined
      Size . . . . . . . : 2.635.129 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:36:44)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : E684A02D42680920CFBBBE113ACA12A3B33DCE6F3DEBA7E125FA367DDF023834
    > Bitdefender  . . . : Gen:Variant.Zusy.244422
      Fuzzy  . . . . . . : 116.0

  C:\Users\user\AppData\Local\Temp\6QYCphRX4\6QYCphRX4.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:15)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\cctrD0rcf\netstream.exe -> Quarantined
      Size . . . . . . . : 416.256 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:36:45)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : F8B2CCCA1688CBB0D0EB3C6190FF9D91E947DE9EF5BF4794D1F77582D0DBB53F
      Product  . . . . . : Folder Guard
      Publisher  . . . . : WinAbility®  Software Corporation
      Description  . . . : Folder Guard setip
      Version  . . . . . : 9.1
      Copyright  . . . . : Copyright © 2013 WinAbility® Software Corporation. All rights reserved.
      LanguageID . . . . : 1033
    > Kaspersky  . . . . : Trojan.Win32.Yakes.trin
      Fuzzy  . . . . . . : 103.0

  C:\Users\user\AppData\Local\Temp\cqZRkRTTx\ytab_m_1_big.exe -> Quarantined
      Size . . . . . . . : 2.638.661 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:33)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 4106DFB3B6646558131DF7D820E8E4642B8E9883FBB052B13D8BDB343BD66421
    > Bitdefender  . . . : Gen:Variant.Zusy.244422
      Fuzzy  . . . . . . : 116.0

  C:\Users\user\AppData\Local\Temp\gWHcPz8uO\ytab_m_1_big.exe -> Quarantined
      Size . . . . . . . : 2.402.783 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:36:44)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : AFCB6AA76242E622838B85E1283843CC45A86D9EB4F91AB6F14E000EF1CEE168
    > Bitdefender  . . . : Gen:Variant.Zusy.244422
      Fuzzy  . . . . . . : 116.0

senergy 10.07.2017 21:20
Code:
        -21.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        -20.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -20.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -17.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        -17.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        -17.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        -14.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        -14.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        -14.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        -14.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        -14.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        -14.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        -13.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        -13.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        -12.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        -12.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        -12.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        -11.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -11.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -11.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        -10.4s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        -10.4s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        -10.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -10.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -8.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        -8.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        -8.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        -7.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        -6.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        -6.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        -5.8s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        -5.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        -5.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        -4.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        -4.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        -4.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        -4.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        -4.0s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        -3.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        -3.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        -2.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        -2.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        -2.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        -2.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        -2.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        -1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        -0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
          0.0s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
          0.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
          1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
          1.7s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
          1.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
          2.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
          5.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
          7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
          7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
          8.0s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
          8.1s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
          8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
          8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
          8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
          8.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
          8.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
          8.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
          8.5s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
          8.5s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
          8.6s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
          8.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
          9.0s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
          9.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
          9.2s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
          9.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
          9.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        11.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        11.3s C:\Users\user\AppData\Local\Temp\647C.tmp
        11.8s C:\Program Files\KZFZHJ3JTA\cast.config
        11.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        12.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        12.5s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        13.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        15.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        15.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        16.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        17.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        17.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        17.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        17.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        17.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        18.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        18.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        18.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        19.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        19.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        19.4s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        19.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        21.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        21.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        21.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        21.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        22.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        22.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        23.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        23.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        23.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        24.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        25.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        25.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        25.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        26.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        26.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        26.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        26.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        30.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        32.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        32.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        32.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        32.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        33.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        33.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        34.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        35.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        35.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        35.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        35.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        40.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        40.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        41.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        41.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        42.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        42.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        42.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        43.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        43.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        44.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        44.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        44.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        45.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        45.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        45.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        46.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        46.5s C:\Users\user\AppData\Local\Temp\mbam\
        46.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        47.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        47.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        47.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        47.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        48.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        48.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        49.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        49.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        50.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        50.0s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        51.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        53.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        53.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        53.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        53.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        54.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        54.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        55.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        55.6s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        56.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        56.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        57.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        57.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        59.8s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        60.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        61.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        64.6s C:\KRECYCLE\00030979.KVQ
        65.0s C:\KRECYCLE\00030980.KVQ
        65.2s C:\KRECYCLE\00030981.KVQ
        65.5s C:\KRECYCLE\00030982.KVQ
        65.5s C:\ProgramData\Kingsoft\DUBA\
        65.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        65.7s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        65.7s C:\KRECYCLE\00030983.KVQ
        67.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        68.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        69.9s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        70.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        72.2s C:\KRECYCLE\00030984.KVQ
        79.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Program Files\LMCMPM4PUO\uninstaller.exe -> Quarantined
      Size . . . . . . . : 318.464 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:00:55)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : A22B444AFD31CE2D0CE27BD61E22DC5BDF005117BEDB73D3353CB49394382808
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -149.8s C:\Windows\Temp\_MEI64842\
        -149.8s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -149.8s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -149.8s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -149.8s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_socket.pyd
        -149.7s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -149.7s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -149.7s C:\Windows\Temp\_MEI64842\python34.dll
        -149.7s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -149.7s C:\Windows\Temp\_MEI64842\select.pyd
        -149.7s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -149.7s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -149.7s C:\Windows\Temp\_MEI64842\Include\
        -149.7s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -149.7s C:\Windows\Temp\_MEI64842\base_library.zip
        -149.0s C:\Windows\Temp\secEE60.tmp
        -149.0s C:\Windows\Temp\secEE61.tmp
        -149.0s C:\Windows\Temp\secEE62.tmp
        -149.0s C:\Windows\Temp\secEE63.tmp
        -149.0s C:\Windows\Temp\secEE73.tmp
        -149.0s C:\Windows\Temp\secEE74.tmp
        -149.0s C:\Windows\Temp\secEE75.tmp
        -149.0s C:\Windows\Temp\secEE76.tmp
        -149.0s C:\Windows\Temp\secEE77.tmp
        -149.0s C:\Windows\Temp\secEE78.tmp
        -149.0s C:\Windows\Temp\secEE79.tmp
        -149.0s C:\Windows\Temp\secEE7A.tmp
        -149.0s C:\Windows\Temp\secEE8B.tmp
        -149.0s C:\Windows\Temp\secEE8C.tmp
        -149.0s C:\Windows\Temp\secEE8D.tmp
        -149.0s C:\Windows\Temp\secEE8E.tmp
        -149.0s C:\Windows\Temp\secEE8F.tmp
        -149.0s C:\Windows\Temp\secEE90.tmp
        -149.0s C:\Windows\Temp\secEE91.tmp
        -147.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -145.6s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -141.9s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -140.8s C:\Windows\Temp\WAXE53.tmp
        -119.7s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -116.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -115.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -114.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -111.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -111.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -111.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -107.6s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -103.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -103.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -82.5s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -78.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -78.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -76.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -75.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -75.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -73.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -73.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -73.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -73.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -65.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -58.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -58.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -58.3s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -58.3s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -58.2s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -57.8s C:\Windows\Temp\_MEI67202\
        -57.8s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -57.8s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -57.7s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_socket.pyd
        -57.7s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -57.7s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -57.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -57.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -57.7s C:\Windows\Temp\_MEI67202\python34.dll
        -57.7s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -57.7s C:\Windows\Temp\_MEI67202\select.pyd
        -57.6s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -57.6s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -57.6s C:\Windows\Temp\_MEI67202\base_library.zip
        -57.6s C:\Windows\Temp\_MEI67202\Include\
        -57.6s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -57.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -57.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -54.0s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -54.0s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -52.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -51.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -51.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -51.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -50.4s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -48.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -48.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -48.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -48.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -46.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -45.5s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -45.2s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -44.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -43.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -43.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -42.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -42.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -41.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -41.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -39.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -39.1s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -38.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -38.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -36.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -32.1s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -30.2s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -29.6s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -28.9s C:\Program Files\5QZG3OJ0TS\
        -26.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -23.0s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -21.2s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -18.3s C:\Program Files\LMCMPM4PUO\
        -18.0s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -17.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -17.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -17.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -16.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -13.6s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -13.6s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -11.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -10.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -10.9s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -8.6s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
        -7.4s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
        -6.8s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
        -6.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
        -6.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
        -6.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
        -6.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
        -4.0s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
        -3.8s C:\Users\user\AppData\Roaming\xyz02h4odhk\
        -2.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
        -2.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
        -2.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
        -2.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
        -1.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -1.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
          0.0s C:\Program Files\LMCMPM4PUO\uninstaller.exe
          0.6s C:\Program Files\KZFZHJ3JTA\
          1.4s C:\Program Files\5QZG3OJ0TS\cast.config
          3.4s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
          5.3s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
          5.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
          5.9s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
          6.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
          6.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
          6.4s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
          6.5s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
          7.1s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
          7.4s C:\Users\user\AppData\Local\Temp\3CSINwA73\
          7.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
          7.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
          7.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
          8.0s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
          8.0s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        10.2s C:\Program Files\LMCMPM4PUO\cast.config
        13.3s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        15.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        17.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        17.4s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        17.4s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        17.8s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        18.0s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        18.4s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        18.7s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        18.7s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        19.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        19.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        20.3s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        24.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        24.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        24.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        24.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        24.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        25.9s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        26.5s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        28.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        29.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        29.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        30.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        30.1s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        31.5s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        32.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        32.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        33.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        34.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
        34.5s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        34.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        34.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        37.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        37.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        38.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        40.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        40.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        41.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        41.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        41.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        41.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        42.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        42.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        43.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        43.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        43.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        43.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        44.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        45.1s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        45.1s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        45.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        45.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        46.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        47.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        47.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        48.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        48.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        48.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        49.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        50.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        50.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        50.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        50.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        51.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        51.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        51.5s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        52.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        52.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        53.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        53.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        53.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        53.4s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        53.4s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        54.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        54.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
        55.4s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
        56.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
        56.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
        57.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
        57.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
        58.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
        61.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
        62.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        62.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        63.4s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        63.5s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        63.7s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        63.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        63.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        64.0s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        64.0s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        64.1s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        64.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        64.5s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        64.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        64.6s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        64.9s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        64.9s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        66.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        66.8s C:\Users\user\AppData\Local\Temp\647C.tmp
        67.2s C:\Program Files\KZFZHJ3JTA\cast.config
        67.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        67.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        67.9s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        68.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        71.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        71.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        71.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        72.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        72.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        73.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        73.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        73.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        73.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        73.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        73.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        74.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        74.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        74.9s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        75.4s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        76.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        76.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        77.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        77.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        78.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        78.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        78.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        78.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        79.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        79.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        80.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        80.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        81.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        81.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        81.9s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        81.9s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        82.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        85.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        87.6s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        87.6s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        87.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        88.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        88.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        89.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        90.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        90.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        90.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        90.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        90.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        95.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        96.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        96.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        97.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        98.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        99.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        99.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        100.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        100.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        100.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        100.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        101.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        101.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        101.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        101.9s C:\Users\user\AppData\Local\Temp\mbam\
        101.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        102.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        102.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        103.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        103.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        104.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        104.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        104.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        105.0s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        105.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        105.5s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        107.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        108.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        109.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        109.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        109.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        109.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        110.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        110.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        111.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        112.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        112.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        113.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        113.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        115.3s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        115.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        117.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        120.1s C:\KRECYCLE\00030979.KVQ
        120.4s C:\KRECYCLE\00030980.KVQ
        120.7s C:\KRECYCLE\00030981.KVQ
        120.9s C:\KRECYCLE\00030982.KVQ
        121.0s C:\ProgramData\Kingsoft\DUBA\
        121.0s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        121.1s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        121.2s C:\KRECYCLE\00030983.KVQ
        122.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        123.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        125.3s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        126.3s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        127.6s C:\KRECYCLE\00030984.KVQ
        135.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Users\user\AppData\Local\Temp\15XveUazm\15XveUazm.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:53)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\1964628687\ic-0.7de565e114466c.exe -> Quarantined
      Size . . . . . . . : 7.756.235 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:35:57)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 0140BE3788782BEA973D20DFCBD0114305690406740DF9CAF95A4857569230D2
      Product  . . . . . : Micro Foundation
      Publisher  . . . . : Micro Foundation, Inc.
      Description  . . . : Micro Foundation Setup
      Version
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 108.0

