| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Pricechopper Chrome erweiterung entfernen!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.07.2014, 19:12
| #1 |
 |  Pricechopper Chrome erweiterung entfernen! Pricechopper oder pericechop bzw. peRIIceChoppeR hat sich durch Dummheit  auf meinem Laptop eingenistet.Es hat keinen festen Namen aber es will auf Daten, Websites und Designs zugreifen. Könnte eine Werbesoftware sein aber ich kriege sie nicht deinstalliert ich lies schon FRST mehrmals laufen aber ich weiß nicht wie man richtig damit umgeht. Habe mehrmals die Malwarebytes Software laufen lassen und auch adware remover und JRT. Es hilft nichts, bei jedem neustart taucht es in meinem Browser auf und ich stoße an die Grenzen meiner Recherche Skills.  Bitte helft mir, Ich würde nochmal von vorn anfangen wollen, bin bereit fast alles über meinen Rechner ergehen zu lassen . Großes  im Vorraus. |
|
12.07.2014, 20:16
| #2 |
| /// the machine /// TB-Ausbilder    |  Pricechopper Chrome erweiterung entfernen! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
12.07.2014, 20:25
| #3 |
| | Pricechopper Chrome erweiterung entfernen! Hier die Logs. Danke für die schnelle Hilfe!
__________________FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by HRMN (administrator) on HRMN-PC on 12-07-2014 21:21:19
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\HRMN\Downloads\Core Temp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [179272 2012-04-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [Google Update] => "C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [icq] => C:\Users\HRMN\AppData\Roaming\ICQM\icq.exe [34848264 2014-07-02] (ICQ)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\MountPoints2: {62dd10d8-85f4-11e3-a31a-dc0ea11665ca} - G:\Startme.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR Plugin: (Shockwave Flash) - C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\HRMN\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (YouTube) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Adblock Plus) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-26]
CHR Extension: (Google-Suche) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (avast! Ad Blocker) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-26]
CHR Extension: (pericechopp) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa [2014-07-12]
CHR Extension: (hxxp://9gag.com/trending) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\klgnfepolpfipkcicinkhdfcdiajijje [2013-08-26]
CHR Extension: (BugMeNot Lite) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb [2014-07-12]
CHR Extension: (AntiGameOrigin) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2014-06-04]
CHR Extension: (Google Wallet) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (hxxp://www.play3.de/) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\oinecfhojgbcmkkhmaoppipckbocfcgj [2013-08-26]
CHR Extension: (pericechopp) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9 [2014-07-12]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-25] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo64.sys [30720 2010-08-01] (Windows (R) Codename Longhorn DDK provider)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 ALSysIO; \??\C:\Users\HRMN\AppData\Local\Temp\ALSysIO64.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-12 21:20 - 2014-07-12 21:21 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 19:20 - 2014-07-12 19:21 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:19 - 2014-07-12 19:19 - 05218570 _____ (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 19:03 - 2014-07-12 19:05 - 00464381 ____N () C:\Users\HRMN\Downloads\SpyHunterKiller.exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:50 - 2014-07-12 18:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 18:34 - 2014-07-12 18:34 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2014-06-13 04:11 - 06783960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 03523360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 01083736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00933208 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-12 17:34 - 2014-06-13 04:11 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-12 17:34 - 2014-06-06 19:40 - 03802247 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-12 17:33 - 2014-06-13 04:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-12 17:33 - 2014-06-13 04:48 - 00062920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-12 17:20 - 2014-06-13 04:48 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 18625768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 14497528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-12 17:20 - 2014-06-13 04:47 - 00033736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-07-12 17:20 - 2014-06-13 04:46 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 02814120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-12 17:20 - 2014-06-13 04:45 - 03196304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-12 17:04 - 2014-07-12 17:49 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:04 - 2014-07-12 17:04 - 00000000 ____D () C:\Program Files (x86)\pReIIcEChop
2014-07-12 17:03 - 2014-07-12 19:32 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-12 17:03 - 2014-07-12 17:48 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 22:07 - 2014-07-02 23:14 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:37 - 2014-07-02 21:45 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:34 - 2014-07-02 21:36 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:33 - 2014-07-12 21:21 - 00000000 ____D () C:\FRST
2014-07-02 21:33 - 2014-07-02 21:36 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-12 19:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 21:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 21:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-12 19:32 - 00003360 _____ () C:\Windows\setupact.log
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:58 - 2014-07-12 19:31 - 00004380 _____ () C:\Windows\PFRO.log
2014-07-02 20:58 - 2014-07-02 20:59 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-02 20:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 20:54 - 2014-07-12 21:21 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 18:21 - 2014-07-02 18:23 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 19:55 - 2014-06-27 19:38 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-15 19:46 - 2014-06-15 19:46 - 00013870 _____ () C:\Users\HRMN\Documents\Kündigung_Rikarda.odt
2014-06-12 22:55 - 2014-06-12 22:55 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-12 22:54 - 2014-07-12 21:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-12 22:54 - 2014-06-12 22:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 22:53 - 2014-06-12 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-12 22:53 - 2014-06-12 22:53 - 00000000 ____D () C:\Program Files\7-Zip
==================== One Month Modified Files and Folders =======
2014-07-12 21:21 - 2014-07-12 21:20 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 21:21 - 2014-07-02 21:33 - 00000000 ____D () C:\FRST
2014-07-12 21:21 - 2014-07-02 20:54 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-12 21:06 - 2014-06-12 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-12 20:57 - 2012-09-23 10:57 - 02066267 _____ () C:\Windows\WindowsUpdate.log
2014-07-12 20:41 - 2012-06-07 01:25 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\.minecraft
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 20:24 - 2012-06-06 20:13 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002UA.job
2014-07-12 20:23 - 2012-12-07 18:10 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Skype
2014-07-12 19:39 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-12 19:39 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-12 19:34 - 2014-07-02 21:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 19:32 - 2014-07-12 17:03 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-12 19:32 - 2014-07-02 20:59 - 00003360 _____ () C:\Windows\setupact.log
2014-07-12 19:32 - 2012-06-07 19:39 - 00000000 ____D () C:\ProgramData\clear.fi
2014-07-12 19:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-12 19:31 - 2014-07-02 20:58 - 00004380 _____ () C:\Windows\PFRO.log
2014-07-12 19:31 - 2013-08-26 21:17 - 00000000 ____D () C:\AdwCleaner
2014-07-12 19:21 - 2014-07-12 19:20 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:19 - 2014-07-12 19:19 - 05218570 _____ (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 19:05 - 2014-07-12 19:03 - 00464381 ____N () C:\Users\HRMN\Downloads\SpyHunterKiller.exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:52 - 2014-07-12 18:50 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 18:34 - 2014-07-12 18:34 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-12 18:15 - 2011-12-03 12:08 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-07-12 18:15 - 2011-12-03 12:08 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-07-12 18:15 - 2009-07-14 07:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 18:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-12 18:03 - 2012-08-22 20:27 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\foobar2000
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:49 - 2014-07-12 17:04 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:48 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-12 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-12 17:26 - 2013-07-27 15:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-12 17:04 - 2014-07-12 17:04 - 00000000 ____D () C:\Program Files (x86)\pReIIcEChop
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 17:03 - 2012-06-06 20:13 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Google
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-12 16:02 - 2012-12-07 20:10 - 00000000 ____D () C:\Users\HRMN\Desktop\Mincraft sachen
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-12 14:45 - 2012-06-07 11:40 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Adobe
2014-07-08 18:23 - 2014-05-23 22:01 - 00000000 ____D () C:\Program Files (x86)\CABAL Online (NA - Global)
2014-07-08 17:20 - 2012-06-06 20:13 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002Core.job
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 16:42 - 2013-09-08 21:58 - 00118872 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:19 - 2011-10-14 05:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-05 21:10 - 2013-07-27 15:20 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-03 23:06 - 2013-09-02 20:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-03 00:33 - 2013-07-26 21:21 - 00000000 ____D () C:\Users\HRMN\Desktop\X-GamingdotWS
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 23:14 - 2014-07-02 22:07 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:45 - 2014-07-02 21:37 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:36 - 2014-07-02 21:34 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:36 - 2014-07-02 21:33 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:59 - 2014-07-02 20:58 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-02 20:59 - 2012-09-24 17:34 - 00118872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-07-02 20:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Dev-Cpp
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Dev-Cpp
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 20:31 - 2012-06-07 10:23 - 00001164 _____ () C:\Users\HRMN\Downloads\CoreTemp.ini
2014-07-02 18:23 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-30 18:49 - 2014-04-29 22:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-30 18:49 - 2011-10-14 05:30 - 00000000 ____D () C:\ProgramData\Skype
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 19:38 - 2014-06-19 19:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 19:38 - 2014-03-15 13:27 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 19:38 - 2013-07-27 15:19 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 19:38 - 2013-07-27 15:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-24 19:33 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\vlc
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-18 13:19 - 2012-06-06 20:13 - 00004088 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002UA
2014-06-18 13:19 - 2012-06-06 20:13 - 00003692 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002Core
2014-06-15 19:46 - 2014-06-15 19:46 - 00013870 _____ () C:\Users\HRMN\Documents\Kündigung_Rikarda.odt
2014-06-13 04:59 - 2014-07-12 17:20 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-06-13 04:59 - 2014-07-12 17:20 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-06-13 04:59 - 2014-07-12 17:20 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-06-13 04:48 - 2014-07-12 17:33 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-06-13 04:48 - 2014-07-12 17:33 - 00062920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 18625768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 14497528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-13 04:47 - 2014-07-12 17:20 - 00033736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-06-13 04:46 - 2014-07-12 17:20 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 02814120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-13 04:45 - 2014-07-12 17:20 - 03196304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 06783960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 03523360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 01083736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 00933208 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-06-13 04:11 - 2014-07-12 17:34 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-06-12 22:58 - 2014-04-11 20:42 - 00000000 ____D () C:\Program Files (x86)\TERA
2014-06-12 22:55 - 2014-06-12 22:55 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-12 22:55 - 2012-11-07 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-12 22:54 - 2014-06-12 22:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 22:54 - 2014-01-10 00:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 22:54 - 2011-10-14 05:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 22:53 - 2014-06-12 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-12 22:53 - 2014-06-12 22:53 - 00000000 ____D () C:\Program Files\7-Zip
2014-06-12 04:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 03:05 - 2013-09-19 06:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:02 - 2012-09-24 17:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 03:02 - 2012-06-08 00:20 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 03:01 - 2014-05-10 14:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 02:05 - 2012-06-07 01:29 - 00002358 _____ () C:\Users\HRMN\Desktop\Google Chrome.lnk
ZeroAccess:
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\@
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\L\00000004.@
Files to move or delete:
====================
C:\Users\HRMN\IP_Log_Data.js
C:\Users\HRMN\Network_Meter_Data.js
Some content of TEMP:
====================
C:\Users\HRMN\AppData\Local\Temp\bi_cleaner.exe
C:\Users\HRMN\AppData\Local\Temp\NVI2_29.DLL
C:\Users\HRMN\AppData\Local\Temp\Quarantine.exe
C:\Users\HRMN\AppData\Local\Temp\SHSetup.exe
C:\Users\HRMN\AppData\Local\Temp\Tsu9C511EEC.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe 2F46C1760C531EB2B181F9076E552E8A ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-08 00:19
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by HRMN at 2014-07-12 21:22:08
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky PURE (Enabled - Up to date) {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky PURE (Enabled - Up to date) {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky PURE (Enabled) {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
==================== Installed Programs ======================
4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cabal Episode 8 (HKLM-x32\...\Cabal Episode 8) (Version: Episode 8 - EliteKingdoms)
CABAL Online (NA - Global) (HKCU\...\CabalOnline(NA - Global)) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.3318.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2921_44380 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.3318.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.9023 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESI Prüfwerte (HKLM-x32\...\ESI Prüfwerte) (Version: - )
ESI[tronic] DEMO_4 (HKLM-x32\...\ESI[tronic] DEMO_4) (Version: - )
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
foobar2000 v1.1.14a (HKLM-x32\...\foobar2000) (Version: 1.1.14a - Peter Pawlowski)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.5979.1 - Ubisoft)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ 8.2 (build 7067) (HKCU\...\ICQ) (Version: 8.2.7067.0 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KTS (x32 Version: 4.0.0 - Robert Bosch GmbH) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version: - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.43 (Version: 340.43 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
06-07-2014 11:18:21 Installiert Renesas Electronics USB 3.0 Host Controller Driver
12-07-2014 15:32:14 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
12-07-2014 16:50:37 Installed SpyHunter
12-07-2014 18:58:09 Revo Uninstaller's restore point - System Requirements Lab for Intel
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-07-17 21:14 - 00000793 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {28D6FD2F-65C2-42AD-B0B0-AB3D49A1BC43} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002UA => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {31E97D56-8130-48C0-9252-E8943EDCEBD0} - System32\Tasks\Google Updater and Installer => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {357EDA91-E566-4E47-A04A-1369530D2E51} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {38B0A7AF-CE44-467A-B2A0-059A3FD5AFB5} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2012-09-18] (Acer Incorporated)
Task: {411A750E-0185-46E2-9AAD-58FFA39E8F98} - System32\Tasks\Core Temp Autostart HRMN => C:\Users\HRMN\Downloads\Core Temp.exe [2010-10-03] ()
Task: {4FE97A35-6AAD-41C0-A407-039155AC1DF1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {54E8AD34-E652-4858-87D5-4538AA512F8A} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2012-09-18] (CyberLink)
Task: {6432CD2F-FBA1-494C-8D6C-8AC4BF5AA950} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {6644E828-80F1-46A1-9826-3126274CBF3D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {7954D079-4FAF-40FF-B2D6-FA620B5AF9AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {85A67C6E-1130-4134-94FF-507EB4779A1F} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {888AB199-79A5-4152-9003-8401C61B3F79} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {8DF38EBB-0033-459F-BD5E-7940838156E6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {8E7A26D6-6F72-47F5-84E5-D4551D7E8195} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002Core => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {91AB107B-D3A1-4351-BCF4-E415036664AC} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {9C7AFC46-7146-4DA0-908A-3556157B1A61} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-27] (AVAST Software)
Task: {C40EF80F-886E-48E7-BC45-55DFF42E71CF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {C5C63F6B-E2A3-400E-8A24-99E79FD5DB4E} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {DC2F4D6B-DA61-403D-BAAC-D251129E11D4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2012-09-18] (CyberLink Corp.)