  C:\Users\user\AppData\Local\Temp\3EACP5BCx\3EACP5BCx.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:05)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\6N6OK14u4\ytab_m_1_big.exe -> Quarantined
      Size . . . . . . . : 2.635.129 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:36:44)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : E684A02D42680920CFBBBE113ACA12A3B33DCE6F3DEBA7E125FA367DDF023834
    > Bitdefender  . . . : Gen:Variant.Zusy.244422
      Fuzzy  . . . . . . : 116.0

  C:\Users\user\AppData\Local\Temp\6QYCphRX4\6QYCphRX4.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:15)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\cctrD0rcf\netstream.exe -> Quarantined
      Size . . . . . . . : 416.256 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:36:45)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : F8B2CCCA1688CBB0D0EB3C6190FF9D91E947DE9EF5BF4794D1F77582D0DBB53F
      Product  . . . . . : Folder Guard
      Publisher  . . . . : WinAbility®  Software Corporation
      Description  . . . : Folder Guard setip
      Version  . . . . . : 9.1
      Copyright  . . . . : Copyright © 2013 WinAbility® Software Corporation. All rights reserved.
      LanguageID . . . . : 1033
    > Kaspersky  . . . . : Trojan.Win32.Yakes.trin
      Fuzzy  . . . . . . : 103.0

  C:\Users\user\AppData\Local\Temp\cqZRkRTTx\ytab_m_1_big.exe -> Quarantined
      Size . . . . . . . : 2.638.661 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:33)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 4106DFB3B6646558131DF7D820E8E4642B8E9883FBB052B13D8BDB343BD66421
    > Bitdefender  . . . : Gen:Variant.Zusy.244422
      Fuzzy  . . . . . . : 116.0

  C:\Users\user\AppData\Local\Temp\gWHcPz8uO\ytab_m_1_big.exe -> Quarantined
      Size . . . . . . . : 2.402.783 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:36:44)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : AFCB6AA76242E622838B85E1283843CC45A86D9EB4F91AB6F14E000EF1CEE168
    > Bitdefender  . . . : Gen:Variant.Zusy.244422
      Fuzzy  . . . . . . : 116.0

  C:\Users\user\AppData\Local\Temp\hncS2gxko\netstream.exe -> Quarantined
      Size . . . . . . . : 416.256 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:36:46)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : F8B2CCCA1688CBB0D0EB3C6190FF9D91E947DE9EF5BF4794D1F77582D0DBB53F
      Product  . . . . . : Folder Guard
      Publisher  . . . . : WinAbility®  Software Corporation
      Description  . . . : Folder Guard setip
      Version  . . . . . : 9.1
      Copyright  . . . . : Copyright © 2013 WinAbility® Software Corporation. All rights reserved.
      LanguageID . . . . : 1033
    > Kaspersky  . . . . : Trojan.Win32.Yakes.trin
      Fuzzy  . . . . . . : 103.0

  C:\Users\user\AppData\Local\Temp\is-1T07S.tmp\ins.exe -> Quarantined
      Size . . . . . . . : 739.840 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:35:24)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 53125BC5C87031E9625FB810E382D8B8B0AAFB53EB292F283CC52FA5B285E204
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:02:08)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -223.0s C:\Windows\Temp\_MEI64842\
        -223.0s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -223.0s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -223.0s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -223.0s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -223.0s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -223.0s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -223.0s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -223.0s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -223.0s C:\Windows\Temp\_MEI64842\_socket.pyd
        -222.9s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -222.9s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -222.9s C:\Windows\Temp\_MEI64842\python34.dll
        -222.9s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -222.9s C:\Windows\Temp\_MEI64842\select.pyd
        -222.9s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -222.9s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -222.9s C:\Windows\Temp\_MEI64842\Include\
        -222.9s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -222.9s C:\Windows\Temp\_MEI64842\base_library.zip
        -222.3s C:\Windows\Temp\secEE60.tmp
        -222.3s C:\Windows\Temp\secEE61.tmp
        -222.3s C:\Windows\Temp\secEE62.tmp
        -222.2s C:\Windows\Temp\secEE63.tmp
        -222.2s C:\Windows\Temp\secEE73.tmp
        -222.2s C:\Windows\Temp\secEE74.tmp
        -222.2s C:\Windows\Temp\secEE75.tmp
        -222.2s C:\Windows\Temp\secEE76.tmp
        -222.2s C:\Windows\Temp\secEE77.tmp
        -222.2s C:\Windows\Temp\secEE78.tmp
        -222.2s C:\Windows\Temp\secEE79.tmp
        -222.2s C:\Windows\Temp\secEE7A.tmp
        -222.2s C:\Windows\Temp\secEE8B.tmp
        -222.2s C:\Windows\Temp\secEE8C.tmp
        -222.2s C:\Windows\Temp\secEE8D.tmp
        -222.2s C:\Windows\Temp\secEE8E.tmp
        -222.2s C:\Windows\Temp\secEE8F.tmp
        -222.2s C:\Windows\Temp\secEE90.tmp
        -222.2s C:\Windows\Temp\secEE91.tmp
        -220.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -218.9s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -215.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -214.0s C:\Windows\Temp\WAXE53.tmp
        -192.9s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -189.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -188.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -188.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -184.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -184.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -184.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -184.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -184.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -184.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -180.8s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -177.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -177.0s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -155.7s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -151.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -151.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -150.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -149.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -149.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -146.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -146.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -146.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -146.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -138.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -131.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -131.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -131.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -131.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -131.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -131.0s C:\Windows\Temp\_MEI67202\
        -131.0s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -131.0s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -131.0s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -131.0s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -131.0s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -131.0s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -131.0s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -131.0s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -131.0s C:\Windows\Temp\_MEI67202\_socket.pyd
        -130.9s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -130.9s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -130.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -130.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -130.9s C:\Windows\Temp\_MEI67202\python34.dll
        -130.9s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -130.9s C:\Windows\Temp\_MEI67202\select.pyd
        -130.9s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -130.9s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -130.9s C:\Windows\Temp\_MEI67202\base_library.zip
        -130.9s C:\Windows\Temp\_MEI67202\Include\
        -130.9s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -130.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -130.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -127.3s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -127.3s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -125.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -125.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -125.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -124.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -123.6s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -121.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -121.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -121.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -121.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -119.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -118.7s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -118.4s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -118.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -116.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -116.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -115.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -115.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -114.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -114.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -112.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -112.4s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -111.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -111.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -109.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -105.3s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -103.4s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -102.8s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -102.1s C:\Program Files\5QZG3OJ0TS\
        -99.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -96.2s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -94.4s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -91.5s C:\Program Files\LMCMPM4PUO\
        -91.2s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -90.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -90.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -90.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -90.1s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -86.8s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -86.8s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -84.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -84.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -84.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -84.1s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -81.8s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
        -80.6s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
        -80.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
        -80.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
        -79.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
        -79.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
        -79.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
        -77.2s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
        -77.0s C:\Users\user\AppData\Roaming\xyz02h4odhk\
        -76.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
        -76.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
        -75.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
        -75.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
        -74.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -74.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -73.2s C:\Program Files\LMCMPM4PUO\uninstaller.exe
        -72.7s C:\Program Files\KZFZHJ3JTA\
        -71.9s C:\Program Files\5QZG3OJ0TS\cast.config
        -69.8s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
        -68.0s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
        -67.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
        -67.3s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
        -67.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
        -67.1s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
        -66.8s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
        -66.7s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
        -66.1s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
        -65.9s C:\Users\user\AppData\Local\Temp\3CSINwA73\
        -65.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
        -65.6s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
        -65.6s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
        -65.2s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
        -65.2s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        -63.0s C:\Program Files\LMCMPM4PUO\cast.config
        -59.9s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        -58.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        -56.0s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        -55.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        -55.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        -55.5s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        -55.2s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        -54.8s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        -54.6s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        -54.6s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        -53.9s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        -53.9s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        -53.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        -49.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        -49.2s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        -49.1s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        -49.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        -48.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        -47.3s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        -46.7s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        -44.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        -43.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        -43.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        -43.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        -43.1s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        -41.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        -40.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        -40.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        -39.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        -39.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
        -38.8s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        -38.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -38.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -35.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        -35.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        -35.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        -32.5s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        -32.5s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        -32.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        -32.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        -31.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        -31.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        -31.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        -31.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        -30.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        -30.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        -29.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        -29.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -29.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -29.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        -28.2s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        -28.2s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        -28.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -28.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -26.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        -26.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        -26.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        -24.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        -24.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        -24.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        -23.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        -23.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        -23.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        -22.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        -22.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        -22.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        -22.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        -21.8s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        -21.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        -20.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        -20.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        -20.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        -20.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        -19.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        -19.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        -19.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        -18.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
        -17.8s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
        -17.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
        -16.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
        -16.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
        -16.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
        -15.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
        -12.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
        -10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        -10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        -9.8s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        -9.7s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        -9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        -9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        -9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        -9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        -9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        -9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        -9.2s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        -9.2s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        -9.1s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        -8.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        -8.8s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        -8.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        -8.6s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        -8.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        -8.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        -6.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        -6.4s C:\Users\user\AppData\Local\Temp\647C.tmp
        -6.0s C:\Program Files\KZFZHJ3JTA\cast.config
        -5.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        -5.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        -5.3s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        -4.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        -2.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        -1.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        -1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        -0.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        -0.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        -0.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        -0.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
          0.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
          0.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
          0.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
          0.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
          1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
          1.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
          1.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
          2.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
          3.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
          3.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
          3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
          4.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
          4.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
          5.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
          5.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
          5.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
          6.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
          6.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
          7.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
          7.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
          8.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
          8.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
          8.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
          8.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
          8.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        12.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        14.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        14.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        14.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        14.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        15.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        16.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        17.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        17.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        17.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        17.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        17.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        22.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        23.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        23.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        24.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        25.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        25.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        26.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        27.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        27.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        27.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        27.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        28.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        28.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        28.7s C:\Users\user\AppData\Local\Temp\mbam\
        28.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        29.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        29.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        29.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        29.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        30.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        31.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        31.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        31.8s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        32.3s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        32.3s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        33.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        35.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        35.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        35.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        36.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        36.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        36.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        37.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        37.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        38.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        39.1s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        39.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        40.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        42.1s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        42.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        43.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        46.9s C:\KRECYCLE\00030979.KVQ
        47.2s C:\KRECYCLE\00030980.KVQ
        47.5s C:\KRECYCLE\00030981.KVQ
        47.7s C:\KRECYCLE\00030982.KVQ
        47.8s C:\ProgramData\Kingsoft\DUBA\
        47.8s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        47.9s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        48.0s C:\KRECYCLE\00030983.KVQ
        49.3s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        50.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        52.1s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        53.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        54.4s C:\KRECYCLE\00030984.KVQ
        62.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Users\user\AppData\Local\Temp\is-B6O3T.tmp\up.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:04)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\is-RQFNL.tmp\booster.exe -> Quarantined
      Size . . . . . . . : 732.672 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:35:32)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 7E71050C4C18A576EC608F04959853903753A29D1084393A2799258F04195ECE
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\is-V082R.tmp\up.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:13)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\is-VMGLI.tmp\is-VMGLI.tmp.exe -> Quarantined
      Size . . . . . . . : 1.105.408 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:33:59)
      Entropy  . . . . . : 5.6
      SHA-256  . . . . . : 5C5AA5C3DA95CEBFE6E532DBB35EA7D115BFE02BE4603A55E2C81C326587CF1D
    > Kaspersky  . . . . : not-a-virus:AdWare.Win32.StartSurf.xii
      Fuzzy  . . . . . . : 113.0

  C:\Users\user\AppData\Local\Temp\is-VMGLI.tmp\sam__9286_ilCA30F2.exe -> Quarantined
      Size . . . . . . . : 1.172.432 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:33:52)
      Entropy  . . . . . : 6.8
      SHA-256  . . . . . : 99C202A5A0889459851AD1B78216966297F95008348083CA4123EE9653337579
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:AdWare.Win32.FileTour.gen
      Fuzzy  . . . . . . : 106.0

  C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:01:48)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -203.0s C:\Windows\Temp\_MEI64842\
        -203.0s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -203.0s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -203.0s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_socket.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -203.0s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -202.9s C:\Windows\Temp\_MEI64842\python34.dll
        -202.9s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -202.9s C:\Windows\Temp\_MEI64842\select.pyd
        -202.9s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -202.9s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -202.9s C:\Windows\Temp\_MEI64842\Include\
        -202.9s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -202.9s C:\Windows\Temp\_MEI64842\base_library.zip
        -202.3s C:\Windows\Temp\secEE60.tmp
        -202.3s C:\Windows\Temp\secEE61.tmp
        -202.3s C:\Windows\Temp\secEE62.tmp
        -202.3s C:\Windows\Temp\secEE63.tmp
        -202.3s C:\Windows\Temp\secEE73.tmp
        -202.3s C:\Windows\Temp\secEE74.tmp
        -202.3s C:\Windows\Temp\secEE75.tmp
        -202.3s C:\Windows\Temp\secEE76.tmp
        -202.3s C:\Windows\Temp\secEE77.tmp
        -202.3s C:\Windows\Temp\secEE78.tmp
        -202.3s C:\Windows\Temp\secEE79.tmp
        -202.3s C:\Windows\Temp\secEE7A.tmp
        -202.2s C:\Windows\Temp\secEE8B.tmp
        -202.2s C:\Windows\Temp\secEE8C.tmp
        -202.2s C:\Windows\Temp\secEE8D.tmp
        -202.2s C:\Windows\Temp\secEE8E.tmp
        -202.2s C:\Windows\Temp\secEE8F.tmp
        -202.2s C:\Windows\Temp\secEE90.tmp
        -202.2s C:\Windows\Temp\secEE91.tmp
        -200.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -198.9s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -195.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -194.0s C:\Windows\Temp\WAXE53.tmp
        -172.9s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -169.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -168.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -168.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -164.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -164.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -160.8s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -157.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -157.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -135.8s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -131.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -131.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -130.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -126.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -126.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -126.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -126.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -118.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -111.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -111.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -111.0s C:\Windows\Temp\_MEI67202\
        -111.0s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest

senergy 10.07.2017 21:24
Code:
        -24.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        -24.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        -24.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        -23.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        -23.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        -23.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        -22.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        -22.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        -22.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        -22.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        -21.8s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        -21.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        -20.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        -20.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        -20.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        -20.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        -19.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        -19.8s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        -19.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        -18.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
        -17.8s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
        -17.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
        -16.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
        -16.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
        -16.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
        -15.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
        -12.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
        -10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        -10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        -9.8s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        -9.7s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        -9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        -9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        -9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        -9.6s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        -9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        -9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        -9.2s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        -9.2s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        -9.1s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        -8.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        -8.8s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        -8.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        -8.6s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        -8.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        -8.3s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        -6.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        -6.4s C:\Users\user\AppData\Local\Temp\647C.tmp
        -6.0s C:\Program Files\KZFZHJ3JTA\cast.config
        -5.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        -5.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        -5.3s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        -4.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        -2.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        -1.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        -1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        -0.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        -0.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        -0.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        -0.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
          0.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
          0.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
          0.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
          0.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
          1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
          1.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
          1.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
          2.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
          3.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
          3.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
          3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
          4.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
          4.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
          5.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
          5.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
          5.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
          6.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
          6.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
          7.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
          7.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
          8.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
          8.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
          8.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
          8.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
          8.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        12.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        14.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        14.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        14.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        14.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        15.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        16.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        17.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        17.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        17.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        17.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        17.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        22.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        23.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        23.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        24.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        25.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        25.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        25.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        26.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        27.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        27.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        27.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        27.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        28.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        28.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        28.7s C:\Users\user\AppData\Local\Temp\mbam\
        28.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        29.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        29.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        29.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        29.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        30.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        31.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        31.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        31.8s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        32.3s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        32.3s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        33.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        35.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        35.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        35.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        36.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        36.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        36.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        37.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        37.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        38.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        39.1s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        39.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        40.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        42.1s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        42.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        43.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        46.9s C:\KRECYCLE\00030979.KVQ
        47.2s C:\KRECYCLE\00030980.KVQ
        47.5s C:\KRECYCLE\00030981.KVQ
        47.7s C:\KRECYCLE\00030982.KVQ
        47.8s C:\ProgramData\Kingsoft\DUBA\
        47.8s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        47.9s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        48.0s C:\KRECYCLE\00030983.KVQ
        49.3s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        50.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        52.1s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        53.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        54.4s C:\KRECYCLE\00030984.KVQ
        62.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Users\user\AppData\Local\Temp\is-B6O3T.tmp\up.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:04)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\is-RQFNL.tmp\booster.exe -> Quarantined
      Size . . . . . . . : 732.672 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:35:32)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 7E71050C4C18A576EC608F04959853903753A29D1084393A2799258F04195ECE
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\is-V082R.tmp\up.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:37:13)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0

  C:\Users\user\AppData\Local\Temp\is-VMGLI.tmp\is-VMGLI.tmp.exe -> Quarantined
      Size . . . . . . . : 1.105.408 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:33:59)
      Entropy  . . . . . : 5.6
      SHA-256  . . . . . : 5C5AA5C3DA95CEBFE6E532DBB35EA7D115BFE02BE4603A55E2C81C326587CF1D
    > Kaspersky  . . . . : not-a-virus:AdWare.Win32.StartSurf.xii
      Fuzzy  . . . . . . : 113.0

  C:\Users\user\AppData\Local\Temp\is-VMGLI.tmp\sam__9286_ilCA30F2.exe -> Quarantined
      Size . . . . . . . : 1.172.432 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:33:52)
      Entropy  . . . . . : 6.8
      SHA-256  . . . . . : 99C202A5A0889459851AD1B78216966297F95008348083CA4123EE9653337579
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:AdWare.Win32.FileTour.gen
      Fuzzy  . . . . . . : 106.0