Task: {E0B44B36-1032-43AA-A073-4689C9F69736} - System32\Tasks\AdobeAAMUpdater-1.0-HRMN-PC-HRMN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002Core.job => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002UA.job => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-12 17:20 - 2014-06-13 04:47 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-06-07 10:23 - 2010-10-03 02:14 - 00563728 _____ () C:\Users\HRMN\Downloads\Core Temp.exe
2011-10-14 05:57 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-07 02:03 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-06-27 19:37 - 2014-06-27 19:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-12 14:47 - 2014-07-12 14:47 - 02792960 _____ () C:\Program Files\AVAST Software\Avast\defs\14071200\algo.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-06-07 02:03 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2012-09-18 14:24 - 2012-09-18 14:24 - 00208080 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-06-27 19:37 - 2014-06-27 19:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-24 19:54 - 2014-02-24 19:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-10-14 05:15 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00716616 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00126280 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-12 14:52 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/12/2014 08:29:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.600.19 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 167c
Startzeit: 01cf9dfefb485655
Endzeit: 4
Anwendungspfad: C:\Program Files (x86)\Java\jre7\bin\javaw.exe
Berichts-ID:
Error: (07/12/2014 07:32:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2014 07:09:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2014 06:42:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/12/2014 06:42:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/12/2014 06:42:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/12/2014 06:36:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/12/2014 08:57:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (07/12/2014 08:57:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (07/12/2014 07:32:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (07/12/2014 07:32:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (07/12/2014 07:32:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060
Error: (07/12/2014 07:32:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (07/12/2014 07:32:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/12/2014 07:09:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (07/12/2014 07:09:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (07/12/2014 07:08:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060
Microsoft Office Sessions:
=========================
Error: (07/12/2014 08:29:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.600.19167c01cf9dfefb4856554C:\Program Files (x86)\Java\jre7\bin\javaw.exe
Error: (07/12/2014 07:32:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2014 07:09:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2014 06:42:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe
Error: (07/12/2014 06:42:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe
Error: (07/12/2014 06:42:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe
Error: (07/12/2014 06:36:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-26 22:46:32.155
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-26 22:46:32.153
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-26 22:46:32.151
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-26 22:46:32.130
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 8043.86 MB
Available physical RAM: 5392.05 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13055.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:651.29 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2F560472)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
13.07.2014, 15:03
| #4 |
| /// the machine /// TB-Ausbilder | Pricechopper Chrome erweiterung entfernen! hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.07.2014, 00:06
| #5 |
| | Pricechopper Chrome erweiterung entfernen! Hi, tut mir leid, dass es so lange gedauert hat aberr WM Finale und so  Vielen Dank nochmal. Hier der Report. PS Rocketdock ist eig mein Desktop Dock. Deswegen versteh ich das jetzt nicht o0. Code:
ATTFilter 01:02:36.0219 0x1660 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
01:02:38.0773 0x1660 ============================================================
01:02:38.0773 0x1660 Current date / time: 2014/07/14 01:02:38.0773
01:02:38.0773 0x1660 SystemInfo:
01:02:38.0773 0x1660
01:02:38.0773 0x1660 OS Version: 6.1.7601 ServicePack: 1.0
01:02:38.0773 0x1660 Product type: Workstation
01:02:38.0773 0x1660 ComputerName: HRMN-PC
01:02:38.0773 0x1660 UserName: HRMN
01:02:38.0773 0x1660 Windows directory: C:\Windows
01:02:38.0773 0x1660 System windows directory: C:\Windows
01:02:38.0773 0x1660 Running under WOW64
01:02:38.0773 0x1660 Processor architecture: Intel x64
01:02:38.0773 0x1660 Number of processors: 4
01:02:38.0773 0x1660 Page size: 0x1000
01:02:38.0773 0x1660 Boot type: Normal boot
01:02:38.0773 0x1660 ============================================================
01:02:39.0576 0x1660 KLMD registered as C:\Windows\system32\drivers\81182798.sys
01:02:40.0158 0x1660 System UUID: {F3C9F6DE-3B65-CB86-7868-8FF661F3FEA1}
01:02:40.0801 0x1660 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:02:40.0805 0x1660 ============================================================
01:02:40.0805 0x1660 \Device\Harddisk0\DR0:
01:02:40.0805 0x1660 MBR partitions:
01:02:40.0805 0x1660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
01:02:40.0805 0x1660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x722D3800
01:02:40.0805 0x1660 ============================================================
01:02:40.0845 0x1660 C: <-> \Device\Harddisk0\DR0\Partition2
01:02:40.0845 0x1660 ============================================================
01:02:40.0845 0x1660 Initialize success
01:02:40.0845 0x1660 ============================================================
01:02:46.0697 0x07cc ============================================================
01:02:46.0697 0x07cc Scan started
01:02:46.0697 0x07cc Mode: Manual; SigCheck; TDLFS;
01:02:46.0697 0x07cc ============================================================
01:02:46.0697 0x07cc KSN ping started
01:03:00.0334 0x07cc KSN ping finished: true
01:03:00.0965 0x07cc ================ Scan system memory ========================
01:03:00.0965 0x07cc System memory - ok
01:03:00.0965 0x07cc ================ Scan services =============================
01:03:01.0151 0x07cc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:03:01.0214 0x07cc 1394ohci - ok
01:03:01.0238 0x07cc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:03:01.0255 0x07cc ACPI - ok
01:03:01.0274 0x07cc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:03:01.0304 0x07cc AcpiPmi - ok
01:03:01.0404 0x07cc [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:03:01.0419 0x07cc AdobeARMservice - ok
01:03:01.0571 0x07cc [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:03:01.0584 0x07cc AdobeFlashPlayerUpdateSvc - ok
01:03:01.0614 0x07cc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:03:01.0633 0x07cc adp94xx - ok
01:03:01.0669 0x07cc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:03:01.0685 0x07cc adpahci - ok
01:03:01.0711 0x07cc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:03:01.0724 0x07cc adpu320 - ok
01:03:01.0749 0x07cc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:03:01.0799 0x07cc AeLookupSvc - ok
01:03:01.0858 0x07cc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
01:03:01.0896 0x07cc AFD - ok
01:03:01.0925 0x07cc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
01:03:01.0935 0x07cc agp440 - ok
01:03:01.0954 0x07cc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
01:03:01.0990 0x07cc ALG - ok
01:03:02.0018 0x07cc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
01:03:02.0026 0x07cc aliide - ok
01:03:02.0096 0x07cc ALSysIO - ok
01:03:02.0119 0x07cc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
01:03:02.0128 0x07cc amdide - ok
01:03:02.0148 0x07cc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:03:02.0181 0x07cc AmdK8 - ok
01:03:02.0193 0x07cc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
01:03:02.0214 0x07cc AmdPPM - ok
01:03:02.0229 0x07cc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:03:02.0242 0x07cc amdsata - ok
01:03:02.0256 0x07cc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
01:03:02.0269 0x07cc amdsbs - ok
01:03:02.0290 0x07cc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:03:02.0298 0x07cc amdxata - ok
01:03:02.0317 0x07cc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
01:03:02.0360 0x07cc AppID - ok
01:03:02.0376 0x07cc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:03:02.0433 0x07cc AppIDSvc - ok
01:03:02.0464 0x07cc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
01:03:02.0493 0x07cc Appinfo - ok
01:03:02.0518 0x07cc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
01:03:02.0529 0x07cc arc - ok
01:03:02.0539 0x07cc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:03:02.0549 0x07cc arcsas - ok
01:03:02.0635 0x07cc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:03:02.0647 0x07cc aspnet_state - ok
01:03:02.0714 0x07cc [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
01:03:02.0727 0x07cc aswHwid - ok
01:03:02.0770 0x07cc [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
01:03:02.0803 0x07cc aswMonFlt - ok
01:03:02.0830 0x07cc [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
01:03:02.0840 0x07cc aswRdr - ok
01:03:02.0917 0x07cc [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
01:03:02.0930 0x07cc aswRvrt - ok
01:03:03.0026 0x07cc [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
01:03:03.0055 0x07cc aswSnx - ok
01:03:03.0102 0x07cc [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP C:\Windows\system32\drivers\aswSP.sys
01:03:03.0118 0x07cc aswSP - ok
01:03:03.0166 0x07cc [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm C:\Windows\system32\drivers\aswStm.sys
01:03:03.0175 0x07cc aswStm - ok
01:03:03.0214 0x07cc [ 367CF04C38DFF33368FCDBBF71C96297, B533833A9592FCE2B665B7E98AACC8D699845B14B7473710A333FC1E0AC0BB2F ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
01:03:03.0224 0x07cc aswTdi - ok
01:03:03.0259 0x07cc [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
01:03:03.0272 0x07cc aswVmm - ok
01:03:03.0290 0x07cc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:03:03.0343 0x07cc AsyncMac - ok
01:03:03.0367 0x07cc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
01:03:03.0376 0x07cc atapi - ok
01:03:03.0419 0x07cc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:03:03.0475 0x07cc AudioEndpointBuilder - ok
01:03:03.0492 0x07cc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:03:03.0534 0x07cc AudioSrv - ok
01:03:03.0608 0x07cc [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
01:03:03.0617 0x07cc avast! Antivirus - ok
01:03:03.0639 0x07cc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:03:03.0674 0x07cc AxInstSV - ok
01:03:03.0718 0x07cc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
01:03:03.0751 0x07cc b06bdrv - ok
01:03:03.0768 0x07cc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:03:03.0805 0x07cc b57nd60a - ok
01:03:03.0827 0x07cc [ A424CB46A145E5AABF15621550976DF2, B6CA183FD5ED72237D2DC1F599FD04A066C06A717A2CF63AF08D3AA0A227D7BA ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys
01:03:03.0836 0x07cc b57xdbd - ok
01:03:03.0848 0x07cc [ BE4E6FD5A898812B85D5817AD9754A9F, 46A7C80283BE53F43A0D73DA3338461024DD002A7CF43660F9C7D640E0C72876 ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys
01:03:03.0856 0x07cc b57xdmp - ok
01:03:04.0006 0x07cc [ 11F844B46B631337395651ABE9C4167B, 98771B4D9DABEE4C485D718E3BB7D4EF365CA1D7CF043BE12431BC08F6D16EFD ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
01:03:04.0108 0x07cc BCM43XX - ok
01:03:04.0173 0x07cc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
01:03:04.0193 0x07cc BDESVC - ok
01:03:04.0210 0x07cc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
01:03:04.0266 0x07cc Beep - ok
01:03:04.0309 0x07cc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
01:03:04.0370 0x07cc BITS - ok
01:03:04.0396 0x07cc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
01:03:04.0421 0x07cc blbdrive - ok
01:03:04.0435 0x07cc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:03:04.0475 0x07cc bowser - ok
01:03:04.0489 0x07cc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
01:03:04.0510 0x07cc BrFiltLo - ok
01:03:04.0533 0x07cc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
01:03:04.0549 0x07cc BrFiltUp - ok
01:03:04.0579 0x07cc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
01:03:04.0593 0x07cc Browser - ok
01:03:04.0616 0x07cc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:03:04.0646 0x07cc Brserid - ok
01:03:04.0663 0x07cc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:03:04.0690 0x07cc BrSerWdm - ok
01:03:04.0707 0x07cc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:03:04.0732 0x07cc BrUsbMdm - ok
01:03:04.0735 0x07cc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:03:04.0753 0x07cc BrUsbSer - ok
01:03:04.0772 0x07cc [ 0970D8B7151E9113BF8D44CE2E954DF7, D467DFFA1668F3BE29620154A13867568C25211ED823BE6A220D2DEE7E3A1278 ] bScsiMSa C:\Windows\system32\DRIVERS\bScsiMSa.sys
01:03:04.0780 0x07cc bScsiMSa - ok
01:03:04.0797 0x07cc [ 0C1EEE5AF32402D306874B110DE237EC, B0FE0F3B6A1E2C003E6F4B6330601C43126881262B328D7DD93AC2C0B714DC86 ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys
01:03:04.0805 0x07cc bScsiSDa - ok
01:03:04.0818 0x07cc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:03:04.0838 0x07cc BTHMODEM - ok
01:03:04.0858 0x07cc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
01:03:04.0887 0x07cc bthserv - ok
01:03:04.0920 0x07cc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:03:04.0968 0x07cc cdfs - ok
01:03:04.0983 0x07cc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:03:05.0006 0x07cc cdrom - ok
01:03:05.0026 0x07cc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
01:03:05.0063 0x07cc CertPropSvc - ok
01:03:05.0097 0x07cc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
01:03:05.0124 0x07cc circlass - ok
01:03:05.0146 0x07cc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
01:03:05.0164 0x07cc CLFS - ok
01:03:05.0200 0x07cc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:03:05.0210 0x07cc clr_optimization_v2.0.50727_32 - ok
01:03:05.0248 0x07cc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:03:05.0257 0x07cc clr_optimization_v2.0.50727_64 - ok
01:03:05.0321 0x07cc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:03:05.0333 0x07cc clr_optimization_v4.0.30319_32 - ok
01:03:05.0350 0x07cc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:03:05.0361 0x07cc clr_optimization_v4.0.30319_64 - ok
01:03:05.0383 0x07cc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
01:03:05.0411 0x07cc CmBatt - ok
01:03:05.0427 0x07cc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:03:05.0436 0x07cc cmdide - ok
01:03:05.0484 0x07cc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
01:03:05.0507 0x07cc CNG - ok
01:03:05.0532 0x07cc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
01:03:05.0542 0x07cc Compbatt - ok
01:03:05.0557 0x07cc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:03:05.0594 0x07cc CompositeBus - ok
01:03:05.0597 0x07cc COMSysApp - ok
01:03:05.0669 0x07cc [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
01:03:05.0678 0x07cc cpudrv64 - ok
01:03:05.0700 0x07cc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:03:05.0710 0x07cc crcdisk - ok
01:03:05.0741 0x07cc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:03:05.0766 0x07cc CryptSvc - ok
01:03:05.0800 0x07cc [ E6CE7188CC47AE5DAFDAF552D370C52F, D68E48F137BF8C6CD0BE4248F9F9D7C68F273C34304641756A76364E915BF428 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
01:03:05.0810 0x07cc dc3d - ok
01:03:05.0850 0x07cc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:03:05.0901 0x07cc DcomLaunch - ok
01:03:05.0937 0x07cc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
01:03:05.0987 0x07cc defragsvc - ok
01:03:06.0011 0x07cc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:03:06.0049 0x07cc DfsC - ok
01:03:06.0096 0x07cc [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
01:03:06.0108 0x07cc dg_ssudbus - ok
01:03:06.0149 0x07cc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
01:03:06.0180 0x07cc Dhcp - ok
01:03:06.0189 0x07cc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