  C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:01:48)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -203.0s C:\Windows\Temp\_MEI64842\
        -203.0s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -203.0s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -203.0s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_socket.pyd
        -203.0s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -203.0s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -202.9s C:\Windows\Temp\_MEI64842\python34.dll
        -202.9s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -202.9s C:\Windows\Temp\_MEI64842\select.pyd
        -202.9s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -202.9s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -202.9s C:\Windows\Temp\_MEI64842\Include\
        -202.9s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -202.9s C:\Windows\Temp\_MEI64842\base_library.zip
        -202.3s C:\Windows\Temp\secEE60.tmp
        -202.3s C:\Windows\Temp\secEE61.tmp
        -202.3s C:\Windows\Temp\secEE62.tmp
        -202.3s C:\Windows\Temp\secEE63.tmp
        -202.3s C:\Windows\Temp\secEE73.tmp
        -202.3s C:\Windows\Temp\secEE74.tmp
        -202.3s C:\Windows\Temp\secEE75.tmp
        -202.3s C:\Windows\Temp\secEE76.tmp
        -202.3s C:\Windows\Temp\secEE77.tmp
        -202.3s C:\Windows\Temp\secEE78.tmp
        -202.3s C:\Windows\Temp\secEE79.tmp
        -202.3s C:\Windows\Temp\secEE7A.tmp
        -202.2s C:\Windows\Temp\secEE8B.tmp
        -202.2s C:\Windows\Temp\secEE8C.tmp
        -202.2s C:\Windows\Temp\secEE8D.tmp
        -202.2s C:\Windows\Temp\secEE8E.tmp
        -202.2s C:\Windows\Temp\secEE8F.tmp
        -202.2s C:\Windows\Temp\secEE90.tmp
        -202.2s C:\Windows\Temp\secEE91.tmp
        -200.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -198.9s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -195.2s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -194.0s C:\Windows\Temp\WAXE53.tmp
        -172.9s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -169.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -168.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -168.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -164.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -164.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -164.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -160.8s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -157.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -157.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -135.8s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -131.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -131.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -130.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -129.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -126.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -126.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -126.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -126.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -118.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -111.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -111.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -111.5s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -111.0s C:\Windows\Temp\_MEI67202\
        -111.0s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -111.0s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -111.0s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -111.0s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -111.0s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -111.0s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -111.0s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -111.0s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -111.0s C:\Windows\Temp\_MEI67202\_socket.pyd
        -110.9s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -110.9s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -110.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -110.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -110.9s C:\Windows\Temp\_MEI67202\python34.dll
        -110.9s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -110.9s C:\Windows\Temp\_MEI67202\select.pyd
        -110.9s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -110.9s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -110.9s C:\Windows\Temp\_MEI67202\base_library.zip
        -110.9s C:\Windows\Temp\_MEI67202\Include\
        -110.9s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -110.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -110.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -107.3s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -107.3s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -105.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -105.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -105.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -104.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -103.6s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -101.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -101.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -101.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -101.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -99.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -98.7s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -98.5s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -98.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -96.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -96.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -95.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -95.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -94.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -94.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -92.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -92.4s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -91.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -91.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -89.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -85.4s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -83.4s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -82.8s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -82.2s C:\Program Files\5QZG3OJ0TS\
        -79.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -76.2s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -74.5s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -71.5s C:\Program Files\LMCMPM4PUO\
        -71.2s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -71.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -70.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -70.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -70.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -66.8s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -66.8s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -64.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -64.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -64.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -64.2s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -61.8s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
        -60.6s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
        -60.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
        -60.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
        -59.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
        -59.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
        -59.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
        -57.2s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
        -57.0s C:\Users\user\AppData\Roaming\xyz02h4odhk\
        -56.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
        -55.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
        -55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
        -55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
        -55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
        -55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
        -55.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
        -54.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -54.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -53.2s C:\Program Files\LMCMPM4PUO\uninstaller.exe
        -52.7s C:\Program Files\KZFZHJ3JTA\
        -51.9s C:\Program Files\5QZG3OJ0TS\cast.config
        -49.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
        -48.0s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
        -47.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
        -47.4s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
        -47.2s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
        -47.2s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
        -46.9s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
        -46.7s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
        -46.1s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
        -45.9s C:\Users\user\AppData\Local\Temp\3CSINwA73\
        -45.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
        -45.6s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
        -45.6s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
        -45.2s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
        -45.2s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        -43.1s C:\Program Files\LMCMPM4PUO\cast.config
        -39.9s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        -38.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        -36.0s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        -35.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        -35.8s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        -35.5s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        -35.3s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        -34.8s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        -34.6s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        -34.6s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        -34.0s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        -34.0s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        -33.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        -29.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        -29.2s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        -29.2s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        -29.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        -28.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        -27.4s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        -26.8s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        -24.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        -23.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        -23.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        -23.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        -23.1s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        -21.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        -20.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        -20.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        -19.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        -19.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
        -18.8s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        -18.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -18.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -15.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        -15.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        -15.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        -12.5s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        -12.5s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        -12.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        -12.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        -11.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        -11.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        -11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        -11.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        -10.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        -10.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        -9.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        -9.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -9.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -9.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        -8.2s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        -8.2s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        -8.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -8.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -6.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        -6.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        -6.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        -5.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        -4.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        -4.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        -3.5s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        -3.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        -3.0s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        -2.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        -2.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        -2.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        -2.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        -1.8s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        -1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        -0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        -0.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        -0.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
          0.0s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
          0.2s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
          0.2s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
          0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
          1.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
          2.2s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
          3.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
          3.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
          3.9s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
          3.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
          4.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
          8.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
          9.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
          9.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        10.2s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        10.3s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        10.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        10.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        10.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        10.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        10.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        10.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        10.7s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        10.7s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        10.8s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        11.1s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        11.2s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        11.4s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        11.7s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        11.7s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        13.5s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        13.5s C:\Users\user\AppData\Local\Temp\647C.tmp
        14.0s C:\Program Files\KZFZHJ3JTA\cast.config
        14.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        14.3s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        14.7s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        15.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        18.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        18.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        18.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        19.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        19.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        19.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        20.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        20.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        20.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        20.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        20.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        21.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        21.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        21.6s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        22.1s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        23.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        23.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        23.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        24.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        24.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        25.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        25.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        25.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        26.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        26.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        27.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        27.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        28.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        28.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        28.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        28.7s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        28.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        32.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        34.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        34.3s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        34.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        34.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        35.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        36.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        37.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        37.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        37.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        37.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        37.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        42.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        43.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        43.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        44.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        44.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        45.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        45.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        45.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        45.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        46.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        46.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        47.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        47.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        47.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        48.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        48.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        48.7s C:\Users\user\AppData\Local\Temp\mbam\
        48.7s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        49.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        49.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        49.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        49.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        50.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        51.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        51.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        51.8s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        52.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        52.2s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        53.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        55.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        55.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        55.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        56.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        56.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        56.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        57.5s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        57.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        58.8s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        59.0s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        59.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        60.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        62.0s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        62.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        63.9s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        66.9s C:\KRECYCLE\00030979.KVQ
        67.2s C:\KRECYCLE\00030980.KVQ
        67.5s C:\KRECYCLE\00030981.KVQ
        67.7s C:\KRECYCLE\00030982.KVQ
        67.7s C:\ProgramData\Kingsoft\DUBA\
        67.7s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        67.9s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        67.9s C:\KRECYCLE\00030983.KVQ
        69.3s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        70.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        72.1s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        73.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        74.4s C:\KRECYCLE\00030984.KVQ
        82.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:02:22)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -237.3s C:\Windows\Temp\_MEI64842\
        -237.3s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -237.3s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -237.3s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -237.3s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -237.3s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -237.3s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -237.3s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -237.3s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -237.3s C:\Windows\Temp\_MEI64842\_socket.pyd
        -237.3s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -237.3s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -237.2s C:\Windows\Temp\_MEI64842\python34.dll
        -237.2s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -237.2s C:\Windows\Temp\_MEI64842\select.pyd
        -237.2s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -237.2s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -237.2s C:\Windows\Temp\_MEI64842\Include\
        -237.2s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -237.2s C:\Windows\Temp\_MEI64842\base_library.zip
        -236.6s C:\Windows\Temp\secEE60.tmp
        -236.6s C:\Windows\Temp\secEE61.tmp
        -236.6s C:\Windows\Temp\secEE62.tmp
        -236.6s C:\Windows\Temp\secEE63.tmp
        -236.6s C:\Windows\Temp\secEE73.tmp
        -236.6s C:\Windows\Temp\secEE74.tmp
        -236.6s C:\Windows\Temp\secEE75.tmp
        -236.6s C:\Windows\Temp\secEE76.tmp
        -236.6s C:\Windows\Temp\secEE77.tmp
        -236.6s C:\Windows\Temp\secEE78.tmp
        -236.6s C:\Windows\Temp\secEE79.tmp
        -236.6s C:\Windows\Temp\secEE7A.tmp
        -236.6s C:\Windows\Temp\secEE8B.tmp
        -236.6s C:\Windows\Temp\secEE8C.tmp
        -236.6s C:\Windows\Temp\secEE8D.tmp
        -236.6s C:\Windows\Temp\secEE8E.tmp
        -236.6s C:\Windows\Temp\secEE8F.tmp
        -236.6s C:\Windows\Temp\secEE90.tmp
        -236.6s C:\Windows\Temp\secEE91.tmp
        -234.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -233.2s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -229.5s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -228.3s C:\Windows\Temp\WAXE53.tmp
        -207.3s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -203.7s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -202.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -202.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -199.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -199.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -199.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -199.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -199.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -199.1s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -195.1s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -191.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -191.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -170.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -165.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -165.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -164.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -163.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -163.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -161.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -161.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -160.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -160.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -152.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -145.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -145.8s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -145.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -145.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -145.8s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -145.3s C:\Windows\Temp\_MEI67202\
        -145.3s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -145.3s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -145.3s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -145.3s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -145.3s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -145.3s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -145.3s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -145.3s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -145.3s C:\Windows\Temp\_MEI67202\_socket.pyd
        -145.3s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -145.3s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -145.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -145.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -145.2s C:\Windows\Temp\_MEI67202\python34.dll
        -145.2s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -145.2s C:\Windows\Temp\_MEI67202\select.pyd
        -145.2s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -145.2s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -145.2s C:\Windows\Temp\_MEI67202\base_library.zip
        -145.2s C:\Windows\Temp\_MEI67202\Include\
        -145.2s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -145.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -145.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -141.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -141.6s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -140.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -139.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -139.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -138.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -137.9s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -136.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -136.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -136.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -136.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -133.5s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -133.0s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -132.8s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -132.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -131.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -131.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -129.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -129.8s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -128.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -128.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -127.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -126.7s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -125.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -125.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -124.1s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -119.7s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -117.7s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -117.1s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -116.5s C:\Program Files\5QZG3OJ0TS\
        -114.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -110.5s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -108.8s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -105.9s C:\Program Files\LMCMPM4PUO\
        -105.6s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -105.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -105.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -104.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -104.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -101.1s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -101.1s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -99.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -98.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -98.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -98.5s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -96.1s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
        -95.0s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
        -94.3s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
        -94.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
        -94.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
        -94.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
        -93.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
        -91.6s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
        -91.3s C:\Users\user\AppData\Roaming\xyz02h4odhk\
        -90.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
        -90.3s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
        -90.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
        -90.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
        -90.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
        -88.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -88.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -87.6s C:\Program Files\LMCMPM4PUO\uninstaller.exe
        -87.0s C:\Program Files\KZFZHJ3JTA\
        -86.2s C:\Program Files\5QZG3OJ0TS\cast.config
        -84.2s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
        -82.3s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
        -82.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
        -81.7s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
        -81.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
        -81.5s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
        -81.2s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
        -81.0s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
        -80.5s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
        -80.2s C:\Users\user\AppData\Local\Temp\3CSINwA73\
        -79.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
        -79.9s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
        -79.9s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
        -79.6s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
        -79.5s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        -77.4s C:\Program Files\LMCMPM4PUO\cast.config
        -74.3s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        -72.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        -70.3s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        -70.2s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        -70.1s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        -69.8s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        -69.6s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        -69.1s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        -68.9s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        -68.9s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        -68.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        -68.3s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        -67.3s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        -63.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        -63.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        -63.5s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        -63.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        -63.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        -61.7s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        -61.1s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        -58.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        -57.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        -57.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        -57.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        -57.4s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        -56.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        -55.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        -55.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        -54.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        -53.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
        -53.1s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        -53.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -52.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -49.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        -49.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        -49.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        -46.8s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        -46.8s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        -46.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        -46.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        -46.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        -46.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        -45.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        -45.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json

senergy 10.07.2017 21:25
Code:
        -44.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        -44.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        -44.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        -43.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -43.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -43.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        -42.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        -42.5s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        -42.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -42.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -40.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        -40.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        -40.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        -39.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        -39.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        -38.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        -37.9s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        -37.3s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        -37.3s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        -37.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        -36.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        -36.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        -36.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        -36.1s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        -35.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        -35.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        -34.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        -34.3s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        -34.3s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        -34.2s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
        -34.1s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
        -33.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
        -33.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
        -32.1s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
        -31.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
        -30.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
        -30.4s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
        -30.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
        -29.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
        -26.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
        -24.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        -24.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        -24.1s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        -24.0s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        -23.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        -23.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        -23.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        -23.9s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        -23.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        -23.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        -23.6s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        -23.6s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        -23.5s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        -23.2s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        -23.1s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        -22.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        -22.9s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        -22.6s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        -22.6s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        -20.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        -20.8s C:\Users\user\AppData\Local\Temp\647C.tmp
        -20.3s C:\Program Files\KZFZHJ3JTA\cast.config
        -20.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        -20.0s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        -19.7s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        -19.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        -16.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        -16.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        -15.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        -14.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        -14.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        -14.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        -14.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        -14.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        -13.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        -13.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        -13.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        -12.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        -12.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        -12.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        -12.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        -10.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        -10.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        -10.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        -10.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        -9.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        -9.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        -9.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        -8.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        -8.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        -8.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        -7.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        -6.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        -6.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        -5.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        -5.6s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        -5.6s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        -5.4s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        -1.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        -0.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
          0.0s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
          0.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
          0.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
          0.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
          1.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
          2.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
          3.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
          3.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
          3.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
          3.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
          8.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
          8.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
          8.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
          9.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        10.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        10.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        10.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        11.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        11.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        12.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        12.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        12.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        13.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        13.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        13.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        13.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        14.4s C:\Users\user\AppData\Local\Temp\mbam\
        14.4s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        15.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        15.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        15.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        15.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        16.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        16.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        17.1s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        17.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        17.9s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        17.9s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        19.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        20.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        21.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        21.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        21.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        22.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        22.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        23.2s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        23.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        24.4s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        24.7s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        25.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        25.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        27.7s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        28.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        29.6s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        32.5s C:\KRECYCLE\00030979.KVQ
        32.9s C:\KRECYCLE\00030980.KVQ
        33.1s C:\KRECYCLE\00030981.KVQ
        33.4s C:\KRECYCLE\00030982.KVQ
        33.4s C:\ProgramData\Kingsoft\DUBA\
        33.4s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        33.5s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        33.6s C:\KRECYCLE\00030983.KVQ
        35.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        36.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        37.8s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        38.7s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        40.1s C:\KRECYCLE\00030984.KVQ
        47.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe -> Quarantined
      Size . . . . . . . : 347.648 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 12:01:48)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 5508A707F65FF9E3764DECF3709F39FFB949F00ABA61DC66A96DAB1844F84B5C
      Product  . . . . . : EA1W2A3Q
      Publisher  . . . . : EA1W2A
      Description  . . . : E
      Version  . . . . . : 8.6.4.7
      LanguageID . . . . : 0
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
        -203.2s C:\Windows\Temp\_MEI64842\
        -203.2s C:\Windows\Temp\_MEI64842\L2VPN.exe.manifest
        -203.2s C:\Windows\Temp\_MEI64842\MSVCR100.dll
        -203.2s C:\Windows\Temp\_MEI64842\_bz2.pyd
        -203.2s C:\Windows\Temp\_MEI64842\_ctypes.pyd
        -203.1s C:\Windows\Temp\_MEI64842\_hashlib.pyd
        -203.1s C:\Windows\Temp\_MEI64842\_lzma.pyd
        -203.1s C:\Windows\Temp\_MEI64842\_multiprocessing.pyd
        -203.1s C:\Windows\Temp\_MEI64842\_overlapped.pyd
        -203.1s C:\Windows\Temp\_MEI64842\_socket.pyd
        -203.1s C:\Windows\Temp\_MEI64842\_ssl.pyd
        -203.1s C:\Windows\Temp\_MEI64842\pyexpat.pyd
        -203.1s C:\Windows\Temp\_MEI64842\python34.dll
        -203.1s C:\Windows\Temp\_MEI64842\pywintypes34.dll
        -203.1s C:\Windows\Temp\_MEI64842\select.pyd
        -203.1s C:\Windows\Temp\_MEI64842\unicodedata.pyd
        -203.1s C:\Windows\Temp\_MEI64842\win32wnet.pyd
        -203.1s C:\Windows\Temp\_MEI64842\Include\
        -203.1s C:\Windows\Temp\_MEI64842\Include\pyconfig.h
        -203.1s C:\Windows\Temp\_MEI64842\base_library.zip
        -202.4s C:\Windows\Temp\secEE60.tmp
        -202.4s C:\Windows\Temp\secEE61.tmp
        -202.4s C:\Windows\Temp\secEE62.tmp
        -202.4s C:\Windows\Temp\secEE63.tmp
        -202.4s C:\Windows\Temp\secEE73.tmp
        -202.4s C:\Windows\Temp\secEE74.tmp
        -202.4s C:\Windows\Temp\secEE75.tmp
        -202.4s C:\Windows\Temp\secEE76.tmp
        -202.4s C:\Windows\Temp\secEE77.tmp
        -202.4s C:\Windows\Temp\secEE78.tmp
        -202.4s C:\Windows\Temp\secEE79.tmp
        -202.4s C:\Windows\Temp\secEE7A.tmp
        -202.4s C:\Windows\Temp\secEE8B.tmp
        -202.4s C:\Windows\Temp\secEE8C.tmp
        -202.4s C:\Windows\Temp\secEE8D.tmp
        -202.4s C:\Windows\Temp\secEE8E.tmp
        -202.4s C:\Windows\Temp\secEE8F.tmp
        -202.4s C:\Windows\Temp\secEE90.tmp
        -202.4s C:\Windows\Temp\secEE91.tmp
        -200.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8F9FEA48DA1F43C8DB163B6FC29D8BD926BD0F3
        -199.0s C:\ProgramData\Tencent\QQPCMgr\drsave.dat
        -195.3s C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\winsrcsrv.exe.log
        -194.2s C:\Windows\Temp\WAXE53.tmp
        -173.1s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115855.519.1.etl
        -169.6s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\19280e257a1311064a0e6f2482878232_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -168.8s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c2cb17293cccebced83dfda62aa4e381_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -168.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83a85927561fe5fc8a725db29d55c6b4_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -165.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2B01386E179BD42CB654391AB225E52ADC03F2F5
        -165.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\B0E33E2B08BFC5972DCD693462030E5394622BCF
        -165.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1D2A28CE8126037312E11E4B60DF1C2A2D3EBC70
        -165.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\2B342B826A1251752C7FEBA45F19B60F96149282
        -164.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8ffe969cfd8c7efdf5f0f4a81a747fa_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -164.9s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\14b24f7ab812b4ffd06e82f96e5e807e_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -161.0s C:\ProgramData\TXQMPC\TXGJFixConfig.DAT
        -157.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EA1FB7928979A324BEA12CA6AC910331BA58AD4B
        -157.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\e8e97cdd1da0080cb977f873d9e91ec3_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -135.9s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20170707.115932.711.1.etl
        -131.7s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\dc2d9a9cf4532072bc00479cd27901bc_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -131.7s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\800aa2d2664a6d3b3ae2ff60db10d314_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -130.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\c345a3f1e4c283ed7a605608b6a59e28_cac2ef9c-4a8f-413e-bfa5-a2fd91bddaf3
        -129.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0871B1ACE4E6AD0057D879C09B7BE79104A24B91
        -129.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\39E381427B1D14CF3E70F1035ED84A4F74D5221B
        -127.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\4A55BE001C001F41DDA8164DAB30D3100585D50A
        -127.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\C21B607F75291C032E6FE80B145DD565221D7C98
        -126.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6457A406D0A09CADA3422886DDDB737D2F2D63E2
        -126.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\E6A9024BB0B95CBBCE6FD848BD67E525D000505D
        -118.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E1BC8DA8AB173DFEB1340F0C503087CF83B3995D
        -111.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\
        -111.7s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\U0XLNV0U0FQ5GZD.exe.log
        -111.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\
        -111.7s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\
        -111.6s C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\
        -111.2s C:\Windows\Temp\_MEI67202\
        -111.2s C:\Windows\Temp\_MEI67202\L2VPN.exe.manifest
        -111.2s C:\Windows\Temp\_MEI67202\MSVCR100.dll
        -111.2s C:\Windows\Temp\_MEI67202\_bz2.pyd
        -111.2s C:\Windows\Temp\_MEI67202\_ctypes.pyd
        -111.1s C:\Windows\Temp\_MEI67202\_hashlib.pyd
        -111.1s C:\Windows\Temp\_MEI67202\_lzma.pyd
        -111.1s C:\Windows\Temp\_MEI67202\_multiprocessing.pyd
        -111.1s C:\Windows\Temp\_MEI67202\_overlapped.pyd
        -111.1s C:\Windows\Temp\_MEI67202\_socket.pyd
        -111.1s C:\Windows\Temp\_MEI67202\_ssl.pyd
        -111.1s C:\Windows\Temp\_MEI67202\pyexpat.pyd
        -111.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -111.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E698CCB2C296D265AC1A253974E09FD_3B680F9F621AA5ED7191396287434328
        -111.1s C:\Windows\Temp\_MEI67202\python34.dll
        -111.1s C:\Windows\Temp\_MEI67202\pywintypes34.dll
        -111.1s C:\Windows\Temp\_MEI67202\select.pyd
        -111.0s C:\Windows\Temp\_MEI67202\unicodedata.pyd
        -111.0s C:\Windows\Temp\_MEI67202\win32wnet.pyd
        -111.0s C:\Windows\Temp\_MEI67202\base_library.zip
        -111.0s C:\Windows\Temp\_MEI67202\Include\
        -111.0s C:\Windows\Temp\_MEI67202\Include\pyconfig.h
        -110.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Service\
        -110.9s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\
        -107.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\
        -107.5s C:\Users\user\AppData\Local\Temp\is-KJPCK.tmp\GEN.tmp
        -105.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\C8ADBE9C03E33A33C51910E644F47710701D5A24
        -105.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -105.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_EBBA74C0F70C38F7925771196F63EDD6
        -104.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\1646C77EFBEF795861449D01A094C287E26E9924
        -103.8s C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
        -101.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F7E34C2974A5D01D347705C76E2FF5D7
        -101.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F7E34C2974A5D01D347705C76E2FF5D7
        -101.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -101.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_FC1F061651B3559EAB3A2AC6479E18DE
        -99.4s C:\ProgramData\Application Data\Tencent\QQPCMgr\sysdeepopt.ini
        -98.9s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
        -98.6s C:\Users\user\AppData\Roaming\Tencent\QQPCMgr\Skins\preview\b2203c3556f68829cf260bec475a8083.png
        -98.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\UZHVP8777G0GJ07.exe.log
        -96.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -96.9s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_42820CDFEA41DC84AAB89A6B63561873
        -95.7s C:\ProgramData\Application Data\Tencent\QQPCMgr\ActiveStartup.xml
        -95.6s C:\ProgramData\Application Data\Tencent\QQPCMgr\QQDisabled\Relate\
        -94.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -94.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1060B7ADDE0FF6DE85637BF89FC4CEBC_978D511422A74ED6D68DD904D699A2A4
        -93.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\StartupBackup.dat
        -92.5s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-508946343-2304877640-3111218378-1000.dat
        -91.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -91.4s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8CFEDCFFDD2FA38C0C8C71E5FF0E66A9
        -90.0s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\W99YDKZIJXYLU7C.exe.log
        -85.5s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\
        -83.6s C:\ProgramData\Tencent\QQPCMgr\AdBlock\AdFloatCfg.dat
        -83.0s C:\ProgramData\Tencent\QQPCMgr\SoftMgr\ProcesslistItem.ini
        -82.3s C:\Program Files\5QZG3OJ0TS\
        -80.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DAFFB01C0CF4F2BC5E23EEA04CFC56C8D2A12D90
        -76.4s C:\Users\user\AppData\Roaming\qa051vpwh05\
        -74.6s C:\Users\user\AppData\Roaming\hfhqxz2wnhc\d5epmybmvvn.exe.config
        -71.7s C:\Program Files\LMCMPM4PUO\
        -71.4s C:\Windows\Prefetch\Op-SEARCHUI.EXE-5FAA26D1-00000002.pf
        -71.1s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\203a7de0-62fb-11e7-90a9-00140b814b65.json
        -71.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.quar
        -70.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\203a7de1-62fb-11e7-ac06-00140b814b65.data
        -70.3s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\AfficheOne.exe.log
        -67.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\
        -67.0s C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
        -64.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\23f077f0-62fb-11e7-955c-00140b814b65.json
        -64.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.quar
        -64.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\23f077f1-62fb-11e7-a037-00140b814b65.data
        -64.3s C:\Program Files\5QZG3OJ0TS\JXBP3VB4H.exe.config
        -62.0s C:\Users\user\AppData\Roaming\qa051vpwh05\5jspsemuopi.exe.config
        -60.8s C:\Program Files\5QZG3OJ0TS\uninstaller.exe
        -60.2s C:\Program Files\5QZG3OJ0TS\uninstaller.exe.config
        -60.2s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\Era5Le.exe.log