01:03:06.0218 0x07cc discache - ok
01:03:06.0247 0x07cc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
01:03:06.0259 0x07cc Disk - ok
01:03:06.0292 0x07cc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:03:06.0327 0x07cc Dnscache - ok
01:03:06.0354 0x07cc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
01:03:06.0404 0x07cc dot3svc - ok
01:03:06.0445 0x07cc [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
01:03:06.0469 0x07cc Dot4 - ok
01:03:06.0478 0x07cc [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
01:03:06.0498 0x07cc Dot4Print - ok
01:03:06.0514 0x07cc [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
01:03:06.0542 0x07cc dot4usb - ok
01:03:06.0572 0x07cc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
01:03:06.0628 0x07cc DPS - ok
01:03:06.0686 0x07cc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:03:06.0720 0x07cc drmkaud - ok
01:03:06.0782 0x07cc [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
01:03:06.0801 0x07cc DsiWMIService - ok
01:03:06.0860 0x07cc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:03:06.0887 0x07cc DXGKrnl - ok
01:03:06.0936 0x07cc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
01:03:06.0981 0x07cc EapHost - ok
01:03:07.0090 0x07cc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
01:03:07.0203 0x07cc ebdrv - ok
01:03:07.0239 0x07cc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
01:03:07.0263 0x07cc EFS - ok
01:03:07.0339 0x07cc [ 5332EC2BA1C112BD4BB1F38127848FEF, 156585CE4011546B20EDD20D04E639A0788B1DE6455B23B94E2CD31BA725FE3C ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
01:03:07.0355 0x07cc EgisTec Ticket Service - ok
01:03:07.0404 0x07cc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:03:07.0445 0x07cc ehRecvr - ok
01:03:07.0465 0x07cc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
01:03:07.0494 0x07cc ehSched - ok
01:03:07.0532 0x07cc [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
01:03:07.0540 0x07cc ElbyCDIO - ok
01:03:07.0584 0x07cc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:03:07.0605 0x07cc elxstor - ok
01:03:07.0689 0x07cc [ 48425C93B6F36529707206E4FA680CF3, 328BD59DEDFAD359EF79CCFBC2AD3E9C95657EC616AE0611F5EFEB34B810692A ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
01:03:07.0713 0x07cc ePowerSvc - ok
01:03:07.0724 0x07cc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:03:07.0751 0x07cc ErrDev - ok
01:03:07.0776 0x07cc [ DBAA0C650C9549DC5C599D1E81DEDAAD, C8DF68CDACEF27C91CFD1FE8032A8DAF830D9E77C573C25DE5D41FC3DB824ABA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
01:03:07.0789 0x07cc ETD - ok
01:03:07.0840 0x07cc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
01:03:07.0883 0x07cc EventSystem - ok
01:03:07.0907 0x07cc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
01:03:07.0940 0x07cc exfat - ok
01:03:07.0964 0x07cc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:03:08.0012 0x07cc fastfat - ok
01:03:08.0047 0x07cc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
01:03:08.0087 0x07cc Fax - ok
01:03:08.0102 0x07cc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
01:03:08.0122 0x07cc fdc - ok
01:03:08.0130 0x07cc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
01:03:08.0162 0x07cc fdPHost - ok
01:03:08.0183 0x07cc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
01:03:08.0227 0x07cc FDResPub - ok
01:03:08.0252 0x07cc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:03:08.0262 0x07cc FileInfo - ok
01:03:08.0273 0x07cc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:03:08.0312 0x07cc Filetrace - ok
01:03:08.0362 0x07cc [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:03:08.0383 0x07cc FLEXnet Licensing Service - ok
01:03:08.0400 0x07cc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
01:03:08.0410 0x07cc flpydisk - ok
01:03:08.0446 0x07cc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:03:08.0461 0x07cc FltMgr - ok
01:03:08.0536 0x07cc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
01:03:08.0580 0x07cc FontCache - ok
01:03:08.0640 0x07cc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:03:08.0650 0x07cc FontCache3.0.0.0 - ok
01:03:08.0750 0x07cc [ D316BB764E63289DEE509F05C31C2956, 3685CD50504725CD7FA65EE27BD450DE5D7058201FF870FF8D833AA81B415C4D ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
01:03:08.0761 0x07cc FoxitCloudUpdateService - ok
01:03:08.0778 0x07cc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:03:08.0788 0x07cc FsDepends - ok
01:03:08.0813 0x07cc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:03:08.0821 0x07cc Fs_Rec - ok
01:03:08.0858 0x07cc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:03:08.0874 0x07cc fvevol - ok
01:03:08.0902 0x07cc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:03:08.0915 0x07cc gagp30kx - ok
01:03:08.0968 0x07cc [ A6FD278E3D22A2E9CCEC65F3E81E2818, 668A33AA61F12C44BD29E8A2493B996AF90F7B3DED74EF17BD1BEB4E2143952D ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
01:03:08.0982 0x07cc GamesAppIntegrationService - ok
01:03:09.0004 0x07cc [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
01:03:09.0016 0x07cc GamesAppService - ok
01:03:09.0057 0x07cc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
01:03:09.0106 0x07cc gpsvc - ok
01:03:09.0158 0x07cc [ C9B2D1D3F86FD3673EF847DEF73B6F9E, 9D3822A6464F685F770F8D02A8AE623A676888F135E8425C3BAF1CC077429A7F ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
01:03:09.0165 0x07cc GREGService - ok
01:03:09.0210 0x07cc [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:03:09.0222 0x07cc gusvc - ok
01:03:09.0243 0x07cc [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
01:03:09.0252 0x07cc hamachi - ok
01:03:09.0269 0x07cc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:03:09.0291 0x07cc hcw85cir - ok
01:03:09.0313 0x07cc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:03:09.0350 0x07cc HdAudAddService - ok
01:03:09.0362 0x07cc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:03:09.0387 0x07cc HDAudBus - ok
01:03:09.0399 0x07cc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
01:03:09.0422 0x07cc HidBatt - ok
01:03:09.0448 0x07cc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:03:09.0469 0x07cc HidBth - ok
01:03:09.0489 0x07cc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
01:03:09.0504 0x07cc HidIr - ok
01:03:09.0520 0x07cc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
01:03:09.0558 0x07cc hidserv - ok
01:03:09.0585 0x07cc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:03:09.0597 0x07cc HidUsb - ok
01:03:09.0617 0x07cc [ 105C4376B682DF3FE6C9B45252BE9DB7, 751C7248CCEC10FF632D976423F6B4C0611F8C643EE4E1040106B23B68549B44 ] hipeer20 C:\Windows\system32\DRIVERS\remobo64.sys
01:03:09.0636 0x07cc hipeer20 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:15.0900 0x07cc Detect skipped due to KSN trusted
01:03:15.0900 0x07cc hipeer20 - ok
01:03:15.0955 0x07cc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:03:15.0998 0x07cc hkmsvc - ok
01:03:16.0019 0x07cc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:03:16.0047 0x07cc HomeGroupListener - ok
01:03:16.0078 0x07cc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:03:16.0108 0x07cc HomeGroupProvider - ok
01:03:16.0202 0x07cc [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
01:03:16.0224 0x07cc hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:18.0968 0x07cc Detect skipped due to KSN trusted
01:03:18.0968 0x07cc hpqcxs08 - ok
01:03:19.0025 0x07cc [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
01:03:19.0047 0x07cc hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
01:03:25.0390 0x07cc Detect skipped due to KSN trusted
01:03:25.0390 0x07cc hpqddsvc - ok
01:03:25.0438 0x07cc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:03:25.0449 0x07cc HpSAMD - ok
01:03:25.0504 0x07cc [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
01:03:25.0541 0x07cc HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
01:03:28.0207 0x07cc Detect skipped due to KSN trusted
01:03:28.0208 0x07cc HPSLPSVC - ok
01:03:28.0253 0x07cc [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
01:03:28.0273 0x07cc HTCAND64 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:31.0024 0x07cc Detect skipped due to KSN trusted
01:03:31.0024 0x07cc HTCAND64 - ok
01:03:31.0081 0x07cc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:03:31.0139 0x07cc HTTP - ok
01:03:31.0155 0x07cc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:03:31.0163 0x07cc hwpolicy - ok
01:03:31.0183 0x07cc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:03:31.0197 0x07cc i8042prt - ok
01:03:31.0223 0x07cc [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor C:\Windows\system32\drivers\iaStor.sys
01:03:31.0240 0x07cc iaStor - ok
01:03:31.0289 0x07cc [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
01:03:31.0299 0x07cc IAStorDataMgrSvc - ok
01:03:31.0330 0x07cc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:03:31.0348 0x07cc iaStorV - ok
01:03:31.0415 0x07cc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:03:31.0444 0x07cc idsvc - ok
01:03:31.0458 0x07cc IEEtwCollectorService - ok
01:03:31.0819 0x07cc [ 9937600A1584FF00565D5379EB4C9EDB, CF03333E9E7BD940B27194A9CF21ED8A6A10B698B545A898291976F650FC2675 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:03:32.0312 0x07cc igfx - ok
01:03:32.0352 0x07cc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:03:32.0362 0x07cc iirsp - ok
01:03:32.0406 0x07cc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
01:03:32.0449 0x07cc IKEEXT - ok
01:03:32.0543 0x07cc [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:03:32.0613 0x07cc IntcAzAudAddService - ok
01:03:32.0640 0x07cc [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
01:03:32.0658 0x07cc IntcDAud - ok
01:03:32.0689 0x07cc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
01:03:32.0698 0x07cc intelide - ok
01:03:32.0732 0x07cc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:03:32.0762 0x07cc intelppm - ok
01:03:32.0790 0x07cc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:03:32.0851 0x07cc IPBusEnum - ok
01:03:32.0866 0x07cc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:03:32.0895 0x07cc IpFilterDriver - ok
01:03:32.0907 0x07cc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:03:32.0920 0x07cc IPMIDRV - ok
01:03:32.0927 0x07cc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:03:32.0972 0x07cc IPNAT - ok
01:03:32.0988 0x07cc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:03:33.0004 0x07cc IRENUM - ok
01:03:33.0008 0x07cc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:03:33.0017 0x07cc isapnp - ok
01:03:33.0055 0x07cc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:03:33.0071 0x07cc iScsiPrt - ok
01:03:33.0115 0x07cc [ 455B75C19BF3F1F2EE3AC10E1169826C, C8CE6DE48E0B4621F2851A994261FA787556A27F9868A8859E5E8A8354028257 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
01:03:33.0132 0x07cc k57nd60a - ok
01:03:33.0154 0x07cc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:03:33.0163 0x07cc kbdclass - ok
01:03:33.0179 0x07cc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:03:33.0200 0x07cc kbdhid - ok
01:03:33.0219 0x07cc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
01:03:33.0230 0x07cc KeyIso - ok
01:03:33.0233 0x07cc KMService - ok
01:03:33.0269 0x07cc [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:03:33.0280 0x07cc KSecDD - ok
01:03:33.0290 0x07cc [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:03:33.0301 0x07cc KSecPkg - ok
01:03:33.0323 0x07cc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:03:33.0365 0x07cc ksthunk - ok
01:03:33.0401 0x07cc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
01:03:33.0455 0x07cc KtmRm - ok
01:03:33.0494 0x07cc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:03:33.0543 0x07cc LanmanServer - ok
01:03:33.0558 0x07cc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:03:33.0606 0x07cc LanmanWorkstation - ok
01:03:33.0625 0x07cc libusb0 - ok
01:03:33.0635 0x07cc libusbd - ok
01:03:33.0677 0x07cc [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
01:03:33.0689 0x07cc Live Updater Service - ok
01:03:33.0709 0x07cc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:03:33.0752 0x07cc lltdio - ok
01:03:33.0777 0x07cc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:03:33.0835 0x07cc lltdsvc - ok
01:03:33.0854 0x07cc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:03:33.0893 0x07cc lmhosts - ok
01:03:33.0939 0x07cc [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:03:33.0953 0x07cc LMS - ok
01:03:33.0991 0x07cc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:03:34.0002 0x07cc LSI_FC - ok
01:03:34.0007 0x07cc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:03:34.0019 0x07cc LSI_SAS - ok
01:03:34.0023 0x07cc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
01:03:34.0034 0x07cc LSI_SAS2 - ok
01:03:34.0040 0x07cc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:03:34.0053 0x07cc LSI_SCSI - ok
01:03:34.0065 0x07cc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
01:03:34.0103 0x07cc luafv - ok
01:03:34.0133 0x07cc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:03:34.0154 0x07cc Mcx2Svc - ok
01:03:34.0158 0x07cc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
01:03:34.0168 0x07cc megasas - ok
01:03:34.0208 0x07cc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
01:03:34.0222 0x07cc MegaSR - ok
01:03:34.0252 0x07cc [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
01:03:34.0260 0x07cc MEIx64 - ok
01:03:34.0305 0x07cc Microsoft SharePoint Workspace Audit Service - ok
01:03:34.0340 0x07cc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
01:03:34.0380 0x07cc MMCSS - ok
01:03:34.0390 0x07cc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
01:03:34.0427 0x07cc Modem - ok
01:03:34.0445 0x07cc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:03:34.0470 0x07cc monitor - ok
01:03:34.0522 0x07cc [ FC44AD48746FFA5FD640EF1260AB5EC2, 95F7CCFC0BC782F3462A1C012E8122AB8D77BFB42E22A7B537475B9B266A6A1E ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
01:03:34.0532 0x07cc MotioninJoyXFilter - ok
01:03:34.0561 0x07cc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:03:34.0571 0x07cc mouclass - ok
01:03:34.0599 0x07cc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:03:34.0629 0x07cc mouhid - ok
01:03:34.0650 0x07cc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:03:34.0661 0x07cc mountmgr - ok
01:03:34.0682 0x07cc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
01:03:34.0693 0x07cc mpio - ok
01:03:34.0717 0x07cc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:03:34.0747 0x07cc mpsdrv - ok
01:03:34.0781 0x07cc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:03:34.0796 0x07cc MRxDAV - ok
01:03:34.0835 0x07cc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:03:34.0862 0x07cc mrxsmb - ok
01:03:34.0889 0x07cc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:03:34.0907 0x07cc mrxsmb10 - ok
01:03:34.0918 0x07cc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:03:34.0932 0x07cc mrxsmb20 - ok
01:03:34.0956 0x07cc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
01:03:34.0969 0x07cc msahci - ok
01:03:35.0005 0x07cc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:03:35.0017 0x07cc msdsm - ok
01:03:35.0057 0x07cc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
01:03:35.0073 0x07cc MSDTC - ok
01:03:35.0090 0x07cc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:03:35.0121 0x07cc Msfs - ok
01:03:35.0135 0x07cc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:03:35.0171 0x07cc mshidkmdf - ok
01:03:35.0192 0x07cc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:03:35.0200 0x07cc msisadrv - ok
01:03:35.0228 0x07cc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:03:35.0270 0x07cc MSiSCSI - ok
01:03:35.0273 0x07cc msiserver - ok
01:03:35.0300 0x07cc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:03:35.0339 0x07cc MSKSSRV - ok
01:03:35.0352 0x07cc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:03:35.0395 0x07cc MSPCLOCK - ok
01:03:35.0409 0x07cc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:03:35.0456 0x07cc MSPQM - ok
01:03:35.0478 0x07cc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:03:35.0495 0x07cc MsRPC - ok
01:03:35.0513 0x07cc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:03:35.0522 0x07cc mssmbios - ok
01:03:35.0531 0x07cc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:03:35.0575 0x07cc MSTEE - ok
01:03:35.0578 0x07cc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
01:03:35.0592 0x07cc MTConfig - ok
01:03:35.0636 0x07cc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
01:03:35.0645 0x07cc Mup - ok
01:03:35.0671 0x07cc [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
01:03:35.0679 0x07cc mwlPSDFilter - ok
01:03:35.0694 0x07cc [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
01:03:35.0702 0x07cc mwlPSDNServ - ok
01:03:35.0718 0x07cc [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
01:03:35.0726 0x07cc mwlPSDVDisk - ok
01:03:35.0787 0x07cc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
01:03:35.0849 0x07cc napagent - ok
01:03:35.0884 0x07cc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:03:35.0919 0x07cc NativeWifiP - ok
01:03:35.0976 0x07cc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
01:03:36.0007 0x07cc NDIS - ok
01:03:36.0019 0x07cc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:03:36.0047 0x07cc NdisCap - ok
01:03:36.0076 0x07cc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:03:36.0104 0x07cc NdisTapi - ok
01:03:36.0116 0x07cc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:03:36.0154 0x07cc Ndisuio - ok
01:03:36.0174 0x07cc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:03:36.0211 0x07cc NdisWan - ok
01:03:36.0224 0x07cc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:03:36.0263 0x07cc NDProxy - ok
01:03:36.0297 0x07cc [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
01:03:36.0310 0x07cc Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:38.0974 0x07cc Detect skipped due to KSN trusted
01:03:38.0974 0x07cc Net Driver HPZ12 - ok
01:03:39.0019 0x07cc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:03:39.0053 0x07cc NetBIOS - ok
01:03:39.0078 0x07cc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:03:39.0112 0x07cc NetBT - ok
01:03:39.0130 0x07cc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
01:03:39.0141 0x07cc Netlogon - ok
01:03:39.0170 0x07cc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
01:03:39.0221 0x07cc Netman - ok
01:03:39.0274 0x07cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:39.0286 0x07cc NetMsmqActivator - ok
01:03:39.0313 0x07cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:39.0324 0x07cc NetPipeActivator - ok
01:03:39.0349 0x07cc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
01:03:39.0399 0x07cc netprofm - ok
01:03:39.0430 0x07cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:39.0441 0x07cc NetTcpActivator - ok
01:03:39.0447 0x07cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:39.0458 0x07cc NetTcpPortSharing - ok
01:03:39.0485 0x07cc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:03:39.0495 0x07cc nfrd960 - ok
01:03:39.0527 0x07cc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:03:39.0557 0x07cc NlaSvc - ok
01:03:39.0677 0x07cc [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
01:03:39.0737 0x07cc NOBU - ok
01:03:39.0765 0x07cc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:03:39.0796 0x07cc Npfs - ok
01:03:39.0799 0x07cc npggsvc - ok
01:03:39.0826 0x07cc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
01:03:39.0860 0x07cc nsi - ok
01:03:39.0875 0x07cc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:03:39.0912 0x07cc nsiproxy - ok
01:03:39.0994 0x07cc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:03:40.0042 0x07cc Ntfs - ok
01:03:40.0105 0x07cc [ 1873214666F6F0A883742DF91FBC48C9, DCF5382CE338D4B5B0C3A3B722A19B6C7BAB59EB7B266FEF04698B79070E2C4B ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
01:03:40.0119 0x07cc NTI IScheduleSvc - ok
01:03:40.0141 0x07cc [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
01:03:40.0152 0x07cc NTIDrvr - ok
01:03:40.0179 0x07cc [ A2F750E416D1C628BDCDC2075AC33BC6, 84F63524803A29DC1B416829B81B80AE0BB2C7CC178B8AF0561E9FC40E66424A ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
01:03:40.0187 0x07cc NuidFltr - ok
01:03:40.0206 0x07cc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
01:03:40.0236 0x07cc Null - ok
01:03:40.0625 0x07cc [ E6FCC772353DB9D18DEA0171A667626B, D2351F115F259456871E47C15D13BD8E5ED2FA7FA5E6CA7BA0CD4768D9339082 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:03:40.0883 0x07cc nvlddmkm - ok
01:03:41.0027 0x07cc [ 048C6FACA905A7DF0A86D3CC31D7E6AE, 7222B301DBBDFF15B038E13FEA076759D8AC392F5145ECD60A640BDA6CFABE8C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
01:03:41.0066 0x07cc NvNetworkService - ok
01:03:41.0093 0x07cc [ CA09A21E2F0776C48C21BB045DAAEA94, AACC61048A2210ECABF4665B2B21C8232E26EC898EE65C49DA0481B0B266D740 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
01:03:41.0102 0x07cc nvpciflt - ok
01:03:41.0115 0x07cc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:03:41.0126 0x07cc nvraid - ok
01:03:41.0133 0x07cc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:03:41.0145 0x07cc nvstor - ok
01:03:41.0248 0x07cc [ 3ABCD8F8853FEB12B961E9A48FC12133, 58255D53E810EE0D89FA2F1DC9D6208BF44F3C0FDE74A9264FB740024F1EDD44 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
01:03:41.0257 0x07cc NvStreamKms - ok
01:03:41.0293 0x07cc NvStreamSvc - ok
01:03:41.0364 0x07cc [ 5C929C787A45E00BE7F4A99221D66787, 24BFBB0E1E39C6816C66AEFF3509062A829AAE105B4C493C9F78F664FA6FD402 ] nvsvc C:\Windows\system32\nvvsvc.exe
01:03:41.0390 0x07cc nvsvc - ok
01:03:41.0417 0x07cc [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
01:03:41.0426 0x07cc nvvad_WaveExtensible - ok
01:03:41.0443 0x07cc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:03:41.0455 0x07cc nv_agp - ok
01:03:41.0466 0x07cc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:03:41.0488 0x07cc ohci1394 - ok
01:03:41.0541 0x07cc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:03:41.0554 0x07cc ose - ok
01:03:41.0773 0x07cc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:03:41.0959 0x07cc osppsvc - ok
01:03:42.0013 0x07cc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:03:42.0050 0x07cc p2pimsvc - ok
01:03:42.0087 0x07cc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
01:03:42.0112 0x07cc p2psvc - ok
01:03:42.0140 0x07cc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
01:03:42.0154 0x07cc Parport - ok
01:03:42.0187 0x07cc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:03:42.0197 0x07cc partmgr - ok
01:03:42.0223 0x07cc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
01:03:42.0252 0x07cc PcaSvc - ok
01:03:42.0274 0x07cc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
01:03:42.0291 0x07cc pci - ok
01:03:42.0327 0x07cc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
01:03:42.0336 0x07cc pciide - ok
01:03:42.0365 0x07cc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:03:42.0378 0x07cc pcmcia - ok
01:03:42.0394 0x07cc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
01:03:42.0404 0x07cc pcw - ok
01:03:42.0437 0x07cc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:03:42.0490 0x07cc PEAUTH - ok
01:03:42.0560 0x07cc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:03:42.0586 0x07cc PerfHost - ok
01:03:42.0658 0x07cc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
01:03:42.0730 0x07cc pla - ok
01:03:42.0776 0x07cc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:03:42.0813 0x07cc PlugPlay - ok
01:03:42.0845 0x07cc [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:03:42.0861 0x07cc Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:45.0531 0x07cc Detect skipped due to KSN trusted
01:03:45.0532 0x07cc Pml Driver HPZ12 - ok
01:03:45.0584 0x07cc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:03:45.0611 0x07cc PNRPAutoReg - ok
01:03:45.0635 0x07cc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:03:45.0655 0x07cc PNRPsvc - ok
01:03:45.0666 0x07cc [ 32D374C60778253B81FA76C2FE19E155, 6BD6B360EAC4F9988921281B52B4B1A29DDD287C6DB18688B4CEA5B1B4F22106 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
01:03:45.0675 0x07cc Point64 - ok
01:03:45.0720 0x07cc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:03:45.0774 0x07cc PolicyAgent - ok
01:03:45.0805 0x07cc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
01:03:45.0852 0x07cc Power - ok
01:03:45.0873 0x07cc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:03:45.0918 0x07cc PptpMiniport - ok
01:03:45.0932 0x07cc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
01:03:45.0949 0x07cc Processor - ok
01:03:45.0987 0x07cc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
01:03:46.0005 0x07cc ProfSvc - ok
01:03:46.0019 0x07cc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:03:46.0031 0x07cc ProtectedStorage - ok
01:03:46.0049 0x07cc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:03:46.0092 0x07cc Psched - ok
01:03:46.0170 0x07cc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:03:46.0213 0x07cc ql2300 - ok
01:03:46.0222 0x07cc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:03:46.0233 0x07cc ql40xx - ok
01:03:46.0263 0x07cc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
01:03:46.0287 0x07cc QWAVE - ok
01:03:46.0300 0x07cc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:03:46.0333 0x07cc QWAVEdrv - ok
01:03:46.0343 0x07cc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:03:46.0383 0x07cc RasAcd - ok
01:03:46.0406 0x07cc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:03:46.0435 0x07cc RasAgileVpn - ok
01:03:46.0461 0x07cc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
01:03:46.0512 0x07cc RasAuto - ok
01:03:46.0527 0x07cc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:03:46.0568 0x07cc Rasl2tp - ok
01:03:46.0596 0x07cc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
01:03:46.0644 0x07cc RasMan - ok
01:03:46.0655 0x07cc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:03:46.0700 0x07cc RasPppoe - ok
01:03:46.0718 0x07cc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:03:46.0760 0x07cc RasSstp - ok
01:03:46.0786 0x07cc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:03:46.0833 0x07cc rdbss - ok
01:03:46.0848 0x07cc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
01:03:46.0875 0x07cc rdpbus - ok
01:03:46.0888 0x07cc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:03:46.0915 0x07cc RDPCDD - ok
01:03:46.0927 0x07cc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:03:46.0969 0x07cc RDPENCDD - ok
01:03:46.0990 0x07cc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:03:47.0017 0x07cc RDPREFMP - ok
01:03:47.0049 0x07cc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:03:47.0064 0x07cc RDPWD - ok
01:03:47.0100 0x07cc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:03:47.0114 0x07cc rdyboost - ok
01:03:47.0145 0x07cc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:03:47.0191 0x07cc RemoteAccess - ok
01:03:47.0214 0x07cc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:03:47.0258 0x07cc RemoteRegistry - ok
01:03:47.0276 0x07cc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:03:47.0316 0x07cc RpcEptMapper - ok
01:03:47.0336 0x07cc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
01:03:47.0360 0x07cc RpcLocator - ok
01:03:47.0415 0x07cc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
01:03:47.0454 0x07cc RpcSs - ok
01:03:47.0479 0x07cc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:03:47.0524 0x07cc rspndr - ok
01:03:47.0541 0x07cc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
01:03:47.0553 0x07cc SamSs - ok
01:03:47.0583 0x07cc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:03:47.0594 0x07cc sbp2port - ok
01:03:47.0619 0x07cc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:03:47.0653 0x07cc SCardSvr - ok
01:03:47.0673 0x07cc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:03:47.0708 0x07cc scfilter - ok
01:03:47.0754 0x07cc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
01:03:47.0828 0x07cc Schedule - ok
01:03:47.0851 0x07cc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
01:03:47.0879 0x07cc SCPolicySvc - ok
01:03:47.0901 0x07cc [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
01:03:47.0922 0x07cc sdbus - ok
01:03:47.0953 0x07cc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:03:47.0981 0x07cc SDRSVC - ok
01:03:47.0993 0x07cc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:03:48.0034 0x07cc secdrv - ok
01:03:48.0047 0x07cc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
01:03:48.0093 0x07cc seclogon - ok
01:03:48.0120 0x07cc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
01:03:48.0159 0x07cc SENS - ok
01:03:48.0174 0x07cc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:03:48.0197 0x07cc SensrSvc - ok
01:03:48.0212 0x07cc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
01:03:48.0238 0x07cc Serenum - ok
01:03:48.0256 0x07cc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
01:03:48.0274 0x07cc Serial - ok
01:03:48.0279 0x07cc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:03:48.0300 0x07cc sermouse - ok
01:03:48.0339 0x07cc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
01:03:48.0385 0x07cc SessionEnv - ok
01:03:48.0403 0x07cc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:03:48.0416 0x07cc sffdisk - ok
01:03:48.0422 0x07cc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:03:48.0450 0x07cc sffp_mmc - ok
01:03:48.0465 0x07cc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:03:48.0487 0x07cc sffp_sd - ok
01:03:48.0492 0x07cc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:03:48.0513 0x07cc sfloppy - ok
01:03:48.0541 0x07cc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:03:48.0588 0x07cc ShellHWDetection - ok
01:03:48.0605 0x07cc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
01:03:48.0616 0x07cc SiSRaid2 - ok
01:03:48.0621 0x07cc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:03:48.0632 0x07cc SiSRaid4 - ok
01:03:48.0677 0x07cc [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:03:48.0692 0x07cc SkypeUpdate - ok
01:03:48.0712 0x07cc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:03:48.0741 0x07cc Smb - ok
01:03:48.0769 0x07cc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:03:48.0806 0x07cc SNMPTRAP - ok
01:03:48.0835 0x07cc [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan C:\Windows\syswow64\speedfan.sys
01:03:48.0847 0x07cc speedfan - ok
01:03:48.0864 0x07cc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
01:03:48.0872 0x07cc spldr - ok
01:03:48.0909 0x07cc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
01:03:48.0935 0x07cc Spooler - ok
01:03:49.0059 0x07cc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
01:03:49.0198 0x07cc sppsvc - ok
01:03:49.0222 0x07cc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:03:49.0256 0x07cc sppuinotify - ok
01:03:49.0281 0x07cc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:03:49.0318 0x07cc srv - ok
01:03:49.0353 0x07cc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:03:49.0389 0x07cc srv2 - ok
01:03:49.0414 0x07cc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:03:49.0428 0x07cc srvnet - ok
01:03:49.0472 0x07cc [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
01:03:49.0485 0x07cc ssadbus - ok
01:03:49.0517 0x07cc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:03:49.0567 0x07cc SSDPSRV - ok
01:03:49.0584 0x07cc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:03:49.0616 0x07cc SstpSvc - ok
01:03:49.0673 0x07cc [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
01:03:49.0686 0x07cc ssudmdm - ok
01:03:49.0708 0x07cc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
01:03:49.0718 0x07cc stexstor - ok
01:03:49.0757 0x07cc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
01:03:49.0804 0x07cc stisvc - ok
01:03:49.0835 0x07cc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
01:03:49.0845 0x07cc swenum - ok
01:03:49.0888 0x07cc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
01:03:49.0943 0x07cc swprv - ok
01:03:50.0012 0x07cc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
01:03:50.0080 0x07cc SysMain - ok
01:03:50.0111 0x07cc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:03:50.0140 0x07cc TabletInputService - ok
01:03:50.0167 0x07cc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
01:03:50.0203 0x07cc TapiSrv - ok
01:03:50.0220 0x07cc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
01:03:50.0258 0x07cc TBS - ok
01:03:50.0344 0x07cc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:03:50.0395 0x07cc Tcpip - ok
01:03:50.0441 0x07cc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:03:50.0486 0x07cc TCPIP6 - ok
01:03:50.0525 0x07cc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:03:50.0537 0x07cc tcpipreg - ok
01:03:50.0565 0x07cc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:03:50.0592 0x07cc TDPIPE - ok
01:03:50.0617 0x07cc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:03:50.0627 0x07cc TDTCP - ok
01:03:50.0651 0x07cc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:03:50.0697 0x07cc tdx - ok
01:03:50.0718 0x07cc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
01:03:50.0727 0x07cc TermDD - ok
01:03:50.0773 0x07cc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
01:03:50.0831 0x07cc TermService - ok
01:03:50.0848 0x07cc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
01:03:50.0865 0x07cc Themes - ok
01:03:50.0877 0x07cc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