        -59.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\26e41bc4-62fb-11e7-afcb-00140b814b65.json
        -59.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.quar
        -59.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\26e41bc5-62fb-11e7-90e0-00140b814b65.data
        -57.4s C:\Program Files\LMCMPM4PUO\G3KCDX6Z4.exe.config
        -57.2s C:\Users\user\AppData\Roaming\xyz02h4odhk\
        -56.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\68C6942B02B1E8E490AFB646FB191A53D459A673
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\event\
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\festival\2017fatherday.png
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\res\gift\gift.png
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupData\speedupbk.etf
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016carnival.png
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2016midautumn.png
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_2017512.png
        -56.2s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_CF.png
        -56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1018.png
        -56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_cf1129.png
        -56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_classical.png
        -56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_feiji.png
        -56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_menshen.png
        -56.1s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_MonkeyKing.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_mothersday2.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_Olympics2.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_paternal.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_pvp.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qjnn.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_qqgame.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_rocketchicken.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_ten.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wefire.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow1.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_wow2.png
        -56.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\SkinIcon\normal\rocket_youth2.png
        -54.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -54.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406
        -53.4s C:\Program Files\LMCMPM4PUO\uninstaller.exe
        -52.9s C:\Program Files\KZFZHJ3JTA\
        -52.0s C:\Program Files\5QZG3OJ0TS\cast.config
        -50.0s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2017-7-7.100.10260.1.odl
        -48.1s C:\Program Files\LMCMPM4PUO\uninstaller.exe.config
        -48.0s C:\ProgramData\Application Data\Tencent\QQPCMgr\Quarantine\2f4b72e80cce83f1281dece79e260623
        -47.5s C:\Users\user\AppData\Local\Temp\fTTLkMd7k\
        -47.3s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\
        -47.3s C:\Users\user\AppData\Local\Temp\isM5ZbbXr\isM5ZbbXr.exe
        -47.0s C:\Users\user\AppData\Local\Temp\sBnt4JfXb\
        -46.9s C:\Users\user\AppData\Local\Temp\XnqMv39eu\
        -46.3s C:\Users\user\AppData\Local\Temp\5zXWH3pF8\
        -46.0s C:\Users\user\AppData\Local\Temp\3CSINwA73\
        -45.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\62F8E1555D7D418E5D9CE670D63C429F18C3F6AE
        -45.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\
        -45.7s C:\Users\user\AppData\Local\Temp\3aYjEanEE\3aYjEanEE.exe
        -45.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-bdab-1-lockfile
        -45.4s C:\Users\user\AppData\Local\Temp\qtlocalpeer-Amazon-4678-1-lockfile
        -43.2s C:\Program Files\LMCMPM4PUO\cast.config
        -40.1s C:\Users\user\AppData\Roaming\xyz02h4odhk\wruce0shh2f.exe.config
        -38.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\02E6A8A2DAB30DF37BE8E0A7736189465E1270E3
        -36.2s C:\Users\user\AppData\Local\Temp\Dqc3ZhYeM\
        -36.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\
        -36.0s C:\Users\user\AppData\Local\Temp\vTqLDA2w3\vTqLDA2w3.exe
        -35.6s C:\Users\user\AppData\Local\Temp\3emoJjTCt\
        -35.4s C:\Users\user\AppData\Local\Temp\ObDyPGbwx\
        -35.0s C:\Users\user\AppData\Local\Temp\t6gfly9MA\
        -34.7s C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\d0059a3a8e014dd85b71f780f6a8b6f8b89c1211.tbres
        -34.7s C:\Users\user\AppData\Local\Temp\m4EML4P9y\
        -34.1s C:\Users\user\AppData\Local\Temp\SswbXfSHS\
        -34.1s C:\Users\user\AppData\Local\Temp\SswbXfSHS\SswbXfSHS.exe
        -33.2s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudDrive.2017-07-07_1201.log
        -29.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3913f6c0-62fb-11e7-a3c7-00140b814b65.json
        -29.3s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\
        -29.3s C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{54513748-45e4-4d89-968e-f10e7e3d3ed0}\snapshot.etl
        -29.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.quar
        -28.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3913f6c1-62fb-11e7-8a2c-00140b814b65.data
        -27.5s C:\Users\user\AppData\Local\Amazon Music\Logs\AmazonMusic.log
        -26.9s C:\Program Files\KZFZHJ3JTA\VOSNXR39A.exe.config
        -24.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3bf07d8c-62fb-11e7-ad63-00140b814b65.json
        -23.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\83214544E4A5D53DD9B00C01D68B0C92B6BC6CFF
        -23.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.quar
        -23.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3bf07d8d-62fb-11e7-bf43-00140b814b65.data
        -23.3s C:\ProgramData\Malwarebytes\MBAMService\tmp\
        -21.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2017-07-07_120126_2814-2820.log
        -21.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\3df99cf8-62fb-11e7-a887-00140b814b65.json
        -21.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6E4537852D7177FA0FBD384CBBC92E56DDBDED49
        -19.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.quar
        -19.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\3df99cf9-62fb-11e7-b07c-00140b814b65.data
        -19.0s C:\Users\user\AppData\Roaming\Apple Computer\Logs\iCloudPhotos.2017-07-07_1201.log
        -18.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -18.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_430B4211A4673BBA5F50960C1A37CC07
        -15.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\41586604-62fb-11e7-9d8d-00140b814b65.json
        -15.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\414b437a-62fb-11e7-96e0-00140b814b65.json
        -15.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4152712c-62fb-11e7-97ef-00140b814b65.json
        -12.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\
        -12.7s C:\Users\user\AppData\Local\Temp\DLqXUSjO7\DLqXUSjO7.exe
        -12.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.quar
        -12.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\41586605-62fb-11e7-a46e-00140b814b65.data
        -12.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0A2EA55F20CC96EF43A26E7FAF8A2217
        -12.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0A2EA55F20CC96EF43A26E7FAF8A2217
        -11.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43b2c700-62fb-11e7-9cbe-00140b814b65.json
        -11.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\43be89a0-62fb-11e7-9c64-00140b814b65.json
        -10.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.quar
        -10.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\414b437b-62fb-11e7-91fe-00140b814b65.data
        -10.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\44990576-62fb-11e7-b873-00140b814b65.json
        -9.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -9.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\828298824EA5549947C17DDABF6871F5_2DAF5BC9AF6D319F0A28E6B00F4FB2C5
        -9.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6D1B18420F5A838E385ACC92AEA5C1BEFDB0CA66
        -8.3s C:\Users\user\AppData\Local\Temp\3nPa95F8x\
        -8.3s C:\Users\user\AppData\Local\Temp\3nPa95F8x\3nPa95F8x.exe
        -8.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -8.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_6A1576921DB0AD4A0F74FCEBA6EF6793
        -6.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.quar
        -6.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\46971232-62fb-11e7-9768-00140b814b65.json
        -6.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4152712d-62fb-11e7-841a-00140b814b65.data
        -5.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.quar
        -4.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43b2c701-62fb-11e7-9645-00140b814b65.data
        -4.5s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\8764E276A6D733A0CC5642CF7069076795856B06
        -3.7s C:\Users\user\AppData\Roaming\yn4gjjb1aky\
        -3.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\
        -3.2s C:\Users\user\AppData\Local\Temp\is-RH1SQ.tmp\DLqXUSjO7.tmp
        -2.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\B467549654FEBA288B434B464A0A78981E9D4773
        -2.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\48a07fe6-62fb-11e7-8da3-00140b814b65.json
        -2.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.quar
        -2.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\43be89a1-62fb-11e7-a33a-00140b814b65.data
        -1.9s C:\Users\user\AppData\Local\Temp\sa.E97CB0A1.LogitechCameraController_wd885nsp30hay_1__.Public.InstallAgent.dat
        -1.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.quar
        -1.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\44990577-62fb-11e7-bd57-00140b814b65.data
        -0.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5DF68C10F89A6F8C710CA6A0AE6CDE9F73CE7730
        -0.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\
        -0.2s C:\Users\user\AppData\Local\Temp\jcXpHAbTy\jcXpHAbTy.exe
        -0.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\
          0.0s C:\Users\user\AppData\Local\Temp\OY0I8U59R\EmuUU1OGI.exe
          0.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.quar
          1.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\46971233-62fb-11e7-8f0d-00140b814b65.data
          2.0s C:\Program Files\KZFZHJ3JTA\uninstaller.exe
          2.9s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bdf5d1c-62fb-11e7-ae95-00140b814b65.json
          3.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.quar
          3.7s C:\Program Files\KZFZHJ3JTA\uninstaller.exe.config
          3.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\48a07fe7-62fb-11e7-b377-00140b814b65.data
          4.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4d6e4d00-62fb-11e7-8ae8-00140b814b65.json
          7.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4f49d554-62fb-11e7-8520-00140b814b65.json
          9.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
          9.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA614C76A3BE2DEECB3ECFBB3B464C62_DF8E786DB09C31F68FA156AAAFAAF40B
        10.0s C:\Users\user\AppData\Local\Temp\TymlLZnwS\
        10.1s C:\Users\user\AppData\Local\Temp\mPfPq7EIu\
        10.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\
        10.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\
        10.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_setup64.tmp
        10.3s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_shfoldr.dll
        10.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\01ADDE03A08EC8C61E709D268713301A
        10.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\01ADDE03A08EC8C61E709D268713301A
        10.6s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\
        10.6s C:\Users\user\AppData\Local\Temp\1KTvW0DYw\1KTvW0DYw.exe
        10.7s C:\Users\user\AppData\Local\Temp\YJ5M9ftE1\
        11.0s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\_isetup\_isdecmp.dll
        11.0s C:\Users\user\AppData\Local\Temp\2mICHRLgy\
        11.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\514dfe0c-62fb-11e7-8dd6-00140b814b65.json
        11.2s C:\Users\user\AppData\Local\Temp\6VCWlgI6F\
        11.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\
        11.5s C:\Users\user\AppData\Local\Temp\Tn1VdPC4q\Tn1VdPC4q.exe
        13.4s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\itdownload.dll
        13.4s C:\Users\user\AppData\Local\Temp\647C.tmp
        13.8s C:\Program Files\KZFZHJ3JTA\cast.config
        13.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\446DA5DA71D9EBAE945630BE36EF4B59ED953357
        14.1s C:\Users\user\AppData\Roaming\yn4gjjb1aky\dcs2jismz35.exe.config
        14.5s C:\Windows\Logs\dosvc\dosvc.20170707_100203_127.etl
        15.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\539161f4-62fb-11e7-9da5-00140b814b65.json
        17.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DFD49934E25DE92400166550300E3E7702A39483
        18.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.quar
        18.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bdf5d1d-62fb-11e7-85bf-00140b814b65.data
        19.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\562ea7f0-62fb-11e7-800b-00140b814b65.json
        19.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.quar
        19.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4d6e4d01-62fb-11e7-acb6-00140b814b65.data
        19.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe.config
        19.8s C:\Users\user\AppData\Local\Temp\is-ATIR1.tmp\up.exe
        20.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.quar
        20.4s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\56c3fe90-62fb-11e7-a63e-00140b814b65.json
        20.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4f49d555-62fb-11e7-8605-00140b814b65.data
        21.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.quar
        21.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\514dfe0d-62fb-11e7-8d5a-00140b814b65.data
        21.5s C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\SswbXfSHS.exe.log
        22.0s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\SL8IWVS7\amipb[2].js
        23.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A067CBE36D26961BAF8EEB5B4DD072900BF156DB
        23.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\DD0A52D7EE382651F2FD03B8C7C9C421AD17AB2E
        23.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.quar
        23.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\539161f5-62fb-11e7-8416-00140b814b65.data
        24.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.quar
        24.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\562ea7f1-62fb-11e7-98a4-00140b814b65.data
        25.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\59906262-62fb-11e7-9426-00140b814b65.json
        25.3s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5998eff4-62fb-11e7-a945-00140b814b65.json
        25.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.quar
        26.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\56c3fe91-62fb-11e7-b168-00140b814b65.data
        27.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.quar
        27.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\59906263-62fb-11e7-ac54-00140b814b65.data
        28.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.quar
        28.2s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5998eff5-62fb-11e7-9f63-00140b814b65.data
        28.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\
        28.5s C:\Users\user\AppData\Local\Temp\LND2f6qGD\LND2f6qGD.exe
        28.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5PWEN2Z\main_script_2[1].js
        32.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\7623E710554B3EE10F3D8C386B35E365FF14FA9A
        34.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\
        34.1s C:\Users\user\AppData\Local\Temp\LYD44LUGw\LYD44LUGw.exe
        34.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5f1bc2f8-62fb-11e7-97cb-00140b814b65.json
        34.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.quar
        35.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5f1bc2f9-62fb-11e7-9f6a-00140b814b65.data
        36.0s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\5fb8154a-62fb-11e7-8dbb-00140b814b65.json
        36.8s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.quar
        37.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\5fb8154b-62fb-11e7-af9d-00140b814b65.data
        37.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\60cc9ae6-62fb-11e7-a82e-00140b814b65.json
        37.3s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.quar
        37.5s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\60cc9ae7-62fb-11e7-9c2f-00140b814b65.data
        42.5s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\63f76296-62fb-11e7-8030-00140b814b65.json
        42.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.quar
        43.1s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\63f76297-62fb-11e7-8a61-00140b814b65.data
        43.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\5982DB04B06229A57404E3FA4A0311935DAF44DA
        44.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\Request\Certificates\C22D432C18D391E695751C891583B7442FFC592A
        44.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6884A17DB2F7A0808EE1578281DEB9AFD517B9A8
        44.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\A4E550F5A77BB91CD909668AC354B2E4387EB469
        45.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\6736F6B49CC124FE3D721839C26D121E97DA1AAD
        45.7s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\2829163EBBF89CBEB4AB5E407CA4C2D12966A632
        46.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3EQ2Q4GX.cookie
        46.8s C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
        46.8s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\666dc9c0-62fb-11e7-8e90-00140b814b65.json
        47.2s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\66ba8936-62fb-11e7-81f3-00140b814b65.json
        47.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.quar
        47.9s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\666dc9c1-62fb-11e7-9f41-00140b814b65.data
        48.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\BF00E4E7FA0755D59D23C5C13841B8A28E6226DE
        48.5s C:\Users\user\AppData\Local\Temp\mbam\
        48.5s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\
        49.2s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9D56CF65A3EEBA08C1BBC81AFD0F1A5C2A78C1FA
        49.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.quar
        49.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\66ba8937-62fb-11e7-b9c5-00140b814b65.data
        49.6s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\EBBFD069F7C9538BB7AA3E0DAD42136688CA54ED
        50.8s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c060.ico
        50.9s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\101A7282AFF2105BCA0080863C97F80146CDC480
        51.2s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfe0.ico
        51.6s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315c030.ico
        52.1s C:\Users\user\AppData\Local\Temp\mbam\qt-jl-icons\315bfd0.ico
        52.1s C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\62e1b2b3b597ba6b.customDestinations-ms
        53.7s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6a8b2eee-62fb-11e7-a967-00140b814b65.json
        55.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\3BDB210B764FE6DDAB159D5FA2A0E9937EEF8E94
        55.6s C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\6bba345e-62fb-11e7-8b47-00140b814b65.json
        55.7s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.quar
        56.0s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6a8b2eef-62fb-11e7-bb32-00140b814b65.data
        56.4s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.quar
        56.6s C:\ProgramData\Malwarebytes\MBAMService\Quarantine\6bba345f-62fb-11e7-83ca-00140b814b65.data
        57.3s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-45-979][13232-12308].log
        57.6s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLiveService.exe[2017-7-7 12-2-46-226][13232].log
        58.6s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[Main][2017-7-7 12-2-47-222][13912].log
        58.9s C:\Users\user\AppData\Roaming\Tencent\QQLive\Log\QQLive.exe[2017-7-7 12-2-47-510][13912-13916].log
        59.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8BCGC4ZA\countrycode[2].json
        60.0s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9E4EA6BA00742F6951CC9098D884ACF1FF84BF30
        61.9s C:\ProgramData\Kingsoft\kfc\temp\kvf21F4.tmp
        62.3s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\0F36D39A70F066B5B0D1788BB4D71FB6DA700518
        63.7s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\report[1].htm
        66.7s C:\KRECYCLE\00030979.KVQ
        67.0s C:\KRECYCLE\00030980.KVQ
        67.3s C:\KRECYCLE\00030981.KVQ
        67.5s C:\KRECYCLE\00030982.KVQ
        67.6s C:\ProgramData\Kingsoft\DUBA\
        67.6s C:\ProgramData\Kingsoft\DUBA\KScanLog\
        67.7s C:\ProgramData\Kingsoft\DUBA\KScanLog\KScanLog.dat
        67.8s C:\KRECYCLE\00030983.KVQ
        69.2s C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9THE1R0H\set_cookie[1].js
        70.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\64A6C496AB1532B928E0A5D320BFBF5F34C37057
        71.9s C:\Users\user\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DiagOutputDir\SkypeHost-11.18.614.0-002.etl
        72.9s C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-7-7.102.11476.1.aodl
        74.2s C:\KRECYCLE\00030984.KVQ
        81.8s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\E19EAA9C08A1298BE2188E276315BFE0252178A5