01:03:50.0908 0x07cc THREADORDER - ok
01:03:50.0928 0x07cc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
01:03:50.0978 0x07cc TrkWks - ok
01:03:51.0022 0x07cc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:03:51.0065 0x07cc TrustedInstaller - ok
01:03:51.0101 0x07cc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:03:51.0133 0x07cc tssecsrv - ok
01:03:51.0171 0x07cc [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:03:51.0196 0x07cc TsUsbFlt - ok
01:03:51.0232 0x07cc [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
01:03:51.0272 0x07cc TsUsbGD - ok
01:03:51.0303 0x07cc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:03:51.0356 0x07cc tunnel - ok
01:03:51.0375 0x07cc [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
01:03:51.0383 0x07cc TurboB - ok
01:03:51.0428 0x07cc [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
01:03:51.0440 0x07cc TurboBoost - ok
01:03:51.0463 0x07cc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:03:51.0474 0x07cc uagp35 - ok
01:03:51.0478 0x07cc [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
01:03:51.0486 0x07cc UBHelper - ok
01:03:51.0513 0x07cc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:03:51.0561 0x07cc udfs - ok
01:03:51.0601 0x07cc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:03:51.0623 0x07cc UI0Detect - ok
01:03:51.0639 0x07cc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:03:51.0651 0x07cc uliagpkx - ok
01:03:51.0675 0x07cc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:03:51.0695 0x07cc umbus - ok
01:03:51.0699 0x07cc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
01:03:51.0718 0x07cc UmPass - ok
01:03:51.0848 0x07cc [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:03:51.0910 0x07cc UNS - ok
01:03:51.0936 0x07cc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
01:03:51.0991 0x07cc upnphost - ok
01:03:52.0027 0x07cc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:03:52.0048 0x07cc usbccgp - ok
01:03:52.0077 0x07cc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:03:52.0098 0x07cc usbcir - ok
01:03:52.0114 0x07cc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
01:03:52.0133 0x07cc usbehci - ok
01:03:52.0166 0x07cc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:03:52.0202 0x07cc usbhub - ok
01:03:52.0236 0x07cc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:03:52.0248 0x07cc usbohci - ok
01:03:52.0279 0x07cc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:03:52.0299 0x07cc usbprint - ok
01:03:52.0350 0x07cc [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
01:03:52.0373 0x07cc usbscan - ok
01:03:52.0399 0x07cc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:03:52.0420 0x07cc USBSTOR - ok
01:03:52.0445 0x07cc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
01:03:52.0471 0x07cc usbuhci - ok
01:03:52.0512 0x07cc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
01:03:52.0537 0x07cc usbvideo - ok
01:03:52.0570 0x07cc [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
01:03:52.0595 0x07cc usb_rndisx - ok
01:03:52.0621 0x07cc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
01:03:52.0663 0x07cc UxSms - ok
01:03:52.0675 0x07cc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
01:03:52.0687 0x07cc VaultSvc - ok
01:03:52.0717 0x07cc [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
01:03:52.0740 0x07cc VClone - ok
01:03:52.0763 0x07cc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:03:52.0773 0x07cc vdrvroot - ok
01:03:52.0814 0x07cc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
01:03:52.0863 0x07cc vds - ok
01:03:52.0885 0x07cc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:03:52.0899 0x07cc vga - ok
01:03:52.0912 0x07cc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
01:03:52.0949 0x07cc VgaSave - ok
01:03:52.0971 0x07cc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:03:52.0985 0x07cc vhdmp - ok
01:03:53.0017 0x07cc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
01:03:53.0027 0x07cc viaide - ok
01:03:53.0043 0x07cc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:03:53.0053 0x07cc volmgr - ok
01:03:53.0077 0x07cc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:03:53.0093 0x07cc volmgrx - ok
01:03:53.0114 0x07cc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:03:53.0129 0x07cc volsnap - ok
01:03:53.0163 0x07cc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:03:53.0175 0x07cc vsmraid - ok
01:03:53.0242 0x07cc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
01:03:53.0326 0x07cc VSS - ok
01:03:53.0348 0x07cc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:03:53.0371 0x07cc vwifibus - ok
01:03:53.0392 0x07cc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:03:53.0424 0x07cc vwififlt - ok
01:03:53.0455 0x07cc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
01:03:53.0495 0x07cc W32Time - ok
01:03:53.0518 0x07cc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:03:53.0539 0x07cc WacomPen - ok
01:03:53.0554 0x07cc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:03:53.0596 0x07cc WANARP - ok
01:03:53.0602 0x07cc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:03:53.0630 0x07cc Wanarpv6 - ok
01:03:53.0689 0x07cc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
01:03:53.0752 0x07cc wbengine - ok
01:03:53.0776 0x07cc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:03:53.0797 0x07cc WbioSrvc - ok
01:03:53.0823 0x07cc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:03:53.0857 0x07cc wcncsvc - ok
01:03:53.0893 0x07cc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:03:53.0918 0x07cc WcsPlugInService - ok
01:03:53.0943 0x07cc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
01:03:53.0952 0x07cc Wd - ok
01:03:54.0002 0x07cc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:03:54.0029 0x07cc Wdf01000 - ok
01:03:54.0048 0x07cc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:03:54.0075 0x07cc WdiServiceHost - ok
01:03:54.0081 0x07cc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:03:54.0099 0x07cc WdiSystemHost - ok
01:03:54.0139 0x07cc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
01:03:54.0161 0x07cc WebClient - ok
01:03:54.0194 0x07cc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:03:54.0243 0x07cc Wecsvc - ok
01:03:54.0263 0x07cc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:03:54.0296 0x07cc wercplsupport - ok
01:03:54.0314 0x07cc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
01:03:54.0346 0x07cc WerSvc - ok
01:03:54.0360 0x07cc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:03:54.0388 0x07cc WfpLwf - ok
01:03:54.0407 0x07cc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:03:54.0416 0x07cc WIMMount - ok
01:03:54.0445 0x07cc WinHttpAutoProxySvc - ok
01:03:54.0485 0x07cc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:03:54.0517 0x07cc Winmgmt - ok
01:03:54.0606 0x07cc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
01:03:54.0694 0x07cc WinRM - ok
01:03:54.0732 0x07cc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:03:54.0758 0x07cc WinUsb - ok
01:03:54.0818 0x07cc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
01:03:54.0870 0x07cc Wlansvc - ok
01:03:54.0910 0x07cc [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
01:03:54.0919 0x07cc wlcrasvc - ok
01:03:55.0031 0x07cc [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:03:55.0091 0x07cc wlidsvc - ok
01:03:55.0118 0x07cc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:03:55.0145 0x07cc WmiAcpi - ok
01:03:55.0173 0x07cc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:03:55.0203 0x07cc wmiApSrv - ok
01:03:55.0226 0x07cc WMPNetworkSvc - ok
01:03:55.0259 0x07cc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:03:55.0276 0x07cc WPCSvc - ok
01:03:55.0299 0x07cc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:03:55.0316 0x07cc WPDBusEnum - ok
01:03:55.0351 0x07cc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:03:55.0393 0x07cc ws2ifsl - ok
01:03:55.0398 0x07cc WSearch - ok
01:03:55.0500 0x07cc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
01:03:55.0566 0x07cc wuauserv - ok
01:03:55.0596 0x07cc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:03:55.0620 0x07cc WudfPf - ok
01:03:55.0639 0x07cc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:03:55.0665 0x07cc WUDFRd - ok
01:03:55.0694 0x07cc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:03:55.0723 0x07cc wudfsvc - ok
01:03:55.0758 0x07cc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
01:03:55.0792 0x07cc WwanSvc - ok
01:03:55.0833 0x07cc X6va012 - ok
01:03:55.0852 0x07cc X6va015 - ok
01:03:55.0893 0x07cc [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
01:03:55.0902 0x07cc xusb21 - ok
01:03:55.0934 0x07cc ================ Scan global ===============================
01:03:55.0984 0x07cc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
01:03:56.0022 0x07cc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
01:03:56.0035 0x07cc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
01:03:56.0069 0x07cc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:03:56.0107 0x07cc [ 2F46C1760C531EB2B181F9076E552E8A, C437A66DFD059F5123A3FC226FD1DE6D7A1BFCD7F110CFE8F36F4854D82DA929 ] C:\Windows\system32\services.exe
01:03:56.0116 0x07cc [ Global ] - ok
01:03:56.0116 0x07cc ================ Scan MBR ==================================
01:03:56.0140 0x07cc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:03:57.0116 0x07cc \Device\Harddisk0\DR0 - ok
01:03:57.0116 0x07cc ================ Scan VBR ==================================
01:03:57.0139 0x07cc [ 80D8324591D13F1E5EDDAF73DA617825 ] \Device\Harddisk0\DR0\Partition1
01:03:57.0175 0x07cc \Device\Harddisk0\DR0\Partition1 - ok
01:03:57.0187 0x07cc [ 5E40EA54CBADB0E2D93DDEFACFB633EC ] \Device\Harddisk0\DR0\Partition2
01:03:57.0220 0x07cc \Device\Harddisk0\DR0\Partition2 - ok
01:03:57.0220 0x07cc ================ Scan generic autorun ======================
01:03:57.0260 0x07cc [ BA9E8BF3E91C14DE99FDB1FA946D07AF, 9C3F5F52EE5B8D02B15EE18AA492FB110547A8DCDA3F8284A614F4E1A30F9BB1 ] C:\Windows\system32\igfxtray.exe
01:03:57.0275 0x07cc IgfxTray - ok
01:03:57.0303 0x07cc [ B20857C91A3E992A5AC93D8625C53CAE, ECB89856B267E2F4930CB7B404B51425C6375A47F864577C1A7B8B255278EC12 ] C:\Windows\system32\hkcmd.exe
01:03:57.0321 0x07cc HotKeysCmds - ok
01:03:57.0359 0x07cc [ 29E120E36791B2E620CC398847C28E12, 7C2904FEDD50F49447FD091D33BB3BFA5A2A684101ADB123BC2C08699320B912 ] C:\Windows\system32\igfxpers.exe
01:03:57.0376 0x07cc Persistence - ok
01:03:57.0378 0x07cc IntelTBRunOnce - ok
01:03:57.0378 0x07cc ETDCtrl - ok
01:03:57.0816 0x07cc [ 5DADA908E14051D65DB1991CB0B1F58D, DC02EDA032CEC2241F302995BF010B0376D5421A3E97583CB8A13A80993290B4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:03:58.0065 0x07cc RtHDVCpl - ok
01:03:58.0178 0x07cc [ E897F9B62E611D59FDFAB82FC829B93A, E11E1A488D461105104E7FFD9F8219BDD231807FE33600233BEF11A432E138FD ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
01:03:58.0228 0x07cc RtHDVBg_Dolby - ok
01:03:58.0354 0x07cc [ F0474296AC4E0E6BDE733C1B8513E41A, 2E54894FC1B422F0C520D11166204926D3994A3440037D655C73D66D7118859C ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
01:03:58.0395 0x07cc Power Management - ok
01:03:58.0474 0x07cc [ 9843083FA1E4A655195DF4D7A687C576, 83BFC1F2C594C8BE2D775022ACDF2047A73DC7DE03E1207D90062EC7A3F38FEE ] c:\Program Files\Microsoft Device Center\itype.exe
01:03:58.0514 0x07cc IntelliType Pro - ok
01:03:58.0585 0x07cc [ 770FF1850E70B98777F5978FC8FD5D57, 98DF428740363EB61199798CBA88C9472C429AE97E05E1ACC7D920BF81D19BE3 ] c:\Program Files\Microsoft Device Center\ipoint.exe
01:03:58.0637 0x07cc IntelliPoint - ok
01:03:58.0761 0x07cc [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
01:03:58.0782 0x07cc AdobeAAMUpdater-1.0 - ok
01:03:58.0906 0x07cc [ 436A83E5555A8449B9BFBE1AAB314654, DE956310B2EF80B43399E63E309E659018879942EBBA5063B9A366C2314E8158 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
01:03:58.0959 0x07cc NvBackend - ok
01:03:58.0978 0x07cc [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
01:03:59.0005 0x07cc ShadowPlay - ok
01:03:59.0054 0x07cc [ 0D360F06B168A6F37ACA9D9F958245DA, 0F37D510AE0A31503A359F65D5C04CD798B178A3A3E2601DFBAB6534B3C7C23C ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
01:03:59.0066 0x07cc BackupManagerTray - ok
01:03:59.0126 0x07cc [ 9ABC4E3B00CFA3A47D5569F5B49FE42F, 5D33CCE770BC9BC3AFA544A21F100A7F1E5A36577FDB30884160AC4BFE6A1838 ] C:\Program Files (x86)\Launch Manager\LManager.exe
01:03:59.0154 0x07cc LManager - ok
01:03:59.0206 0x07cc [ E6CC0FA3C1040C791EB3F4BA6C789411, 095D5965FEE00ACB6D8713B2E2772A409A84F42D85383AEAF5FC3E2E393DC07D ] C:\Dolby PCEE4\pcee4.exe
01:03:59.0221 0x07cc Dolby Advanced Audio v2 - ok
01:03:59.0263 0x07cc [ D35187E38B0BD6E116C2CE582CAC4273, B3C652E0875D4354ACE6F475BC84B4BCA41A1AD8AF5FBE9DE9A9B66B7FCC2756 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
01:03:59.0276 0x07cc SuiteTray - ok
01:03:59.0355 0x07cc [ 4EA2353A8DE4F486F1DF9EBD1FCDD5AD, 5D6F48DDD8B0C859A4D92B53B184AEF17531486C70E5D1C38FE92724BCACE911 ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
01:03:59.0366 0x07cc ArcadeMovieService - ok
01:03:59.0456 0x07cc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:03:59.0497 0x07cc Sidebar - ok
01:03:59.0526 0x07cc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:03:59.0551 0x07cc mctadmin - ok
01:03:59.0553 0x07cc IsMyWinLockerReboot - ok
01:03:59.0581 0x07cc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:03:59.0617 0x07cc Sidebar - ok
01:03:59.0622 0x07cc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:03:59.0639 0x07cc mctadmin - ok
01:03:59.0641 0x07cc IsMyWinLockerReboot - ok
01:03:59.0669 0x07cc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:03:59.0705 0x07cc Sidebar - ok
01:03:59.0710 0x07cc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:03:59.0727 0x07cc mctadmin - ok
01:03:59.0729 0x07cc IsMyWinLockerReboot - ok
01:03:59.0773 0x07cc [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files (x86)\RocketDock\RocketDock.exe
01:03:59.0801 0x07cc RocketDock - detected UnsignedFile.Multi.Generic ( 1 )
01:04:09.0852 0x07cc RocketDock ( UnsignedFile.Multi.Generic ) - warning
01:04:14.0602 0x07cc [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
01:04:14.0668 0x07cc Sidebar - ok
01:04:14.0770 0x07cc [ DF552350CDC2AA39C01CE40612DF82A8, 17B90AFC0837712EBC781FAC912B288125A900370B09B32320EB874704CACCE2 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
01:04:14.0806 0x07cc KiesPreload - ok
01:04:14.0808 0x07cc Waiting for KSN requests completion. In queue: 2
01:04:15.0808 0x07cc Waiting for KSN requests completion. In queue: 2
01:04:16.0808 0x07cc Waiting for KSN requests completion. In queue: 2
01:04:17.0823 0x07cc AV detected via SS2: Kaspersky PURE, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\wmiav.exe ( ), 0x41000 ( enabled : updated )
01:04:17.0824 0x07cc FW detected via SS2: Kaspersky PURE, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\wmifw.exe ( ), 0x41010 ( enabled )
01:04:20.0496 0x07cc ============================================================
01:04:20.0496 0x07cc Scan finished
01:04:20.0496 0x07cc ============================================================
01:04:20.0502 0x12e4 Detected object count: 1
01:04:20.0502 0x12e4 Actual detected object count: 1
01:05:21.0513 0x12e4 RocketDock ( UnsignedFile.Multi.Generic ) - skipped by user
01:05:21.0513 0x12e4 RocketDock ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:05:27.0058 0x0cdc Deinitialize success
|
|
14.07.2014, 17:48
| #6 |
| /// the machine /// TB-Ausbilder | Pricechopper Chrome erweiterung entfernen! hi, Scan mit Combofix
__________________ --> Pricechopper Chrome erweiterung entfernen! |
|
14.07.2014, 18:54
| #7 |
| | Pricechopper Chrome erweiterung entfernen! Ich Glaube es ist weg, es taucht zumindest NICHT im Chrome auf. Danke. Kann ich das vllt noch irgendwie checken?! Code:
ATTFilter ComboFix 14-07-14.01 - HRMN 14.07.2014 19:30:29.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8044.6018 [GMT 2:00]
ausgeführt von:: c:\users\HRMN\Downloads\ComboFix.exe
AV: Kaspersky PURE *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky PURE *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky PURE *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ghikpiaflmacdkmbocpbdgjhigiclfli_0.localstorage-journal
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ghikpiaflmacdkmbocpbdgjhigiclfli_0.localstorage
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lackfehpdclhclidcbbfcemcpolgdgnb_0.localstorage-journal
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lackfehpdclhclidcbbfcemcpolgdgnb_0.localstorage
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\IsUn0407.exe
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-14 bis 2014-07-14 ))))))))))))))))))))))))))))))
.
.
2014-07-12 17:12 . 2014-07-12 17:12 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-07-12 16:52 . 2014-07-12 16:52 110080 ----a-r- c:\users\HRMN\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe
2014-07-12 16:52 . 2014-07-12 16:52 110080 ----a-r- c:\users\HRMN\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe
2014-07-12 16:52 . 2014-07-12 16:52 110080 ----a-r- c:\users\HRMN\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe
2014-07-12 16:50 . 2014-07-12 16:52 -------- d-----w- c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 16:50 . 2014-07-12 16:50 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-07-12 15:55 . 2014-07-12 15:55 -------- d-----w- c:\users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 15:35 . 2014-07-12 15:35 -------- d-----w- c:\windows\SysWow64\NV
2014-07-12 15:35 . 2014-07-12 15:35 -------- d-----w- c:\windows\system32\NV
2014-07-12 15:35 . 2014-07-12 15:35 -------- d-----w- c:\programdata\NVIDIA
2014-07-12 15:34 . 2014-06-13 02:11 6783960 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-12 15:34 . 2014-06-13 02:11 3523360 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-12 15:34 . 2014-06-13 02:11 933208 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-12 15:34 . 2014-06-13 02:11 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-07-12 15:34 . 2014-06-13 02:11 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-12 15:34 . 2014-06-13 02:11 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-12 15:34 . 2014-06-13 02:11 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-12 15:34 . 2014-06-13 02:11 1083736 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-07-12 15:34 . 2014-06-06 17:40 3802247 ----a-w- c:\windows\system32\nvcoproc.bin
2014-07-12 15:33 . 2014-06-13 02:48 75040 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-12 15:33 . 2014-06-13 02:48 62920 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-07-12 15:04 . 2014-07-12 15:49 -------- d-----w- c:\programdata\pReIIcEChop
2014-07-12 15:04 . 2014-07-12 15:04 -------- d-----w- c:\program files (x86)\pReIIcEChop
2014-07-12 15:03 . 2014-07-12 15:48 -------- d-----w- c:\programdata\e7e16098dd3a039c
2014-07-12 15:03 . 2014-07-12 15:03 -------- d-----w- c:\users\HRMN\AppData\Local\Comodo
2014-07-12 15:03 . 2014-07-12 15:03 -------- d-----w- c:\users\HomeGroupUser$
2014-07-12 15:03 . 2014-07-12 15:03 -------- d-----w- c:\users\Gast
2014-07-12 15:03 . 2014-07-12 15:03 -------- d-----w- c:\users\Administrator
2014-07-12 15:03 . 2014-07-12 15:03 -------- d-----w- c:\programdata\InstallMate
2014-07-12 12:58 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-12 12:58 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-12 12:58 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-06 11:19 . 2014-07-06 11:19 -------- d-----w- c:\program files (x86)\Renesas Electronics
2014-07-06 11:17 . 2014-07-06 11:17 -------- d-----w- C:\Intel
2014-07-03 21:07 . 2014-07-03 21:07 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-03 21:06 . 2014-07-03 21:06 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-02 20:07 . 2014-07-02 21:14 -------- d-----w- c:\users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 20:02 . 2014-07-02 20:02 -------- d-----w- c:\program files (x86)\ESET
2014-07-02 19:33 . 2014-07-12 19:22 -------- d-----w- C:\FRST
2014-07-02 19:11 . 2014-07-12 17:34 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-02 19:11 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-02 19:11 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-02 19:11 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-02 19:11 . 2014-07-02 19:11 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-07-02 19:11 . 2014-07-02 19:11 -------- d-----w- c:\programdata\Malwarebytes
2014-07-02 19:01 . 2014-07-02 19:01 -------- d-----w- c:\windows\ERUNT
2014-07-02 18:57 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-02 16:21 . 2014-07-02 16:23 -------- d-----w- c:\users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 16:21 . 2014-07-02 16:21 -------- d-----w- c:\users\HRMN\AppData\Roaming\ICQM
2014-06-30 16:49 . 2014-06-30 16:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-06-27 17:38 . 2014-06-27 17:38 43152 ----a-w- c:\windows\avastSS.scr
2014-06-19 17:55 . 2014-06-27 17:38 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-13 22:23 . 2012-06-07 22:20 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-05 19:10 . 2013-07-27 13:20 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-27 17:38 . 2014-03-15 11:27 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-27 17:38 . 2013-07-27 13:20 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-06-27 17:38 . 2013-07-27 13:20 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-27 17:38 . 2013-07-27 13:20 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-06-27 17:38 . 2013-07-27 13:20 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-06-27 17:38 . 2013-07-27 13:19 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-06-27 17:38 . 2013-07-27 13:19 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-06-12 20:54 . 2014-01-09 22:40 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-12 20:54 . 2011-10-14 03:49 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-29 23:07 . 2014-06-02 16:47 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-05-29 23:07 . 2014-05-23 21:09 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07 . 2014-06-02 16:47 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-05-29 23:07 . 2014-05-23 21:09 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-17 18:59 . 2014-05-17 19:00 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-17 18:59 . 2014-05-17 19:00 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-17 18:59 . 2014-05-17 19:00 189352 ----a-w- c:\windows\system32\javaw.exe
2014-05-17 18:59 . 2014-05-17 19:00 189352 ----a-w- c:\windows\system32\java.exe
2014-04-25 02:34 . 2014-06-11 17:25 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 17:25 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-12-11 1564528]
"icq"="c:\users\HRMN\AppData\Roaming\ICQM\icq.exe" [2014-07-02 34848264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2012-04-26 179272]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-12-11 311152]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-03-21 2691480]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-27 4086432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Norton Online Backup"=c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe;c:\windows\SYSNATIVE\libusbd-nt.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo64.sys;c:\windows\SYSNATIVE\DRIVERS\remobo64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ALSysIO;ALSysIO;c:\users\HRMN\AppData\Local\Temp\ALSysIO64.sys;c:\users\HRMN\AppData\Local\Temp\ALSysIO64.sys [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ALSYSIO
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-09 20:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-03-20 09:24 667808 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-03-20 09:24 667808 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-03-20 09:24 667808 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-27 17:38 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-26 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-26 2004584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1 192.168.0.2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ESI Prüfwerte - c:\windows\IsUn0407.exe
AddRemove-{1B41F45E-4BFA-AC68-ACE3-0E3C306BE41F} - c:\progra~3\INSTAL~1\{EBF76~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-14 19:48:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-07-14 17:48
.
Vor Suchlauf: 15 Verzeichnis(se), 697.580.093.440 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 698.035.671.040 Bytes frei
.
- - End Of File - - 01E217FAD4EB245464C672934A1E4A7C
|
|
15.07.2014, 19:13
| #8 |
| /// the machine /// TB-Ausbilder | Pricechopper Chrome erweiterung entfernen! Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.07.2014, 21:55
| #9 |
| | Pricechopper Chrome erweiterung entfernen! Hi, hier die Logfiles. MBAM Log Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 15.07.2014 Suchlauf-Zeit: 21:34:25 Logdatei: MBAM.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.15.12 Rootkit Datenbank: v2014.07.14.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: HRMN Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 379558 Verstrichene Zeit: 12 Min, 18 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 15/07/2014 um 22:32:50
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : HRMN - HRMN-PC
# Gestartet von : C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v
-\\ Google Chrome v
[ Datei : C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9973 octets] - [26/08/2013 21:18:14]
AdwCleaner[R1].txt - [11531 octets] - [02/07/2014 20:56:51]
AdwCleaner[R2].txt - [1908 octets] - [12/07/2014 17:40:15]
AdwCleaner[R3].txt - [1179 octets] - [12/07/2014 19:06:43]
AdwCleaner[R4].txt - [1295 octets] - [12/07/2014 19:30:27]
AdwCleaner[R5].txt - [1415 octets] - [15/07/2014 22:29:50]
AdwCleaner[S0].txt - [9711 octets] - [26/08/2013 21:18:43]
AdwCleaner[S1].txt - [10792 octets] - [02/07/2014 20:57:46]
AdwCleaner[S2].txt - [1902 octets] - [12/07/2014 17:42:04]
AdwCleaner[S3].txt - [1241 octets] - [12/07/2014 19:07:56]
AdwCleaner[S4].txt - [1357 octets] - [12/07/2014 19:31:19]
AdwCleaner[S5].txt - [1337 octets] - [15/07/2014 22:32:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1397 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by HRMN on 15.07.2014 at 22:37:34,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2014 at 22:48:06,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by HRMN (administrator) on HRMN-PC on 15-07-2014 22:52:15
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\HRMN\Downloads\Core Temp.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [179272 2012-04-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [icq] => C:\Users\HRMN\AppData\Roaming\ICQM\icq.exe [34848264 2014-07-02] (ICQ)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-14]
CHR Extension: (Google Drive) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (YouTube) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Adblock Plus) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-14]
CHR Extension: (Google-Suche) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (avast! Ad Blocker) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-26]
CHR Extension: (avast! Online Security) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-14]
CHR Extension: (Google Wallet) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Google Mail) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-25] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo64.sys [30720 2010-08-01] (Windows (R) Codename Longhorn DDK provider)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 ALSysIO; \??\C:\Users\HRMN\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-15 22:48 - 2014-07-15 22:48 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-15 22:32 - 2014-07-15 22:50 - 00003392 _____ () C:\Users\HRMN\Desktop\Virenboard.txt
2014-07-15 22:28 - 2014-07-15 22:28 - 00001158 _____ () C:\MBAM.txt
2014-07-14 19:48 - 2014-07-14 19:48 - 00050223 _____ () C:\ComboFix.txt
2014-07-14 19:28 - 2014-07-14 19:49 - 00000000 ____D () C:\Qoobox
2014-07-14 19:28 - 2014-07-14 19:49 - 00000000 ____D () C:\ComboFix
2014-07-14 19:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-14 19:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-14 19:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-14 19:27 - 2014-07-14 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 00:15 - 2014-07-14 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\HRMN\Downloads\tdsskiller.exe
2014-07-12 21:20 - 2014-07-12 21:21 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 19:20 - 2014-07-12 19:21 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:19 - 2014-07-14 19:27 - 05219590 ____R (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 19:03 - 2014-07-12 19:05 - 00464381 ____N () C:\Users\HRMN\Downloads\SpyHunterKiller.exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:50 - 2014-07-12 18:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2014-06-13 04:11 - 06783960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 03523360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 01083736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00933208 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-12 17:34 - 2014-06-13 04:11 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-12 17:34 - 2014-06-06 19:40 - 03802247 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-12 17:33 - 2014-06-13 04:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-12 17:33 - 2014-06-13 04:48 - 00062920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-12 17:20 - 2014-06-13 04:48 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 18625768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 14497528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-12 17:20 - 2014-06-13 04:47 - 00033736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-07-12 17:20 - 2014-06-13 04:46 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 02814120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-12 17:20 - 2014-06-13 04:45 - 03196304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-12 17:04 - 2014-07-12 17:49 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:03 - 2014-07-14 19:41 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-12 17:03 - 2014-07-12 17:48 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-12 14:59 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-12 14:59 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-12 14:59 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-12 14:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-12 14:59 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-12 14:59 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-12 14:59 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-12 14:59 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-12 14:59 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-12 14:59 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-12 14:59 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-12 14:59 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-12 14:59 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-12 14:59 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-12 14:59 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-12 14:59 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-12 14:59 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-12 14:59 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-12 14:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-12 14:59 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-12 14:59 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-12 14:59 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-12 14:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-12 14:59 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-12 14:59 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-12 14:59 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-12 14:59 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-12 14:59 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-12 14:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-12 14:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-12 14:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-12 14:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-12 14:59 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-12 14:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-12 14:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-12 14:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-12 14:59 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-12 14:59 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-12 14:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-12 14:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-12 14:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-12 14:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-12 14:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-12 14:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-12 14:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-12 14:59 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-12 14:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-12 14:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-12 14:59 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-12 14:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-12 14:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-12 14:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-12 14:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-12 14:59 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-12 14:59 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-12 14:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-12 14:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-12 14:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-12 14:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-12 14:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-12 14:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-12 14:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-12 14:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-12 14:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-12 14:58 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-12 14:58 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-12 14:58 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 22:07 - 2014-07-02 23:14 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:37 - 2014-07-02 21:45 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:34 - 2014-07-02 21:36 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:33 - 2014-07-15 22:52 - 00000000 ____D () C:\FRST
2014-07-02 21:33 - 2014-07-02 21:36 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-15 21:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 21:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 21:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-15 22:34 - 00003864 _____ () C:\Windows\setupact.log
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:58 - 2014-07-15 22:33 - 00005426 _____ () C:\Windows\PFRO.log
2014-07-02 20:58 - 2014-07-14 00:31 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-02 20:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 20:54 - 2014-07-15 22:52 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 18:21 - 2014-07-02 18:23 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 19:55 - 2014-06-27 19:38 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-15 19:46 - 2014-06-15 19:46 - 00013870 _____ () C:\Users\HRMN\Documents\Kündigung_Rikarda.odt
==================== One Month Modified Files and Folders =======
2014-07-15 22:52 - 2014-07-02 21:33 - 00000000 ____D () C:\FRST
2014-07-15 22:52 - 2014-07-02 20:54 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-15 22:50 - 2014-07-15 22:32 - 00003392 _____ () C:\Users\HRMN\Desktop\Virenboard.txt
2014-07-15 22:48 - 2014-07-15 22:48 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-15 22:43 - 2012-09-23 10:57 - 01570867 _____ () C:\Windows\WindowsUpdate.log
2014-07-15 22:41 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-15 22:41 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-15 22:35 - 2012-06-07 19:39 - 00000000 ____D () C:\ProgramData\clear.fi
2014-07-15 22:35 - 2012-06-07 11:40 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Adobe
2014-07-15 22:34 - 2014-07-02 20:59 - 00003864 _____ () C:\Windows\setupact.log
2014-07-15 22:33 - 2014-07-02 20:58 - 00005426 _____ () C:\Windows\PFRO.log
2014-07-15 22:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-15 22:32 - 2013-08-26 21:17 - 00000000 ____D () C:\AdwCleaner
2014-07-15 22:28 - 2014-07-15 22:28 - 00001158 _____ () C:\MBAM.txt
2014-07-15 22:06 - 2014-06-12 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-15 21:34 - 2014-07-02 21:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 21:19 - 2013-07-27 15:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-14 20:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-14 19:49 - 2014-07-14 19:28 - 00000000 ____D () C:\Qoobox
2014-07-14 19:49 - 2014-07-14 19:28 - 00000000 ____D () C:\ComboFix
2014-07-14 19:49 - 2013-02-18 22:43 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Apps\2.0
2014-07-14 19:49 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-14 19:48 - 2014-07-14 19:48 - 00050223 _____ () C:\ComboFix.txt
2014-07-14 19:47 - 2014-07-14 19:27 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 19:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-14 19:41 - 2014-07-12 17:03 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-14 19:27 - 2014-07-12 19:19 - 05219590 ____R (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-14 01:30 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\vlc
2014-07-14 00:31 - 2014-07-02 20:58 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 00:29 - 2014-05-10 14:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-14 00:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-14 00:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-14 00:28 - 2012-09-24 17:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-14 00:26 - 2013-09-19 06:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-14 00:23 - 2012-06-08 00:20 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-14 00:15 - 2014-07-14 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\HRMN\Downloads\tdsskiller.exe
2014-07-12 21:21 - 2014-07-12 21:20 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:41 - 2012-06-07 01:25 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\.minecraft
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 20:23 - 2012-12-07 18:10 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Skype
2014-07-12 19:21 - 2014-07-12 19:20 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 19:05 - 2014-07-12 19:03 - 00464381 ____N () C:\Users\HRMN\Downloads\SpyHunterKiller.exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:52 - 2014-07-12 18:50 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 18:15 - 2011-12-03 12:08 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-07-12 18:15 - 2011-12-03 12:08 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-07-12 18:15 - 2009-07-14 07:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 18:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-12 18:03 - 2012-08-22 20:27 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\foobar2000
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:49 - 2014-07-12 17:04 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:48 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-12 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 17:03 - 2012-06-06 20:13 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Google