  C:\Users\user\AppData\Roaming\importantupdates\importantupdates.exe -> Quarantined
      Size . . . . . . . : 9.108.480 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:36:37)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 98765771614BF2EEFD08363EE36CC7BF29E032C32855085CE58EB9C24139008D
    > Kaspersky  . . . . : Trojan.Win32.CoinMiner.qxk
      Fuzzy  . . . . . . : 113.0
      Startup
        HKU\S-1-5-21-508946343-2304877640-3111218378-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\importantupdates

  C:\Users\user\Documents\CrystalDiskInfo6_5_2-en.exe -> Quarantined
      Size . . . . . . . : 3.908.184 bytes
      Age  . . . . . . . : 456.0 days (2016-04-07 17:51:32)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : D85120697B06F9F235122464DBEE538AE174DF2B70F8C2D8E5D9D8462818F2AE
      Product  . . . . . : CrystalDiskInfo 6.5.2
      Publisher  . . . . : Crystal Dew World
      Description  . . . : CrystalDiskInfo Setup
      Version  . . . . . : 6.5.2
      RSA Key Size . . . : 2048
      LanguageID . . . . : 0
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:AdWare.Win32.OpenCandy.lc
      Fuzzy  . . . . . . : 101.0

  C:\Users\user\Documents\Downloads\adwcleaner_5.005.exe -> Quarantined
      Size . . . . . . . : 1.654.272 bytes
      Age  . . . . . . . : 456.0 days (2016-04-07 17:48:44)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : D46854594FD05E54A4E346B71148A629C425EFCEDFF3F25C074FE4A48694E593
    > Kaspersky  . . . . : Trojan.Win32.Bayrob.sik
      Fuzzy  . . . . . . : 114.0

  C:\Users\user\Downloads\Vollversion Google Earth Pro - CHIP-Installer.exe -> Quarantined
      Size . . . . . . . : 1.496.584 bytes
      Age  . . . . . . . : 180.8 days (2017-01-07 23:06:31)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : D580DDC1BFC9838E4D19EB6CEDA9D0C0A1A67DF88428B01B9A38E083BC04BBB2
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 103.0


Suspicious files ____________________________________________________________

  C:\jAnrufmonitor\Uninstall.exe
      Size . . . . . . . : 309.449 bytes
      Age  . . . . . . . : 455.3 days (2016-04-08 09:53:06)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 9C21CE39617A6927E10BEB817E029258BA1E5506A5C5311116E254A183234C2B
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
        Program has no publisher information but prompts the user for permission elevation.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
      References
        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jAnrufmonitor 5.0\jAnrufmonitor 5.0 entfernen.lnk

  C:\Windows\SysWOW64\ac3DX.ax
      Size . . . . . . . : 352.768 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:35:35)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 91D95F12C98574FBBB909694175974C2C368ACEC854D80135921C4625EF79D0D
      Fuzzy  . . . . . . : 23.0
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        The hidden file attribute bit is set. This is not common to most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
        The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.

  C:\Windows\SysWOW64\OptimFROG.dll
      Size . . . . . . . : 112.128 bytes
      Age  . . . . . . . : 0.3 days (2017-07-07 11:35:36)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 59EAB16F0D8F948AD46FB746461A798BF5BB5F83ABB75E3062D90B8F3BEE6559
      Fuzzy  . . . . . . : 23.0
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        The hidden file attribute bit is set. This is not common to most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
        The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.