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-12 16:02 - 2012-12-07 20:10 - 00000000 ____D () C:\Users\HRMN\Desktop\Mincraft sachen
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-08 18:23 - 2014-05-23 22:01 - 00000000 ____D () C:\Program Files (x86)\CABAL Online (NA - Global)
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 16:42 - 2013-09-08 21:58 - 00118872 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:19 - 2011-10-14 05:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-05 21:10 - 2013-07-27 15:20 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-03 23:06 - 2013-09-02 20:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-03 00:33 - 2013-07-26 21:21 - 00000000 ____D () C:\Users\HRMN\Desktop\X-GamingdotWS
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 23:14 - 2014-07-02 22:07 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:45 - 2014-07-02 21:37 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:36 - 2014-07-02 21:34 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:36 - 2014-07-02 21:33 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:59 - 2012-09-24 17:34 - 00118872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-07-02 20:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Dev-Cpp
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Dev-Cpp
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 20:31 - 2012-06-07 10:23 - 00001164 _____ () C:\Users\HRMN\Downloads\CoreTemp.ini
2014-07-02 18:23 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-30 18:49 - 2014-04-29 22:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-30 18:49 - 2011-10-14 05:30 - 00000000 ____D () C:\ProgramData\Skype
2014-06-30 04:09 - 2014-07-12 14:59 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-12 14:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 19:38 - 2014-06-19 19:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 19:38 - 2014-03-15 13:27 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 19:38 - 2013-07-27 15:19 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 19:38 - 2013-07-27 15:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-20 22:14 - 2014-07-12 14:59 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-12 14:59 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 03:39 - 2014-07-12 14:59 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-12 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-12 14:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-12 14:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-12 14:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-12 14:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-12 14:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-12 14:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-12 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-12 14:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-12 14:59 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-12 14:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-12 14:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-12 14:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-12 14:59 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-12 14:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-12 14:59 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-12 14:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-12 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-12 14:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-12 14:59 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-12 14:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-12 14:59 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-12 14:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-12 14:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-12 14:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-12 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-12 14:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-12 14:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-12 14:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-12 14:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-12 14:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-12 14:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-12 14:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-12 14:59 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-12 14:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-12 14:59 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-12 14:59 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-12 14:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-12 14:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-12 14:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-12 14:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-12 14:59 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-12 14:59 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-12 14:59 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-12 14:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-12 14:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-12 14:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-12 14:59 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-12 14:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-12 14:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-12 14:59 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-12 14:59 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-12 14:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-18 04:18 - 2014-07-12 14:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-12 14:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-12 14:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-15 19:46 - 2014-06-15 19:46 - 00013870 _____ () C:\Users\HRMN\Documents\Kündigung_Rikarda.odt
ZeroAccess:
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\@
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\L\00000004.@
Files to move or delete:
====================
C:\Users\HRMN\IP_Log_Data.js
C:\Users\HRMN\Network_Meter_Data.js
Some content of TEMP:
====================
C:\Users\HRMN\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-08 00:19
==================== End Of Log ============================
FRST Addition Log Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by HRMN at 2014-07-15 22:53:05
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cabal Episode 8 (HKLM-x32\...\Cabal Episode 8) (Version: Episode 8 - EliteKingdoms)
CABAL Online (NA - Global) (HKCU\...\CabalOnline(NA - Global)) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.3318.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2921_44380 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.3318.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.9023 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESI Prüfwerte (HKLM-x32\...\ESI Prüfwerte) (Version: - )
ESI[tronic] DEMO_4 (HKLM-x32\...\ESI[tronic] DEMO_4) (Version: - )
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
foobar2000 v1.1.14a (HKLM-x32\...\foobar2000) (Version: 1.1.14a - Peter Pawlowski)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.5979.1 - Ubisoft)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ 8.2 (build 7067) (HKCU\...\ICQ) (Version: 8.2.7067.0 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KTS (x32 Version: 4.0.0 - Robert Bosch GmbH) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version: - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.43 (Version: 340.43 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
06-07-2014 11:18:21 Installiert Renesas Electronics USB 3.0 Host Controller Driver
12-07-2014 15:32:14 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
12-07-2014 16:50:37 Installed SpyHunter
12-07-2014 18:58:09 Revo Uninstaller's restore point - System Requirements Lab for Intel
13-07-2014 22:16:46 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-07-14 19:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {31E97D56-8130-48C0-9252-E8943EDCEBD0} - System32\Tasks\Google Updater and Installer => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {357EDA91-E566-4E47-A04A-1369530D2E51} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {38B0A7AF-CE44-467A-B2A0-059A3FD5AFB5} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2012-09-18] (Acer Incorporated)
Task: {411A750E-0185-46E2-9AAD-58FFA39E8F98} - System32\Tasks\Core Temp Autostart HRMN => C:\Users\HRMN\Downloads\Core Temp.exe [2010-10-03] ()
Task: {4FE97A35-6AAD-41C0-A407-039155AC1DF1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {54E8AD34-E652-4858-87D5-4538AA512F8A} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2012-09-18] (CyberLink)
Task: {6432CD2F-FBA1-494C-8D6C-8AC4BF5AA950} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {6644E828-80F1-46A1-9826-3126274CBF3D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {7954D079-4FAF-40FF-B2D6-FA620B5AF9AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {85A67C6E-1130-4134-94FF-507EB4779A1F} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {888AB199-79A5-4152-9003-8401C61B3F79} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {8DF38EBB-0033-459F-BD5E-7940838156E6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {91AB107B-D3A1-4351-BCF4-E415036664AC} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {9C7AFC46-7146-4DA0-908A-3556157B1A61} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-27] (AVAST Software)
Task: {C40EF80F-886E-48E7-BC45-55DFF42E71CF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {C5C63F6B-E2A3-400E-8A24-99E79FD5DB4E} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {DC2F4D6B-DA61-403D-BAAC-D251129E11D4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2012-09-18] (CyberLink Corp.)
Task: {E0B44B36-1032-43AA-A073-4689C9F69736} - System32\Tasks\AdobeAAMUpdater-1.0-HRMN-PC-HRMN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-07-12 17:34 - 2014-06-13 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-07 10:23 - 2010-10-03 02:14 - 00563728 _____ () C:\Users\HRMN\Downloads\Core Temp.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-10-14 05:57 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-07 02:03 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-06-27 19:37 - 2014-06-27 19:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-15 21:19 - 2014-07-15 21:19 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071501\algo.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-06-07 02:03 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2012-09-18 14:24 - 2012-09-18 14:24 - 00208080 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-06-27 19:37 - 2014-06-27 19:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-24 19:54 - 2014-02-24 19:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-10-14 05:15 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-07-14 19:39:06.626
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-14 19:39:06.548
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-26 22:46:32.155
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-26 22:46:32.153
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 8043.86 MB
Available physical RAM: 5887.57 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13849.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:649.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2F560472)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
16.07.2014, 19:04
| #10 |
| /// the machine /// TB-Ausbilder | Pricechopper Chrome erweiterung entfernen!ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.07.2014, 22:10
| #11 |
| | Pricechopper Chrome erweiterung entfernen! Hi! Nein, keine Probleme soweit es zeigt sich nicht mehr, allerdings scheinen die Programme noch ein paar andere Dinge gefunden zu haben. Vielen, Vielen Dank nochmals! Geändert von HRMN092 (17.07.2014 um 22:11 Uhr) Grund: Anhang nicht hochgeladen |
|
18.07.2014, 18:36
| #12 |
| /// the machine /// TB-Ausbilder | Pricechopper Chrome erweiterung entfernen! Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.07.2014, 12:23
| #13 |
| | Pricechopper Chrome erweiterung entfernen! oh, okay, sorry, wusste ich nciht, die Website bat mich das in ein Archiv zu packen, dann korrigiere ich das mal, sorry. FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by HRMN (administrator) on HRMN-PC on 17-07-2014 20:54:49
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Users\HRMN\Downloads\Core Temp.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [179272 2012-04-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [icq] => C:\Users\HRMN\AppData\Roaming\ICQM\icq.exe [34848264 2014-07-02] (ICQ)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-14]
CHR Extension: (Google Drive) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (YouTube) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Adblock Plus) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-14]
CHR Extension: (Google-Suche) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (avast! Ad Blocker) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-26]
CHR Extension: (avast! Online Security) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-14]
CHR Extension: (Google Wallet) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Google Mail) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-25] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo64.sys [30720 2010-08-01] (Windows (R) Codename Longhorn DDK provider)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 ALSysIO; \??\C:\Users\HRMN\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-15 22:48 - 2014-07-15 22:48 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-15 22:32 - 2014-07-15 22:58 - 00117746 _____ () C:\Users\HRMN\Desktop\Virenboard.txt
2014-07-15 22:28 - 2014-07-15 22:28 - 00001158 _____ () C:\MBAM.txt
2014-07-14 19:48 - 2014-07-14 19:48 - 00050223 _____ () C:\ComboFix.txt
2014-07-14 19:28 - 2014-07-14 19:49 - 00000000 ____D () C:\Qoobox
2014-07-14 19:28 - 2014-07-14 19:49 - 00000000 ____D () C:\ComboFix
2014-07-14 19:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-14 19:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-14 19:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-14 19:27 - 2014-07-14 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 00:15 - 2014-07-14 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\HRMN\Downloads\tdsskiller.exe
2014-07-12 21:20 - 2014-07-12 21:21 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 19:20 - 2014-07-12 19:21 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:19 - 2014-07-14 19:27 - 05219590 ____R (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:50 - 2014-07-12 18:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2014-06-13 04:11 - 06783960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 03523360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 01083736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00933208 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-12 17:34 - 2014-06-13 04:11 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-12 17:34 - 2014-06-06 19:40 - 03802247 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-12 17:33 - 2014-06-13 04:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-12 17:33 - 2014-06-13 04:48 - 00062920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-12 17:20 - 2014-06-13 04:48 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 18625768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 14497528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-12 17:20 - 2014-06-13 04:47 - 00033736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-07-12 17:20 - 2014-06-13 04:46 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 02814120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-12 17:20 - 2014-06-13 04:45 - 03196304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-12 17:04 - 2014-07-12 17:49 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:03 - 2014-07-14 19:41 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-12 17:03 - 2014-07-12 17:48 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-12 14:59 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-12 14:59 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-12 14:59 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-12 14:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-12 14:59 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-12 14:59 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-12 14:59 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-12 14:59 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-12 14:59 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-12 14:59 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-12 14:59 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-12 14:59 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-12 14:59 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-12 14:59 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-12 14:59 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-12 14:59 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-12 14:59 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-12 14:59 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-12 14:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-12 14:59 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-12 14:59 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-12 14:59 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-12 14:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-12 14:59 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-12 14:59 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-12 14:59 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-12 14:59 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-12 14:59 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-12 14:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-12 14:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-12 14:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-12 14:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-12 14:59 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-12 14:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-12 14:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-12 14:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-12 14:59 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-12 14:59 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-12 14:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-12 14:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-12 14:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-12 14:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-12 14:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-12 14:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-12 14:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-12 14:59 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-12 14:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-12 14:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-12 14:59 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-12 14:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-12 14:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-12 14:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-12 14:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-12 14:59 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-12 14:59 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-12 14:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-12 14:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-12 14:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-12 14:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-12 14:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-12 14:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-12 14:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-12 14:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-12 14:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-12 14:58 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-12 14:58 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-12 14:58 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 22:07 - 2014-07-02 23:14 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:37 - 2014-07-02 21:45 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:34 - 2014-07-02 21:36 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:33 - 2014-07-17 20:54 - 00000000 ____D () C:\FRST
2014-07-02 21:33 - 2014-07-02 21:36 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-15 21:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 21:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 21:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-17 17:10 - 00004032 _____ () C:\Windows\setupact.log
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:58 - 2014-07-15 22:33 - 00005426 _____ () C:\Windows\PFRO.log
2014-07-02 20:58 - 2014-07-14 00:31 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-02 20:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 20:54 - 2014-07-17 20:54 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 18:21 - 2014-07-02 18:23 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 19:55 - 2014-06-27 19:38 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
==================== One Month Modified Files and Folders =======
2014-07-17 20:54 - 2014-07-02 21:33 - 00000000 ____D () C:\FRST
2014-07-17 20:54 - 2014-07-02 20:54 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-17 20:12 - 2012-09-23 10:57 - 01616797 _____ () C:\Windows\WindowsUpdate.log
2014-07-17 20:06 - 2014-06-12 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-17 17:18 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-17 17:18 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-17 17:11 - 2012-06-07 19:39 - 00000000 ____D () C:\ProgramData\clear.fi
2014-07-17 17:10 - 2014-07-02 20:59 - 00004032 _____ () C:\Windows\setupact.log
2014-07-17 17:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-17 03:00 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-17 02:00 - 2012-06-07 11:40 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Adobe
2014-07-15 22:58 - 2014-07-15 22:32 - 00117746 _____ () C:\Users\HRMN\Desktop\Virenboard.txt
2014-07-15 22:48 - 2014-07-15 22:48 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-15 22:33 - 2014-07-02 20:58 - 00005426 _____ () C:\Windows\PFRO.log
2014-07-15 22:32 - 2013-08-26 21:17 - 00000000 ____D () C:\AdwCleaner
2014-07-15 22:28 - 2014-07-15 22:28 - 00001158 _____ () C:\MBAM.txt
2014-07-15 21:34 - 2014-07-02 21:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 21:19 - 2013-07-27 15:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-14 20:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-14 19:49 - 2014-07-14 19:28 - 00000000 ____D () C:\Qoobox
2014-07-14 19:49 - 2014-07-14 19:28 - 00000000 ____D () C:\ComboFix
2014-07-14 19:49 - 2013-02-18 22:43 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Apps\2.0