Potential Unwanted Programs _________________________________________________

  HKLM\SOFTWARE\Classes\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\ (Baidu) -> Deleted
  HKLM\SOFTWARE\Classes\WOW6432Node\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\ (Baidu) -> PendingDelete
  HKLM\SOFTWARE\WOW6432Node\Microleaves\ (OnlineIO) -> Deleted

Cookies _____________________________________________________________________

  C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:262855726.log.optimizely.com
  C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
  C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:optimizely.com
  C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\02ZAOG2R.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\08VGUIWL.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\0MHFH41Y.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\13IDKXL0.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\142CSUAH.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1BPYXVXJ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1FBVIXB1.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1MPHL25U.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1SKUJQAR.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1V0DJ9SW.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\1ZK4ZFBI.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2CDTU369.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2CH4JTB6.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2EXU4IZF.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2OB0XQ0G.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\2WJXD2BG.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\37AXNK0S.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\38FL9MKV.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3G97G633.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3MAFBWMB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\3XUDUUDG.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4BYGRGBL.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4C6Q0CM5.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4EUTD9MU.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4LUVTS9R.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4PZ9VYL1.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4V629PBQ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\4YDDNECO.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\519UJTQV.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\52ZDLXSH.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\5RR4VMYJ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\5Z0XOYFW.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\6CIN8OTL.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\6GNAN7C2.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\6HY1169H.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\6PXX51KW.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\74Z083SF.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\75V9HZWA.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\78GEY18A.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\7V1FR8L5.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\83RNA0MZ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\868MT4JI.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\8E02EEFR.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\8EV1SKZS.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\9371B3MX.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\93IWA97T.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\99FD5KWP.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\99SNPUAX.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\9E09WBFF.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\9L55H9Y3.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\A1WZPSIW.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\A91WC11D.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AEDFH9BX.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AGYEW76O.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AHW1PWJI.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AKQIHJJT.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\AP6KQUW6.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\B0F29122.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\B0ZZDHV3.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\B7E3SGPN.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\BO2QXCIQ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\C0X4EJS4.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\C78CBWH7.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\CFK1KHUA.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\CKL1P271.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\CY01M1G2.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\CZFHJG4F.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\D7DCCPBK.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\D8Y5E4D9.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DCEY32EH.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DEQGG8U1.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DLFZM21Y.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DLJ22F75.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\E3XNSFLI.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\E5Z9R1KX.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\EZEFZVD1.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\FXT4CMYD.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GFNB50MJ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GISTRCBN.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GJ55OJ8W.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GJB6I10L.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GLU60DRE.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GNMVIXU9.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\GV4YLX48.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\H0RLD68N.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\H80A5RMK.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\I3QZDRH2.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\J34POYI5.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\J785ANRA.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\J8AI9RVQ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\JPVTGD7X.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\K2MQI48H.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\K4F5Y58L.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\K7D1Y0AB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KCR30WF9.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KGOYYZLW.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KIBXX5YM.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KJVC8P3Z.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KK975RD3.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KOW79N72.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KT2DFIFF.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\KX6R39GI.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\L1HE9YPC.cookie
Code:
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\LJPUWGUE.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\LOCJHIZ2.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\0HVGFH5C.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\0O15VTSD.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\0TVLHEQM.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\0VT4A6BY.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\1ATB91UP.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\1DK08BUD.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\1EPBFJCR.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\1WUEEGO3.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\2T3VPXSB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\2Z8YPSRU.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\31FNNZXS.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\33OWH2FB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\3BSB5VQM.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\3CWNJBLJ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\4IBPAGQ7.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\4JVJOZHM.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\4S1Z6DA0.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\52LVH4NS.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\54XIH3NR.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\5JJUI2VG.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\5ZHGUN94.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\64CB4VWR.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\7DSVD88H.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\7RPY2NOQ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\7T21W9O8.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\7W0AKCX5.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\8913DKKD.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\8AJWI9ZQ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\8JMUN50B.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\91KZZHXF.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\96X11T7G.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\9YRYZTKB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\ACXT5OK0.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\AQ5G4Z33.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\B4IIOO89.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\BGMR3EYV.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\BR3XHL4N.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\BY7F9H8H.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\C16ZSXX0.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\CMLFLEUH.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\DAE3AK2C.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\E16BJVWI.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\E7F0722S.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\E8NQTB6Z.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\EEUJ3P2G.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\ESTU3TT9.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\F74QOY52.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\FPIO3W7P.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\GD39Y437.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\GUQWNFMV.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\GYG2LRGA.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\HAX7OSJ6.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\HSYO4S8Z.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\HTUIBIO1.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\I0205UQ9.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\IDW8L24V.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\IEFEZ2HR.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\IT76R7PM.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\JKFA8XQS.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\KHTOO2K7.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\LDTUMX0K.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\LEH16ZLD.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\LQ3G2N3F.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\LRI4JVEH.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\MT89RAQB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\N3MJQ79K.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\N5WRSKRP.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\NP9SFAPE.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\OZF6BECK.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\QQMQVOO1.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\QT4DS9C1.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\QWL2TTFI.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RESHP22M.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RG1B6599.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RO5PW9KW.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RRCCYKSR.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\RX1RIYA9.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\S8AI110G.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\SG4U7G3C.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\SNCP66QI.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\T3AYEU0N.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\T7OGOW2B.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\TQUDJPW6.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\TT07QU6N.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\TYYNEKFC.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\UHUEN7NT.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\US6JAA7D.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\X48X20MB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\X8XVC758.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\XMYQ28KJ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\YB7GFSQC.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\YU60QM3D.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\YWYU0HQT.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\Z3HELOQH.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\ZKY64CUN.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\ZSILNGE2.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\LSKWIL8A.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\M3RHE4KB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MJY36CQV.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MLK1VCYR.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MLWJA6II.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MOS5SITZ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MTG9UZFY.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\MZPHWPS0.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\N7TS165M.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NEUJYD6O.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NEZIXUL5.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NMIVM27B.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NORSD3FS.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NV4PI1M8.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\NY37JXMW.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\O26N9M28.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\O38LNDH7.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\OFABKQ74.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\OFCCJGXJ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\OK7N5ANQ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ONJ0GYX0.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\OUROTWKF.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\P7IKK2G3.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\P93J1BIY.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\PB62I65T.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\PJUVMWZ9.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\QFYNBX7M.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\QPA18Y2R.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\QVU9MG85.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\R1OG7BPN.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\R4CDPXLF.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\R74LPZ8B.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RB2JCXP2.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RJG83SZZ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RKEE73LO.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RPIMEZD2.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RVW6BI1J.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\RZ3JQU7R.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\SBK2D1KN.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\SHRNCZV2.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\SWVGY0V4.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\T6ANZMZ3.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TBZE0FPJ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TDPN4W9C.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TEHGOC1O.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TIXTUHRB.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TKD65JXS.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TL3U9AW1.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\TV53EKW6.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\U8NIB2MQ.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\UDCZOEGF.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\UFBL6LTB.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\user@doubleclick[2].txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\user@flashtalking[2].txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\V077WOKP.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\V5P114HG.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\VEHKVMV7.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\VFCT6CTJ.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\VHTN68PT.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\VM20B54S.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\X9SG6VUB.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\XDVPO3ZW.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\XO5R1IVP.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\XTKHO6TW.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\XUHNK5V6.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Y2YUKN5T.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\YITEUQ52.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\YM0356JV.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\YUVPJX8V.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Z9NEHP0F.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZDZQLEYK.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZJ9PNHF6.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZNGQVMHY.cookie
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZV45GH3V.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZWAXK5FR.txt
  C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ZXGIDGE1.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\03XLTYJ3.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\09H4NWUT.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0BP030M5.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0EWL7MZ2.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0MG1FMXS.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0WO3XLVY.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0Z0JCCFK.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\105JQ1U6.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1I9E3AJD.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1IC1ROZA.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1O824GG3.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1OH6NBR8.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1XKATI94.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\20W8E6IN.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\21KA16N9.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2F2CEG1W.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2JFB5YB1.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2LD8WQH2.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2PB45W0A.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3804XRR5.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3LGTLJ36.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3Q1UXSBA.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\45W512YO.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\468C8GF0.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4923L5MJ.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\49HHJS8C.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4CC0BW1J.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4TQ4JD93.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4WLGHYTC.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4XJ00EPI.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\52C2P9NZ.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\5R0UTF8I.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\5TW3SXA1.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6GZVR9AK.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6H3Z7YOY.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6K4CEBNC.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6UHFLW25.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\738JL3LG.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7C53O1QG.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7ORSE1D5.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7R93TS5H.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7S83SD0W.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7WPTA80T.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7X55XE8S.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7Y71PVEI.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\87HPD38W.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\8JOHWKRM.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\90NG61WS.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\9LYDYPTS.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\9XJ0UE4D.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\A0OL53FM.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\A6MPG0EG.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\A8T1MVFC.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\AH3NSJHP.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\AQPJPH0S.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\B18PFD2K.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\B2Y9975V.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\B31TLLHF.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BCB3WGN1.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BW5E4IK4.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CE6JRWG2.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CFH2BKXT.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CIKYKRR8.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CXLGZEO0.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\D08AH4LK.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\D9PM4LXC.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DL7EKDB7.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DO730JQ4.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DQIBUSZC.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\E011O8KY.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\E15F3QTX.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\E2E0NPPO.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\EAHGPKT4.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\EX1T1L5Y.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\F2OQTSFZ.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\F5629SWF.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FJ14XDDL.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FL2YMUT5.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FOYCU3VW.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\G2CLU8LC.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HEA7ANP7.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HED7HWFP.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HFAHQKK6.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HJU7SNKI.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HOJVNY1T.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HW57C55H.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HX8VCTWE.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\I2WDHWY4.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\INQZ8LUF.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\IWAON9X8.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\IXEKGZ8E.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\J8PRS71D.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JJM4UDVS.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JXEKEM4C.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JXFMZBCJ.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JYFLYSEM.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KPUWB468.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KZ4TYPAD.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\L6X6BP4E.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\L8W4TJ6F.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\LP3IFP5Z.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\M2SVQGWL.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MFABI0CV.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MR17W7HB.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NHAW0FTO.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NKDTR2CS.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NKXB1AA6.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NVNE6ZZ1.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\O6EIQMF8.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OAAORSDL.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OGESD2HX.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OHRL08S8.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\P0FU6D0Z.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PB0C85PL.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PBBKRQKJ.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PQ75PP0V.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PR9ED8E0.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PXY89TN6.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QDW6NZPU.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QOHCFLCG.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QXCTQBQW.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QZW4O512.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\R4FZ880W.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RBM74XBW.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RF28NDF3.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RRFZVETH.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RTUT0H52.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SBFV7M3B.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SGNQWKDP.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SIU7ADEG.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SXFZ9Q1M.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\T3DQVEE1.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\T5D1JZ0M.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\U1SGV8GZ.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\U5C0E6L6.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UCCCXENT.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UD3XJGAK.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UDP4Q73B.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UFOC5XLK.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UPBM7538.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UPF3XXJ9.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\V7MFGPJV.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\V8M5SFOC.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VJWDYL30.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VL97W9DZ.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VWCQD43J.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VYQT7WNV.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\W36TJX2J.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\W7OM4KUM.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\WACRY53K.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\WJD7219N.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\WZTTGOHA.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\XHGCFYE4.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YJ6D81O6.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YSIPQQFC.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ZLRY4RXM.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\1FDJBF97.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\36Y6FQST.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\6R512W2Z.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\ATNVSEQM.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\FD07X6A3.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\HQOBT2G7.txt
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\MOMYLGUL.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\S4FYH7B6.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\VB244LJ6.cookie
  C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\VVAMK8DX.cookie
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:246059135.log.optimizely.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:ad.ad-srv.net
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:adaptv.advertising.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:adgrx.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:adnxs.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:adsrvr.org
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:advertising.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:agkn.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:bs.serving-sys.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:chango.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:doubleclick.net
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:m6r.eu
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:match.rundsp.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:mathtag.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:openx.net
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:owneriq.net
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:pixel.rubiconproject.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:revsci.net
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:rubiconproject.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:serving-sys.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:simpli.fi
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:tap-secure.rubiconproject.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:tap-t.rubiconproject.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:tubemogul.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:turn.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:virool.com
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:w55c.net
  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\psysod7o.default\cookies.sqlite:yieldlab.net
Mehr habe ich leider nicht ... Hilfe ;-)

cosinus 10.07.2017 21:26
Logs vom adwCleaner und JRT?


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:32 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131