2014-07-14 19:49 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-14 19:48 - 2014-07-14 19:48 - 00050223 _____ () C:\ComboFix.txt
2014-07-14 19:47 - 2014-07-14 19:27 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 19:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-14 19:41 - 2014-07-12 17:03 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-14 19:27 - 2014-07-12 19:19 - 05219590 ____R (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-14 01:30 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\vlc
2014-07-14 00:31 - 2014-07-02 20:58 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 00:29 - 2014-05-10 14:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-14 00:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-14 00:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-14 00:28 - 2012-09-24 17:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-14 00:26 - 2013-09-19 06:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-14 00:23 - 2012-06-08 00:20 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-14 00:15 - 2014-07-14 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\HRMN\Downloads\tdsskiller.exe
2014-07-12 21:21 - 2014-07-12 21:20 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:41 - 2012-06-07 01:25 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\.minecraft
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 20:23 - 2012-12-07 18:10 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Skype
2014-07-12 19:21 - 2014-07-12 19:20 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:52 - 2014-07-12 18:50 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 18:15 - 2011-12-03 12:08 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-07-12 18:15 - 2011-12-03 12:08 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-07-12 18:15 - 2009-07-14 07:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 18:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-12 18:03 - 2012-08-22 20:27 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\foobar2000
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:49 - 2014-07-12 17:04 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:48 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-12 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 17:03 - 2012-06-06 20:13 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Google
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-12 16:02 - 2012-12-07 20:10 - 00000000 ____D () C:\Users\HRMN\Desktop\Mincraft sachen
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-08 18:23 - 2014-05-23 22:01 - 00000000 ____D () C:\Program Files (x86)\CABAL Online (NA - Global)
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 16:42 - 2013-09-08 21:58 - 00118872 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:19 - 2011-10-14 05:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-05 21:10 - 2013-07-27 15:20 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-03 23:06 - 2013-09-02 20:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-03 00:33 - 2013-07-26 21:21 - 00000000 ____D () C:\Users\HRMN\Desktop\X-GamingdotWS
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 23:14 - 2014-07-02 22:07 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:45 - 2014-07-02 21:37 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:36 - 2014-07-02 21:34 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:36 - 2014-07-02 21:33 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:59 - 2012-09-24 17:34 - 00118872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-07-02 20:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Dev-Cpp
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Dev-Cpp
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 20:31 - 2012-06-07 10:23 - 00001164 _____ () C:\Users\HRMN\Downloads\CoreTemp.ini
2014-07-02 18:23 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-30 18:49 - 2014-04-29 22:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-30 18:49 - 2011-10-14 05:30 - 00000000 ____D () C:\ProgramData\Skype
2014-06-30 04:09 - 2014-07-12 14:59 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-12 14:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 19:38 - 2014-06-19 19:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 19:38 - 2014-03-15 13:27 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 19:38 - 2013-07-27 15:19 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 19:38 - 2013-07-27 15:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-20 22:14 - 2014-07-12 14:59 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-12 14:59 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 03:39 - 2014-07-12 14:59 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-12 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-12 14:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-12 14:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-12 14:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-12 14:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-12 14:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-12 14:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-12 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-12 14:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-12 14:59 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-12 14:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-12 14:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-12 14:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-12 14:59 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-12 14:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-12 14:59 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-12 14:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-12 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-12 14:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-12 14:59 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-12 14:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-12 14:59 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-12 14:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-12 14:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-12 14:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-12 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-12 14:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-12 14:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-12 14:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-12 14:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-12 14:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-12 14:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-12 14:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-12 14:59 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-12 14:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-12 14:59 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-12 14:59 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-12 14:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-12 14:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-12 14:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-12 14:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-12 14:59 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-12 14:59 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-12 14:59 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-12 14:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-12 14:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-12 14:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-12 14:59 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-12 14:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-12 14:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-12 14:59 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-12 14:59 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-12 14:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-18 04:18 - 2014-07-12 14:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-12 14:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-12 14:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
ZeroAccess:
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\@
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\L\00000004.@
Files to move or delete:
====================
C:\Users\HRMN\IP_Log_Data.js
C:\Users\HRMN\Network_Meter_Data.js
Some content of TEMP:
====================
C:\Users\HRMN\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-08 00:19
==================== End Of Log ============================
|
|
21.07.2014, 12:24
| #14 |
| | Pricechopper Chrome erweiterung entfernen! Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by HRMN at 2014-07-17 20:55:14
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cabal Episode 8 (HKLM-x32\...\Cabal Episode 8) (Version: Episode 8 - EliteKingdoms)
CABAL Online (NA - Global) (HKCU\...\CabalOnline(NA - Global)) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.3318.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2921_44380 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.3318.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.9023 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESI Prüfwerte (HKLM-x32\...\ESI Prüfwerte) (Version: - )
ESI[tronic] DEMO_4 (HKLM-x32\...\ESI[tronic] DEMO_4) (Version: - )
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
foobar2000 v1.1.14a (HKLM-x32\...\foobar2000) (Version: 1.1.14a - Peter Pawlowski)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.5979.1 - Ubisoft)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ 8.2 (build 7067) (HKCU\...\ICQ) (Version: 8.2.7067.0 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KTS (x32 Version: 4.0.0 - Robert Bosch GmbH) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version: - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.43 (Version: 340.43 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
12-07-2014 15:32:14 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
12-07-2014 16:50:37 Installed SpyHunter
12-07-2014 18:58:09 Revo Uninstaller's restore point - System Requirements Lab for Intel
13-07-2014 22:16:46 Windows Update
17-07-2014 01:00:12 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-07-14 19:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {31E97D56-8130-48C0-9252-E8943EDCEBD0} - System32\Tasks\Google Updater and Installer => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {357EDA91-E566-4E47-A04A-1369530D2E51} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {38B0A7AF-CE44-467A-B2A0-059A3FD5AFB5} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2012-09-18] (Acer Incorporated)
Task: {411A750E-0185-46E2-9AAD-58FFA39E8F98} - System32\Tasks\Core Temp Autostart HRMN => C:\Users\HRMN\Downloads\Core Temp.exe [2010-10-03] ()
Task: {4FE97A35-6AAD-41C0-A407-039155AC1DF1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {54E8AD34-E652-4858-87D5-4538AA512F8A} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2012-09-18] (CyberLink)
Task: {6432CD2F-FBA1-494C-8D6C-8AC4BF5AA950} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {6644E828-80F1-46A1-9826-3126274CBF3D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {7954D079-4FAF-40FF-B2D6-FA620B5AF9AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {85A67C6E-1130-4134-94FF-507EB4779A1F} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {888AB199-79A5-4152-9003-8401C61B3F79} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {8DF38EBB-0033-459F-BD5E-7940838156E6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {91AB107B-D3A1-4351-BCF4-E415036664AC} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {9C7AFC46-7146-4DA0-908A-3556157B1A61} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-27] (AVAST Software)
Task: {C40EF80F-886E-48E7-BC45-55DFF42E71CF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {C5C63F6B-E2A3-400E-8A24-99E79FD5DB4E} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {DC2F4D6B-DA61-403D-BAAC-D251129E11D4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2012-09-18] (CyberLink Corp.)
Task: {E0B44B36-1032-43AA-A073-4689C9F69736} - System32\Tasks\AdobeAAMUpdater-1.0-HRMN-PC-HRMN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-07-12 17:34 - 2014-06-13 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-06-07 10:23 - 2010-10-03 02:14 - 00563728 _____ () C:\Users\HRMN\Downloads\Core Temp.exe
2011-10-14 05:57 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-07 02:03 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-06-27 19:37 - 2014-06-27 19:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-17 17:11 - 2014-07-17 17:11 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071700\algo.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-09-18 14:24 - 2012-09-18 14:24 - 00208080 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-06-07 02:03 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-06-27 19:37 - 2014-06-27 19:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00716616 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00126280 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-02-24 19:54 - 2014-02-24 19:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-10-14 05:15 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/17/2014 08:47:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/17/2014 05:34:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/17/2014 05:34:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/17/2014 05:11:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2014 00:33:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/17/2014 00:33:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/17/2014 00:31:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (07/17/2014 05:10:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (07/17/2014 08:47:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (07/17/2014 05:34:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe
Error: (07/17/2014 05:34:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe
Error: (07/17/2014 05:11:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2014 00:33:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\HRMN\downloads\virus-exterminationsprogramme\esetsmartinstaller_deu.exe
Error: (07/17/2014 00:33:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\HRMN\downloads\virus-exterminationsprogramme\esetsmartinstaller_deu.exe
Error: (07/17/2014 00:31:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
CodeIntegrity Errors:
===================================
Date: 2014-07-14 19:39:06.626
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-14 19:39:06.548
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-27 03:20:48.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-26 22:46:32.155
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-26 22:46:32.153
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 8043.86 MB
Available physical RAM: 4869.45 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 12596.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:651.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2F560472)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=621a3d6d487b5741b5b10fba481a2bf6
# engine=18992
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-02 10:34:31
# local_time=2014-07-03 12:34:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 107837 168760961 0 0
# scanned=401185
# found=6
# cleaned=6
# scan_time=9012
sh=078FB2A3E5DE54C3737A4541242A4725C02C6B9C ft=1 fh=d760d12103e04038 vn="Variante von Win32/Adware.MultiPlug.I Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\ssafEy ssavye\5209f5844775b.dll.vir"
sh=442EF96B3A2E43AC23FB80C430A5E7852116351F ft=1 fh=4840fc8f5e290c6c vn="MSIL/Riskware.HackAV.Q Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\HRMN\Desktop\STICK!\Kaspersky PURE v9.1.0.124 German\Trial Reset GANJiN v1.1d\gjn_ktr2012\ganjin_ktr_2012.exe"
sh=258BA7A3547788C6BB6731363A8FD0D0A37BF20B ft=1 fh=455dd9d4df261fcf vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\HRMN\Desktop\X-GamingdotWS\PL4Y.exe"
sh=C23E6F17270F5CF9C344E0F7C02B532785B79811 ft=1 fh=ed80e38be07da9d3 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\HRMN\Desktop\X-GamingdotWS\PL4Y.m0n"
sh=4F82FF5A006C25121922BF8ECCD87C3C1AF2208D ft=1 fh=ed0a46d23ae0e80c vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\HRMN\Desktop\X-GamingdotWS\x.dll"
sh=46C1319EE38510C365A4226621DE30BDF7E462FF ft=1 fh=662930a683ab766b vn="Win64/Conedex.C Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\U\00000004.@"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=621a3d6d487b5741b5b10fba481a2bf6
# engine=19145
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-12 04:54:35
# local_time=2014-07-12 06:54:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 951441 169604565 0 0
# scanned=22834
# found=1
# cleaned=0
# scan_time=689
sh=163130A1B97B720366E5D9D96D8D0D0EF436C28B ft=1 fh=c71c0011ae3f1ea4 vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Adblocker\ym.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=621a3d6d487b5741b5b10fba481a2bf6
# engine=19223
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-17 06:44:48
# local_time=2014-07-17 08:44:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 1390054 170043178 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 51045 157252538 0 0
# scanned=407676
# found=28
# cleaned=0
# scan_time=11343
sh=1165909E97E3802BFD5D5D21CB39776BBAF522D7 ft=1 fh=23c3fd0ad8d4dd85 vn="Variante von Win32/Toolbar.CrossRider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bg.exe.vir"
sh=FFC6B3D896A7502563A31C298394B539691209A9 ft=1 fh=c71c001146429c75 vn="Variante von Win32/Toolbar.CrossRider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho.dll.vir"
sh=46DE4270FA3776179CAB6A586778A247276129A6 ft=1 fh=c71c00116f2f2486 vn="möglicherweise Variante von Win32/Toolbar.CrossRider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil.dll.vir"
sh=6AB94DEF9D392431283906E7EFBF0C205821FD05 ft=1 fh=92af9ac40a407d38 vn="Variante von Win32/Toolbar.CrossRider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil.exe.vir"
sh=E4EFF7EAAEC20B41B6B4B091FA3B8FDB2672B68F ft=1 fh=711bf31f462ed090 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil64.dll.vir"
sh=30DC51631B7E52C00B4FAD42051F893D7D863154 ft=1 fh=92af9ac428b3513d vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil64.exe.vir"
sh=87E1B4153D7D8157615852B550191526BFCD976A ft=1 fh=9ba1eca12ec55543 vn="Variante von Win32/Toolbar.CrossRider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-helper.exe.vir"
sh=C761F63FE114F471F50BEA4DEB2B03C464DCEC82 ft=1 fh=37598171c3800b46 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\HDvidCodecIE.exe.vir"
sh=98DFDE80F704942E1F411022727EADCD0291AB5E ft=1 fh=85c205627a968519 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\hdvidextsetup.exe.vir"
sh=163130A1B97B720366E5D9D96D8D0D0EF436C28B ft=1 fh=c71c0011ae3f1ea4 vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Adblocker\ym.exe.vir"
sh=246DDBC3A2C223A6B9072637D93DC2A2832D097A ft=1 fh=c71c0011b04f613a vn="Win32/Toolbar.Babylon.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir"
sh=E7CF4AEAAD0373AD0C421F7767F428D78D826DD7 ft=1 fh=37eb20297dc7762d vn="Variante von Win32/ELEX.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\eSafe\eGdpSvc.exe.vir"
sh=520841CD210A4F3628D2624707A258D32E7FC663 ft=1 fh=4aebe0be2acebedd vn="Variante von Win32/ELEX.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HRMN\AppData\Local\Temp\eIntaller\B722329818DE4ce4B410BAD1FD885884\eXQ.exe.vir"
sh=73FFB342D4EA5BF56D263C86D6851ADCD20AE77F ft=1 fh=f634f44630457a34 vn="Variante von Win32/ELEX.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HRMN\AppData\Roaming\eIntaller\68CD2297FD9F49ac94C189F889E1BC4F\Desk365.exe.vir"
sh=E57A50583700651988E3659C5C608B191FFE1DBE ft=1 fh=9fe93a3180c81fb0 vn="Win32/ELEX.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HRMN\AppData\Roaming\eIntaller\68CD2297FD9F49ac94C189F889E1BC4F\eGdpSvc.exe.vir"
sh=D92C57559952B5609CFD4AE448FCC4F8C5FBBAD0 ft=1 fh=918726450a13feff vn="Win32/ELEX.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HRMN\AppData\Roaming\eIntaller\68CD2297FD9F49ac94C189F889E1BC4F\eXQ.exe.vir"
sh=B41AE3CA2FB72C4323C736543BF63F68A13C9E5C ft=1 fh=8cb1d5bd107b133f vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9EF3HL32\4O8PIT[1].exe"
sh=6D04D56668E67E0D634A6914E54F503EC43CAC8D ft=1 fh=c71c001194990d1f vn="Variante von Win32/SProtector.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9EF3HL32\tpq[1].exe"
sh=3DBE664E687503FA414D9B7279EBE41E17ADA6FD ft=1 fh=daaff12f6dab16a0 vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD74DZ4B\8z6nR3o[1].exe"
sh=120D0FDBD721218B51359D5B274DDA35E9FDE586 ft=1 fh=bc12d8266613e48e vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD74DZ4B\F[1].exe"
sh=4A32B8AF84269D6CCE38DC0C8E6A7F8B92809DC2 ft=1 fh=02473355ee4d68cf vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD74DZ4B\V2r[1].exe"
sh=30A5824011FDAA63197B43C04990A1A191724D68 ft=1 fh=64b15240f1925fc5 vn="Win32/ReflexiveArcade evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Desktop\Farm Frenzy 2\farm2.exe.bak"
sh=794E65F4E93CF65E121D46364B6AA923F5FA1057 ft=1 fh=e962592decd1da35 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Desktop\Spiele\Farm Frenzy 3 v0.5.0.0\FarmFrenzy3_1660_Softgozar.com.exe"
sh=AA4243E6FD099E7F92B340D67B14E1439E9B739C ft=0 fh=0000000000000000 vn="MSIL/Riskware.HackAV.Q Anwendung" ac=I fn="C:\Users\HRMN\Desktop\STICK!\Kaspersky PURE v9.1.0.124 German\Trial Reset GANJiN v1.1d\gjn_ktr2012.zip"
sh=709D0B68EBAA79E2909ADA8D39B7A0005BA4313D ft=1 fh=e602743e8780b8c5 vn="Win32/DownWare.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Downloads\Logon_Screen_2.56.exe"
sh=97B0D5599B4C06C2E3A98C005E3E24B623EBEB47 ft=1 fh=9401e01afa918ebf vn="Win32/TopMedia.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Downloads\Microsoft_Office_2010_Activator_-_Any_version_[VerifiedFiles]_secure.exe"
sh=C0AE99EEC2B64733ACBB98E4DE59BB359B37C715 ft=1 fh=d1f975ec0e2cbc12 vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Downloads\NetworkMeterVersion96.exe"
sh=7E6D046F3B65C17A1B1D9DBB4223EA1C7DCC926D ft=1 fh=8ab56661bf1cd324 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Downloads\Windows 7 Die 50 besten Gadgets - CHIP-Downloader.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.83
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities Language Pack (de-DE)
JavaFX 2.1.1
Java 7 Update 60
Java version out of Date!
Adobe Flash Player 14.0.0.125
Adobe Reader 10.1.7 Adobe Reader out of Date!
Google Chrome 35.0.1916.114
Google Chrome 35.0.1916.153
````````Process Check: objlist.exe by Laurent````````
Symantec Norton Online Backup NOBuAgent.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
21.07.2014, 14:03
| #15 |
| /// the machine /// TB-Ausbilder | Pricechopper Chrome erweiterung entfernen! Java und Adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ZeroAccess:
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\@
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\L\00000004.@
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
